Chrome Malware?

Hi,

When I go to Chrome I get this:

http://i1295.photobucket.com/albums/b630/r_i_c_2012/avast%20warning_zpsnzwfa5dy.jpg

Checked out the numbers - google says it is an IP address in the Russian Federation :-o

What’s going on please?

Thanks,

AV

https://forum.avast.com/index.php?topic=53253.0

Thanks. If this is all the help Avast forum now offers I am out of here back to McAfee.

It is just a start, we do offer more help.
But without knowing (relevant) details we can’t do anything (much) for you.
Keep in mind that we can’t see your system and what is going on.

You message doesn’t make much sense.
You can’t go to Chrome.
It is a browser.
You can download it, install it, use it, that is all.

Hi a_vast,

The alert is to notice you you landed at a site that redirects you here: https://www.virustotal.com/en/domain/sb.adtidy.org/information/
via for example -adguardadblockerATadguard.com.xpi infested with JS/Redirector.BB through cybercriminal redirecting to malcode.

The logs that Eddy demanded are necessary for a qualified removal expert to remove this from the browser.
McAfee cannot help you either against this intentional evil persisitent redirection malcode.

polonus

You do know, those instructions are standard across all reputable forums right?

GeekstoGo: http://www.geekstogo.com/forum/topic/2852-malware-and-spyware-cleaning-guide/
http://www.whatthetech.com/
http://www.malwareremoval.com/
http://www.spywarehammer.com/

I think you get my point. Standard UNITE logs they need to repair your System.

UNITE: http://uniteagainstmalware.com/

Yes, when McAfee continues to block it, let us know. We will still be here, waiting.(Delay).(Delay).(Delay).(Delay).(Delay).

This is all we have ever offered by the way. Take a quick scan through any case you want. Those instructions are always posted, and they almost always receive help, unless overlooked.

I can see where the OP i coming from though, a post where someone on an Avast Forum tells us to download a whole slew of unfamiliar programs (except MWB, I like that one). It can seem like a lot at first glance, especially when he was maybe hoping that it was already known about and solved.

I just got this as well, the IP corresponds to an Andrey Korolev in the Russian Federation.

https://www.findip-address.com/185.22.60.101/whois

How do we know who the actual Avast employees are, to verify that Avast is actually recommending the install of those programs in the linked forum?

Yes, you blew my gasket after I went to all the trouble to upload a screenshot plus homework on that url as well - only to be awarded with a link to ‘overkill’ for someone who is already anxious about what’s going on with their computer I feel. We do need some human interaction here please, which has since surfaced :slight_smile:

Probably have most of those scan programs, I wanted an initial reaction to that Avast pop-up, “don’t know - go here - try this” would have been more acceptable.

For the record here’s the boot scan summary - can’t find the actual log - Avast please give us a user-friendly tab for logs.

http://i1295.photobucket.com/albums/b630/r_i_c_2012/avast%20warning%20boot%20scan%20result_zpssn2nk8k0.jpg

Will go back to the Avast link with thanks.

Just a guess…
You have AdGuard installed ?

Yes indeed - green shield with a check?

i had adguard installed but in Opera. got the same warning with same IP, after removing adguard, i havent got the warning yet

just check this https://www.who.is/dns/adguard.com

That’s weird - is there anything else reliable to replace adguard with please?

Thanks

I personally use uBlock… I find it mostly effective. No issues as of yet.

https://github.com/chrisaljoudi/uBlock/

Greetz, Red.

Okay thanks - will try that :wink: