Author Topic: Avast keeps blocking malicious websites  (Read 12648 times)

0 Members and 1 Guest are viewing this topic.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #15 on: December 07, 2012, 07:45:27 PM »
PEV is a part of combofix

Does chrome behave itself in incognito mode

I have a feeling that one of the images in that project is infected, Avast does not recognise the file but it is preventing it from calling home

Could you try a different project in windows movie maker to see if that prompts the same alerts

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #16 on: December 07, 2012, 09:51:48 PM »
Thus far I haven't gotten any more notices with other projects.  Strange thing is that even the original project doesn't seem to be causing any problems anymore either.  It seems that every day it tries a few times (I think it totalled like six tries in about an hour), then it seems to give up for a while.  Could be the pictures.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #17 on: December 07, 2012, 10:14:50 PM »
Aye if just one of the images is infected then it would be the devils own job to track down which one

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #18 on: December 08, 2012, 12:00:22 AM »
I'm still concerned--aswMBR did pick up on a rootkit.  What can I do to get rid of that?  I'm pretty naive with this sort of thing, but in my limited knowledge those things scare me more than anything.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #19 on: December 08, 2012, 12:23:01 AM »
If it picked up PEV then when we remove combofix that will disappear

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #20 on: December 08, 2012, 12:49:38 AM »
Oh, sorry.  Didn't catch that.  Thanks for all the help and for clearing that up.  I'd hate to start my project from the beginning, but I guess that's what I'll have to do.  Thanks again.

iroc9555

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #21 on: December 08, 2012, 01:08:41 AM »
darth_ender.

If everything is working right, no more alerts and comp behaving well, you have to wait for essexboy tomorrow for instructions to uninstall his tools. He is located in the UK and it must be very late there.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #22 on: December 08, 2012, 12:52:51 PM »
How is the computer behaving now ?

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #23 on: December 09, 2012, 04:16:46 AM »
Sorry.  Been away from the computer all day.  Still the same sort of thing.  Just as I sat to type this, Avast blocked a malicious URL.  This time the supposedly guilty program was MalwareBytes.  I did have Windows Live Movie Maker open and on that project at the time.  Don't know what to do about it besides starting over.  Actually, I'm thinking I may just hurry and finish that project and make a movie out of it, then delete all the source pictures.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #24 on: December 09, 2012, 04:50:35 PM »
I feel that the movie maker is the culprit, but to confirm that

Download the latest version of TDSSKiller from here and save it to your Desktop.
 
 
  • Doubleclick on TDSSKiller.exe to run the application


  • Then click on Change parameters.
     

     
  • Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
     
  • Click the Start Scan button.
     
     
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
     

     
  • If malicious objects are found, they will show in the Scan results and offer three (3) options.
  • Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

  • Get the report by selecting Reports

 
  • Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #25 on: December 10, 2012, 06:33:59 PM »
Tried TDSSKiller again and no luck.  Ran a HitmanPro scan again, and found 4 malware: MMDriver.exe and 3 related to ATI.  The program recommended deletion, which I did (maybe I should have waited to talk to you first).  I'm confused that one scan will turn up nothing, then a few days later will show malware again.  I have active protection on.  The MMDriver.exe one seems to redirect to malicious websites according to this website:

http://maxoptimizer.com/exeerrors-database/mmloaddrv-exe-info-exeanalysis.html

Not sure where I'm getting all this malware and why it keeps getting through my firewall and antivirus.

darth_ender

  • Guest
Re: Avast keeps blocking malicious websites
« Reply #26 on: December 10, 2012, 07:05:11 PM »
I forgot to mention--Avast blocked a site with RealPlayer supposedly being the evil program.  The thing is that Movie Maker was not open.  I ran my Hitman scan after this.  So if Movie Maker is the problem, it's not alone.  However, since my last scan I haven't seen anything, so maybe that's taken care of it.  Nevertheless, I'll still keep you posted.  Sorry not to post much over the weekend.  I mostly use that computer at work or school, and I was hardly at either over the weekend.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Avast keeps blocking malicious websites
« Reply #27 on: December 10, 2012, 07:15:09 PM »
MMDriver.exe is a part of the catalyst control panel, all I can think of here is that you downloaded an infected copy of the drivers ..  It is a legitimate file, but mayhap it was subtly altered