Author Topic: finding and deleting a threat blocked script  (Read 1491 times)

0 Members and 1 Guest are viewing this topic.

Offline pequotjohn

  • Newbie
  • *
  • Posts: 2
finding and deleting a threat blocked script
« on: January 13, 2020, 06:25:21 PM »
I use a Mac product called MovieSherlock to download videos from the web. Every time I used it I get the  "Threat Secured" message from Avast saying it blocked the threat from

HTML:Script-Inf[Susp] on hxxp://feeds.feedburner.com/House_of_tutorialsbyJasonWelsh

Years ago I had a couple of podcast tutorials authored by Jason Welsh on this Mac, but they were deleted sometime ago. I've not gone to this website ever unless it was back then.

See attached screenshot for full alert image. Is there some malwarescript buried in my computer that gets activated by Movie Sherlock in some way? How do I find it and get rid of it?
« Last Edit: January 13, 2020, 07:51:42 PM by lukas.hasik »

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 840
  • Product manager of Mac AV and Cleanup
Re: finding and deleting a threat blocked script
« Reply #1 on: January 13, 2020, 07:51:32 PM »
Hi,
I went directly to the URL that you've provided. And I had to edit it to make it "unclickable".
It seems that there is really a malware on the mentioned site. It's linked from another URL that is detected by other engines as well. See https://www.virustotal.com/gui/url/44b78aa7e959e66ab4da1f5fac62d49b0e45af7cb99da2e533a9b1811c28151d/detection

Quality is also a feature.

Offline pequotjohn

  • Newbie
  • *
  • Posts: 2
Re: finding and deleting a threat blocked script
« Reply #2 on: January 13, 2020, 08:57:00 PM »
yes-already know that address is flagged as malware by detection software. BUT--what is sending the computer there and how do I find this code and disable or delete it? It only seems to happen when MovieSherlock is used. Delete this app?

Offline lukas.hasik

  • Avast team
  • Advanced Poster
  • *
  • Posts: 840
  • Product manager of Mac AV and Cleanup
Re: finding and deleting a threat blocked script
« Reply #3 on: January 21, 2020, 01:38:37 PM »
yes-already know that address is flagged as malware by detection software. BUT--what is sending the computer there and how do I find this code and disable or delete it? It only seems to happen when MovieSherlock is used. Delete this app?
unfortunately, no idea :(
It may be somehow linked from the app. Or maybe it's as an URL/link in the app or some records.
Quality is also a feature.