« previous next »
Pages: [1]   Go Down

Author Topic: URL:Mal YTS  (Read 1208 times)

0 Members and 1 Guest are viewing this topic.

Offline trading

  • Newbie
  • *
  • Posts: 2
URL:Mal YTS
« on: January 10, 2024, 04:31:02 PM »
Hi there,

I keep being alerted that a threat has been secured, and the conenction to wxw.yts.vc have been aborted.
This pop up notification happens various times a day.
I do not try to visit that website.

Threat name: URL:Mal
URL: hxxps://wxw.yts.vc/
Process: C:\ProgramFiles\Google\Chrome\Application\chrome.exe
Detected by: Web Shiled
Status: Connection aborted

Can you help?
Thanks

« Last Edit: January 11, 2024, 11:10:42 AM by trading »
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89116
  • No support PMs thanks
Re: URL:Mal www.yts.vc
« Reply #1 on: January 10, 2024, 05:13:18 PM »
Quote from: trading on January 10, 2024, 04:31:02 PM
Hi there,

I keep being alerted that a threat has been secured, and the conenction to wxw.yts.vc have been aborted.
This pop up notification happens various times a day.
I do not try to visit that website.

Threat name: URL:Mal
URL: hxxps://wxw.yts.vc/
Process: C:\ProgramFiles\Google\Chrome\Application\chrome.exe
Detected by: Web Shiled
Status: Connection aborted

Can you help?
Thanks
<snip image>

Please modify the active/suspect links in your post to avoid accidental exposure, replace https and or www with hxxps or wxw as I have in your quoted text above.

Clear browser cache - Were you intending to visit the site ?
If not start by clearing your browser cache and cookies,including 3rd party cookies and restart your browser.
If that resolves it you should be good to go.
If it doesn't try running your browser with add-ons disabled.

If that resolves it, have you added or updated any add-ons ?
If so try disabling that add-on - and restart and try again.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline trading

  • Newbie
  • *
  • Posts: 2
Re: URL:Mal YTS
« Reply #2 on: January 11, 2024, 12:21:44 PM »
Thanks for the reply.

No, I did not try to visit the website. Might have once many months ago.
I have cleared my the entire browing data (except passwords), rebooted my PC but I keep getting that exact same notifications from Avast.

I am only using 1 browser extension from a well established add-blocker. Anyway, I disabled it and issue keeps happening

I ran a full Avas Virus Scan but nothing was found

I also ran a scan with Malwarebytes but nothing either. Interresingly enough, it did blocked this AM a website due to phising, from Firefox this time.
And again, from a website I have never tried to visit.

So wondering if I don't have some sort of malware installed on my PC trying to reach some websites without my consent

Thank you for your help
Logged

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89116
  • No support PMs thanks
Re: URL:Mal YTS
« Reply #3 on: January 11, 2024, 02:55:47 PM »
I doubt that is a virus as such.
Do you have any common add-ons across your browsers where this is happening ?

Did you follow all of the steps I gave especially about running with add-ons disabled
Quote from: DavidR
If not start by clearing your browser cache and cookies,including 3rd party cookies and restart your browser.
If that resolves it you should be good to go.
If it doesn't try running your browser with add-ons disabled.

Is this to the same URL or different ones.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33913
  • malware fighter
Re: URL:Mal YTS
« Reply #4 on: January 15, 2024, 11:21:58 PM »
Also consider these results: https://quttera.com/detailed_report/www.yts.vc 

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89116
  • No support PMs thanks
Re: URL:Mal YTS
« Reply #5 on: January 15, 2024, 11:37:30 PM »
Quote from: polonus on January 15, 2024, 11:21:58 PM
Also consider these results: https://quttera.com/detailed_report/www.yts.vc 

polonus

There are several external links that could have an impact.
Logged
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.4.6112 (build 24.4.9067.762) UI 1.0.803/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33913
  • malware fighter
Re: URL:Mal YTS
« Reply #6 on: January 16, 2024, 11:11:14 AM »
This outgoing link is not being mentioned on the Quttera scan,
which gives us 18 outgoing re-directions and urlscan.io even produces 19 outgoing redirects..

1 Outgoing links
These are links going to different origins than the main page.

URL: hxtps://sedo.com/search/details/?domain=[domainname]

Title: This domain may be for sale.  Bad link according to VT Community members (via parked domains) - See: https://www.virustotal.com/gui/url/5db104f361309bea91db86785f67097284b9554d86b8d35a60691558754df6d0/community

Parked sites are open to abuse: htxps://img1.wsimg.com/parking-lander/static/js/main.47d29676.js

OpenResty parked on Amazon. Not clear at once, but we should use DavidR's caution.

We could do here with a final verdict from Avast's, as it comes with their definitions.

Also consider: https://urlscan.io/result/fe601cc9-b916-47c5-85bb-6e18ccdb1fa8/#links

Ample links that should be adblocked (wXw.adsensecustomsearchads.com etc., godaddy, various AMAZON & GOOGLE affiliates),
also consider:
https://www.virustotal.com/gui/url/5ee85d53c0d92b77d747d3b7ffd02560f0abad657bedbbd3c38fb6f524b5bb8d/community

polonus
« Last Edit: January 16, 2024, 01:01:27 PM by polonus »
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33913
  • malware fighter
Re: URL:Mal YTS
« Reply #7 on: January 16, 2024, 02:59:52 PM »
Another example of abuse on an OpenResty system can be found here: -http://nomwcapital.info/

also parking-lander and similar: https://www.google.com/adsense/domains/caf.js?abp=1

-htxps://img1.wsimg.com/parking-lander/static/js/main.47d29676.js

/px.js?ch=1&abp=1

/px.js?ch=2&abp=1

polonus
Logged
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!
Pages: [1]   Go Up
« previous next »