Author Topic: URL:MAL  (Read 3570 times)

0 Members and 1 Guest are viewing this topic.

duttyjisan

  • Guest
URL:MAL
« on: January 21, 2013, 12:27:18 PM »
Hi Avast keeps telling me it's blocked access to a site hxxp://trololololololololololo.com/ the infection is URL:MAL and the process C:\Users\DELL\Downloads\Vuze_4812_Installer.exe although before the message was C:\Program files\Vuze.exe until I uninstalled vuze and reinstalled it.

Other than the pop messages every few minutes it doesn't seem to be affecting my computer however the notifications are very annoying and I want to get rid of any possible infection so can anyone pls help me out.

I've done a scan with Malwarebytes full and quick and still no luck
« Last Edit: January 21, 2013, 07:20:17 PM by duttyjisan »

Offline Asyn

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 76037
    • >>>  Avast Forum - Deutschsprachiger Bereich  <<<
Re: URL:MAL
« Reply #1 on: January 21, 2013, 12:28:46 PM »
Please attach your logs. (AdwCleaner, MBAM, OTL and aswMBR..!!)
Instructions: http://forum.avast.com/index.php?topic=53253.0
W8.1 [x64] - Avast Free AV 23.3.8047.BC [UI.757] - Firefox ESR 102.9 [NS/uBO/PB] - Thunderbird 102.9.1
Avast-Tools: Secure Browser 109.0 - Cleanup 23.1 - SecureLine 5.18 - DriverUpdater 23.1 - CCleaner 6.01
Avast Wissenswertes (Downloads, Anleitungen & Infos): https://forum.avast.com/index.php?topic=60523.0

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: URL:MAL
« Reply #2 on: January 21, 2013, 01:05:03 PM »
@ duttyjisan
Please 'modify' your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.

Since Vuze is a P2P application there is a possibility that one or more of the seeding locations is considered malicious. So I would suggest that you clear all seeding locations.

Excuse me if this isn't the correct wording as I don't use P2P.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

duttyjisan

  • Guest
Re: URL:MAL
« Reply #3 on: January 21, 2013, 07:47:02 PM »
Sorry for my late reply guys, it's been a busy and hectic day...

@Asyn Thanks for your response, I'll have all the results posted in a bit thanks :)

@DavidR sorry my bad I've made the change, however I don't know how to go about clearing the seeding locations in vuze, I've searched around but haven't uncovered anything yet.




duttyjisan

  • Guest
Re: URL:MAL
« Reply #4 on: January 21, 2013, 08:48:20 PM »
Hi Asyn,

I've managed to complete the tests and I've attached the required results, please find below the results of the Malwarebytes log

Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.21.07

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
DELL :: DELL-PC [administrator]

21/01/2013 18:34:25
mbam-log-2013-01-21 (18-34-25).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 255438
Time elapsed: 13 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Windows\KMSEmulator.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully.

(end)

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88897
  • No support PMs thanks
Re: URL:MAL
« Reply #5 on: January 21, 2013, 08:59:33 PM »
<snip>
@DavidR sorry my bad I've made the change, however I don't know how to go about clearing the seeding locations in vuze, I've searched around but haven't uncovered anything yet.

I don't know how to do it either but a search using your wording "clearing the seeding locations in vuze" without the gouts returns many hits, hopefully that will point you in the right direction, http://uk.search.yahoo.com/search?p=clearing+the+seeding+locations+in+vuze.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security