Author Topic: URL:Mal - Explorer.exe  (Read 21645 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #15 on: October 24, 2014, 11:30:27 PM »
Also, none of the files changed when the avast! pop-up occurred.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: URL:Mal - Explorer.exe
« Reply #16 on: October 24, 2014, 11:34:09 PM »
So there was no additional entry when the alert occurred, were you using your printer at that time ?

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #17 on: October 24, 2014, 11:44:36 PM »
Correct - no additional entry.

Yes, I was using the printer.

Attached is another screenshot.

One observation: I've noticed that the pop-ups tend to occur more often with Internet Explorer is open, *BUT* they will also occur when Internet Explorer is not open, or even before Internet Explorer has been launched upon a new startup.

Second observation: Whenever I open up Windows Explorer, it lags for a second, and then I get the pop-up.

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #18 on: October 24, 2014, 11:53:19 PM »
Another screenshot attached--it popped up even when Process Explorer was the only thing running under explorer.exe.

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #19 on: October 25, 2014, 03:52:23 AM »
I'm using windows 7 and the avast popup is driving me absolutely insane. I have noticed that in my process list I have 2 explorer.exe running at the same time, one of them shows up at proper place and can access file location....The other doesn't go to file location and also cannot be ended.

I have absolutely no clue on what this bug is but I'm about to try comodo or even blasted Norton to get this thing GONE

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #20 on: October 25, 2014, 04:18:57 AM »
Got it here too - a few warnings about xmlka.com yesterday and now constant pop ups of svadxvbtuc8c.com. MalwareBytes Anti-Malware scan came up clean, Avast! quick scan was clean, now running a deep scan of Avast!

OS is Windows 7 Home Premium.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: URL:Mal - Explorer.exe
« Reply #21 on: October 25, 2014, 12:58:58 PM »
Blake7 could you reboot the computer to safe mode with networking and let me know if the alerts cease when you use a browser

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #22 on: October 25, 2014, 03:51:50 PM »
I have been having this exact same issue for the past 24 hours. For me the alert happens constantly, maybe every 10-15 seconds. It started Friday morning and I tried 3 different restore points going back the past week and am unable to get rid of it. I am currently in the process of backing up some files to wipe my system today. Since the question of printer use was asked previously I do not have a printer connected.

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #23 on: October 25, 2014, 05:10:54 PM »
Same thing here. Started a couple of days ago. Malwarebytes found a few innocuous things the first time, nothing after that. Ran quick scans, deep scan and 2 boot scans. still popping up every minute.
Help us Avast!

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #24 on: October 25, 2014, 05:35:39 PM »
I'm having the same problem, every 30 seconnds, even without launchine IE, svadxvbtuc8c.com appears in my avast poppup. i have two machines running win7, this one is on win7pro. the win7home machine i use for gaming is unaffected both are wire connected to the router.

Its been going on for at least 24 hours. i'm rather shocked that avast doesn't log the file that is sending the url request.

I don't have a restore point so i'm currently backing up essential files to onedrive and prepping for a wipe and reinstallation of win7.

I'd love to hear if someone comes up with a solution to this issue.

malwarebytes and windows defender aren't finding the culprit though both did turn up some possible viruses/spyware which i promptly removed.

Interesting side note, i primarily use opera for browsing. the only things i use IE for are direct links to netflix amazon prime and pbskids. odd that the infection would occur at IE in my opinion.

i've done boot scans through avast as well as deep scans.

I'm afraid to drop my anti-virus to install combofix because if avast is blocking this connection, i'm pretty sure it'll succeed if i take avast down.

« Last Edit: October 25, 2014, 05:37:37 PM by kidfusion3000 »

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: URL:Mal - Explorer.exe
« Reply #25 on: October 25, 2014, 06:09:35 PM »
Could everybody start their own topic please.  At this stage I have not found the trigger however, restoring to a time before the alerts occur will cure it

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #26 on: October 26, 2014, 02:17:52 PM »
The URL svadxvbtuc8c.com was registered on 10/23/14, fwiw. I'd start with a restore to 10/22. However, it sounds like this may be one of several URLs which are being called by the same unknown process. I'm also getting calls to xmlka.com, which was registered in April of this year.

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #27 on: October 27, 2014, 04:53:11 PM »
Essexboy--Sorry for the long delay. I tried launching in safe mode, but avast was disabled and, though the program would launch, I couldn't get it to turn the shield on. The button literally wouldn't "push."

I see a lot of other folks have been posting about the same bug. Have you figured out the trigger?

Thanks.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: URL:Mal - Explorer.exe
« Reply #28 on: October 27, 2014, 04:58:45 PM »
I believe so, could I have a fresh FRST log please 

REDACTED

  • Guest
Re: URL:Mal - Explorer.exe
« Reply #29 on: October 27, 2014, 05:07:15 PM »
Log attached.
« Last Edit: October 29, 2014, 06:39:51 PM by blake7 »