URL: MAL False Positive or Infection? [SOLVED]


begin
 DelCLSID('{8A69D345-D564-463c-AFF1-A69D9E530F96}');
 DeleteFile('.dll','32');
 DeleteFile('C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe','32');
ExecuteSysClean;
end.

Ensure that you copy from begin to end

system · January 7, 2015, 10:07pm

Done what do I do now? Also what did you find?

system · January 7, 2015, 10:52pm

The PC is no longer booting. It is stuck on a black screen.

system · January 8, 2015, 12:51am

I decided to research the IP at the start of the adress turns out it leads to our Internet Provider. This has two Blacklisted items. https://www.virustotal.com/en/ip-address/91.74.184.33/information/

essexboy · January 8, 2015, 3:10pm

Is the computer booting now ?

system · January 8, 2015, 3:32pm

After I refreshed it and did a clean install. I found out why none of us could find a virus. There wasn’t one. ! Avast was tagging the Dubai download servers depending on the content which is why aswMBR and AVtool were the only ones being targeted.

avastuser3796 · January 8, 2015, 4:53pm

Avast! flagging All Dl servers from Dubai? I find that hard to believe…

Why did you clean install your system? Essexboy could’ve repaired it (In all likelyhood)/

system · January 8, 2015, 5:09pm

It didn’t flag all. But I know these are false positives and thus this case is closed. The information I lost wasn’t too much so at least I can fix this. I can prove that these are False Positives by simply looking at the adress used on other downloads which tie into other servers here in Dubai. Meaning avast started flagging servers based on the content they were bouncing to me, I’m assuming that Avasts newest definitions caused this as the problem arose at definition update on the 5th or before it when Avast blocked itself from updating, in the code it has an adress linking to a server here probably used for downloads.

URL: MAL False Positive or Infection? [SOLVED]

Announcements