« previous next »
Pages: [1]   Go Down

Author Topic: URL:MAL, connecting with m73lae5cpmgrv38.com in Firefox  (Read 6798 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
URL:MAL, connecting with m73lae5cpmgrv38.com in Firefox
« on: January 09, 2018, 02:39:15 PM »
Like in subject, when I use Firefox I frequently receive alert about URL:MAL trying to connect to website m73lae5cpmgrv38.com. I've had performed scans with Avast and Malwarebytes, but they haven't found anything. Could anyone help me?
I am attaching logs from Malwarebytes and FRST64.
Using Windows 10 64 bit.
Logged

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37561
  • Not a avast user
Re: URL:MAL, connecting with m73lae5cpmgrv38.com in Firefox
« Reply #1 on: January 09, 2018, 03:42:30 PM »
Have you tried to clear browser crap with AdwCleaner?  >>  https://www.malwarebytes.com/adwcleaner/

URL:Mal = Blacklisted URL or IP

Blacklisted  >>  https://www.virustotal.com/#/url/08bdb526adfcbccb86e7d5bf1424fe932ac3b8e92c64aa091a13d0f21382796e/detection

Possible fake Google site, see click screenshot at top right here  >>  http://urlquery.net/report/08d40020-17b1-4028-a344-94e8e5a83127

Malware experts are notified, it may take hours before they are online



« Last Edit: January 09, 2018, 04:37:44 PM by Pondus »
Logged

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33925
  • malware fighter
Re: URL:MAL, connecting with m73lae5cpmgrv38.com in Firefox
« Reply #2 on: January 09, 2018, 11:14:15 PM »
From one search on the Internet we can decide one should not visit this site:
https://urlscan.io/result/9b5e14d3-7ce4-49b0-a26f-b8adccb8046d/#summary   is till rather neutral, while there is Webzilla abuse, and here it is also not that clear: http://phishcheck.me/1706/details

Not flagged here: https://urlquery.net/report/38a243d3-1bcf-4189-91a1-0bf887a5f47a
alas now we get a not found for that domain, but earlier two to flag here: https://www.virustotal.com/#/url/08bdb526adfcbccb86e7d5bf1424fe932ac3b8e92c64aa091a13d0f21382796e/detection

BonzunaInstaller executable could be a PUP.  Website is Amazon related: https://toolbar.netcraft.com/site_report?url=http%3A%2F%2Fm73lae5cpmgrv38.com%2F
Also consider this info: https://server.easycounter.com/81510d7881e35e8.com

polonus (volunteer website security analyst and website error-hunter)
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

REDACTED

  • Guest
Re: URL:MAL, connecting with m73lae5cpmgrv38.com in Firefox
« Reply #3 on: January 20, 2018, 06:19:01 AM »
Thought I'd post a response.

I experienced the same. Tracked it back to a site that I sometimes go to. It had an element linked to m73lae5cpmgrv38.com

I used uMatrix (AdBlocker) to block the element.

Problem solved. No more messages.

I suppose someone with this issue could do the same with uMatrix or a similar app/plugin.
Logged
Pages: [1]   Go Up
« previous next »