What Is This

avast! blocked the virus:
hxxp://urlfilter.vmn.net/vmnsbf/data/120921093944-m.zip|1209…

Virus Lab research shows that more than 80% of malware (viruses, trojans, worms, spyware) now spreads via the internet. More notably, only 1% of this number comes from suspicious or ‘dodgy’ sites – about 99% spreads via legitimate websites that have been hacked.

We’ve got your back.

The only websites I’ve been on this am. is Facebook and this forum. In fact this popped up while I was on the forum.

Please ‘modify’ your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.

The fact that you get a pop-up on a specific site doesn’t necessarily mean the malware is on that site. There is more to it than that. Depending on the browser you can have add-ons (some which might be malicious, redirecting urls in the browser).

Look at pic bellow :wink:

I was on and still am using the Flock browser which is the browser I use to access this forum. As far as I know I don’t have any add on’s on this browser.

Hi -midnight

When you get the alert can you take a print screen and post it here 8)

I don’t know how to do that.

If you look on keyboard, you will see a key that looks like the one circled in the picture bellow

When you get the alert press that, it will take a printscreen for you

Next

Click Start
Click All programs
Click Accessories
Click Paint

on your keyboard press

CTRL + V

this will paste the screenshoot to paint

You may need to crop the image

Click File
Click Save as
Give it a name
Then click on save

Once done attach it here

nfection Details
URL: hxxp://urlfilter.vmn.net/vmnsbf/data/120…
Process: C:\ProgramData\Anti-phishing Domain Advi…
Infection: JS:ScriptSH-inf [Trj]

This just popped up.

Hi -midnight

Follow the guide and attach the logs.

http://forum.avast.com/index.php?topic=53253.0

AdwCleaner
Malwarebytes
OTL
aswMBR

Best Regards

Anthony

I just ran a full scan and it didn’t show any threats.

Follow the following 8)

@ -midnight
Is this a program that you have installed C:\ProgramData[b]Anti-phishing Domain Advi…[/b] (presumably the last bit is Advisor) ?

Try finding and disabling the Anti-phishing Domain Advisor and see if this is what is causing the problem.

Personally I don’t see the need for a dedicated Anti-phishing application as the avast Network Shield malicious sites list is likely to cover phishing sites as many are likely to be malicious. Depending on your browser, it may have anti-phishing built in. You can also consider using the OpenDNS.com as your DNS server it has a dashboard function with many categories you can block at DNS server level, Phishing being one and other parental control settings, http://www.opendns.com/start/ for more info.

Why would this even be installed on my new computer if it was going to cause a problem?

I haven’t a clue why it would be installed on a new computer aside from not knowing what that computer was, many manufacturers load their computers with junk, looks good in a long list of free software.

They also haven’t a clue what you are going to subsequently install.

Dell in the past have had lots of form for installing cr4pware, there was a tool built to remove it, Decrapifier.
http://uk.search.yahoo.com/search?p=remove+crapware

I don’t have the Google Chrome browser.

You don’t have to have that browser, it is an example of the avast alert and how you attach it in a post.

My Identity Protection is installed too. I clicked on it once and entered my name but it asked for my SS number so I didn’t go any further. Guess I had best uninstall that too.

I have never heard of My Identity Protection (so I can’t really say), but I know a friend who probably does google.com/yahoo.com.

avast! blocked the virus:
hxxp://urlfilter.vmn.net/vmnsbf/data/120921093944-m.zip|1209…

This popped up after I uninstalled Anti Phishing Advisor.

I tried to do a screen shot using paint but it didn’t work.

Since I ran a boot scan yesterday and it didn’t show any threats I’m not going to worry about these stupid popups anymore.