Some one knows what is going on here? When I opened this link yesterday: omgili.com/user%3Apolonus with Google Chrome
I was redirected to an adfly site. Later when scanning the user file on my computer avast detected in Users/polonus/AppData/local/GoogleChrome/User Data/Default malware by the name JS:Downloader-ZZ[Trj]
I have it in the virus chest, glad I did the on-demand scan and found it.
Questions SAS scan did not bring up anything, cleansed all history of Google Chrome.
What vulnerability is being used, was omigli infected? How to block adfly in the browser.
The redirect to the adfly site and the find up of JS:Downloader-ZZ[Trj] are they somehow related?
I’m not familiar with omgili, but it seems to host a lot of ads originating from adf.ly. Is it normal? Couldn’t that also be a false positive from avast!? Have you uploaded it to Virus Total?
Google Chrome 10 has a command switch –host-rules that you can use in Chrome’s shortcut like this:
chrome.exe --host-rules=“MAP adf.ly 127.0.0.1”
This will prevent connection to it. Another solution is to add the domain to the hosts file.
By the way, the command switch I mentioned has been killed from Chromium and from Google 12 Dev Channel (not sure about beta version). Unfortunately, Chromium developers won’t fix it. It was a nice feature!! Eventually it will be killed from Chrome’s stable version.
These thoughts about the FP also crossed my mind, especially while I did not follow up on the adf.ly redirects, just closed that page, I shall ad adf.ly to the sites blocked with the Personal Blocklist extension in Google Chrome. I kept what avast flagged in the chest and I have sent it to them for evaluation. Anyways I regularly clean up my Google Cache and Chrome Cache Viewer gives an all empty, also cleanse temp files and have Click & Clean in that browser and the Bitdefender inbuilt scan for malware did not report anything and did not upload anything to their in the cloud servers to check on, MBAM and SAS scan came up all clean,
Windows Defender idem dito.
But I advise users to do a complete on demand scan of their computer’s users file, just to be secure,