So I made a stupid mistake earlier today. I think I’ve resolved the problem but want to get a more informed opinion on whether I need to do more digging or not. I have both Avast (free) and malwarebytes (paid w/ lifetime license). Avast tends to be a bit more picky with which websites are okay, though I rarely notice outside of visiting adult websites. This morning I made the dumb mistake of turning off the Avast Shield to access a site (simpcity.tv - I’ve since learned that this is a more sketchy website than I realized. I only found it through google) that Avast was blocking but malware bytes (which has a similar blocking feature I always leave active) did not.

Everything seemed fine until I realized after the fact that a random file had ended up in my downloads. I dont remember what it was called. Windows defender is turned on and I didnt get any prompts for anything installing. I deleted the file and ran some scans through both programs. everything came up clean. Later in the evening, whenever I’d open firefox avast would pop up every 30 seconds or so saying it blocked a URL (reason listed as URL:Blacklist) and go figure it was various simpcity.tv URLs. I think all the URLs blocked notifications were pages I’d visited in the morning (even though my history and cookies were deleted) but some might have been random.

This DOES NOT happen with Chrome. When firefox was closed and I had chrome open, I would not get the avast block URL notices. Only when firefox was opened for a min or two.

I tried running a boot scan. Nothing came up when the system started up after it finished (I’ve never used this feature so I’m not sure if that means everything was clean or not). I ran a deep scan and found nothing. Scanned with malware bytes and still nothing. I uninstalled firefox, searched the system for any left over data and deleted it (IE profiles, app data, ect. A few system settings files still existed because windows wouldnt let me easily delete them), made sure to clear any temp files on the system or basically anything windows disk cleanup would remove, ect. Restarted, reinstalled firefox, and after about half an hour to an hour I have not had a single pop up.

My concern at this point is if there could still be something malicious going on without any signs. I also visited this website on my phone (though only one page as opposed to quite a few on my computer) and in chrome on my desktop (also only one page - thankfully google accounts keep a history even after you delete from the browser so I could backtrack) but I havent noticed anything odd happening with my phone nor when chrome was open on the desktop. I know very little about hacking (beyond hearing that its more often social engineering or stolen databases from large companies) so I just want reassurance that I should be okay or else direction as to what other steps I should be taking (beyond obviously not being dumb and bypassing shield) - especially on my phone since I’m even less familiar with dealing with potential security issues on a cell. I have a samsung android if that matters.

Wish some who come for help were as detailed as you.

Try this free online scanner: Use ‘One Time Scan’ option. https://www.eset.com/int/home/online-scanner/

I had trouble running that for whatever reason. It closed after downloading then closed again during the first scan. Ended up running a custom scan selecting everything. It only found one file, but its part of a corsair program I use for lighting effects (corsairllaccess64.sys) so I believe its just a false positive.

I downloaded their mobile app and ran the scanner on my phone as well. It didnt find anything either.

Edit: it also found a temp file when I ran the default full scan again this morning (nodD116.tmp). But that also mentioned corsair in the detection name so I’m guessing thats also a false positive.

Submit your files to be scanned at VirusTotal.com. All files submitted there will be shared with the entire antivirus community, so if you can, please do that and provide a link to your submitted files here.

In Firefox that is giving you problems, Check Add-ons and extensions for any you do not expect or recognise. Either disable or remove any you do not want or recognise. Also consider clearing cookies in Firefox.

@ concerned91

• as you say you weren’t intending to visit the site.
  Start by clearing your browser cache and cookies, including 3rd party cookies and restart your browser.
  If that resolves it you should be good to go.
  If it doesn’t try running your browser with add-ons disabled.

If that resolves it, have you added or updated any add-ons ?
If so try disabling that add-on - and restart and try again.