Author Topic: URL Virus .today?  (Read 3439 times)

0 Members and 1 Guest are viewing this topic.

Offline Pholover

  • Jr. Member
  • **
  • Posts: 55
URL Virus .today?
« on: October 04, 2018, 05:42:02 AM »
Hi, as of a few days ago I keep getting this virus pop out, out of nowhere which Avast detects.

*Do not click unless you're a professional*
https://bqcxaguerqx.exdrb.today/?sov=93073471&hid=drpjvdhfdfnhlhl&&cntrl=00000&pid=11895&redid=38265&gsid=68&campaign_id=20&p_id=11895&id=XNSX.ca-r38265-t68&impid=fbf43352-c50c-11e8-bca4-aa1f778d2780

I'm not sure where keeps coming up from, I'm using a Macbook, on OS High Sierra, with both Safari and Chrome both in use. 
It seems to open in Safari.  Any help is much appreciated.  I've also attached the warning screenshot.

Offline ondrej.kolacek

  • Avast team
  • Sr. Member
  • *
  • Posts: 394
Re: URL Virus .today?
« Reply #1 on: October 04, 2018, 02:12:48 PM »
Hello,

that page is indeed infected. The question is what loads it. It can be some other page you have opened. If this happens when browser starts or when you start to type, it may be that browser remembers you have visited it and loads it as a reaction to the part of url you have written. With the latter case, it usually helps if you delete browsing history.

Kind regards,
Ondrej Kolacek

Offline Pholover

  • Jr. Member
  • **
  • Posts: 55
Re: URL Virus .today?
« Reply #2 on: October 05, 2018, 10:27:12 PM »
Hello,

that page is indeed infected. The question is what loads it. It can be some other page you have opened. If this happens when browser starts or when you start to type, it may be that browser remembers you have visited it and loads it as a reaction to the part of url you have written. With the latter case, it usually helps if you delete browsing history.

Kind regards,
Ondrej Kolacek

Thanks for your reply Ondrej.  Yes I'm wondering what is loading it, apparently with that screenshot there is some apple process loading it but that might not be detailed enough.  This thing pops up at random times once a day always on Safari, never on startup or as I type. I use Safari and Chrome at the same time for different purposes.

I've deleted history, cache and anything else I could delete on Safari for now in more detail. 

I'll report back if it happens again. In the meantime if anyone can tell me how to find what process is triggering this, that might help find the root cause?

UPDATE:  Some hours later, something randomly downloads by the name of "partner.dms" I deleted it immediately!  I forgot to mention this happens as well, since yesterday, something randomly downloads into my Downloads folder.  ???
« Last Edit: October 06, 2018, 01:23:31 AM by Pholover »

Offline .: Mac :.

  • Avast Überevangelist
  • Ultra Poster
  • *****
  • Posts: 5093
Re: URL Virus .today?
« Reply #3 on: October 06, 2018, 07:45:46 PM »
One thing to check would be any extensions in Safari and other browsers. Go to the Safari Preferences then click on Extensions. Any that are not in use, remove or disable.

Also it would be a good idea to run a Full scan with Avast, to make sure there is no other adware or downloaders installed
"People who are really serious about software should make their own hardware." - Alan Kay