Avast Community

MALWARE - hXXp://asxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz/index.php

Viruses and worms

system September 27, 2015, 9:25pm 1

Dear Sirs

I am having problem with this situation, the Aast bloks a malware and comes up an warning:

URL: hxtp://asxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz/index.php
Infeção: URL:Mal
Processo: C:\Windows\explorer.exe

hxtp://asxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz/index.php

The problem is that every 30 seconds the warning comes up again, I’ve noticed you already help someone with the same problem, can you help me?

Thanks

Pondus September 27, 2015, 9:27pm 2

Instructions https://forum.avast.com/index.php?topic=53253.0
Attach Malwarebytes and Farbar Recovery Scan Tool logs … 3 logs total

See below the box you write in … Attachments and other options

when done a malware expert will assist you

polonus September 27, 2015, 9:50pm 3

Hi Diogo36,

The live link you presented in your posting leads to malware, so please break it using hxtp://etc.
See: https://www.virustotal.com/nl/url/3098780e070880b6e0bcbb00cb640bf800514ed407c7dcc2784ed4a1b8dfc7d9/analysis/1443389685/
World Stream abuse: https://urlquery.net/report.php?id=1443389917488
Complaint listed for ie virus on IP: http://www.liveipmap.com/109.236.91.184
Domain recently registered for the occasion: http://whois.domaintools.com/asxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz
Website risk status 10 red out of 10: http://toolbar.netcraft.com/site_report/?url=http%3A%2F%2Fasxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz
AOS block the link to htxp://109.236.91.184/ as malicious. Avast has us protected.

Please follow instructions given by our friend Pondus above,

polonus

system September 27, 2015, 10:09pm 4

Thank you for your answer.

The instrutions you refer are in this link? https://forum.avast.com/index.php?topic=53253.0
What you mean with "break it using hxtp://etc. "

Right now I am scaning with Malwarebytes Anti-Malware to see if it finds the virus.
Am I doing it ok?

DavidR September 27, 2015, 10:28pm 5

How to break a link - By modifying your post and change the url:

URL: h[b]XX[/b]p://asxdq2saxadsdawdq2sasaddfsdfsf4ssfuck.xyz/index.php Infeção: URL:Mal Processo: C:\Windows\explorer.exe

Note how I have changed the url in my quoted text of your first post.

That is what is meant by breaking the link, e.g. it isn’t live or clickable - this avoids accidental exposure to a malicious site.

dbrisendine September 28, 2015, 2:29pm 6

Monitoring: please post the logs if you still need help. Thank you.

Announcements