Kaspersky
Solved

Dangerous URL vdpro.org [Closed]

  • 8 October 2019
  • 29 replies
  • 6347 views

Userlevel 1
Hi everyone from Italy! Since some days my KIS 2020 detects this dangerous URL as you can see on the screenshot. I ran complete scan on my system but KIS doesn't find out anything. It looks like my system is clean. Actually I don't understand if I have some virus, malware, etc or not. Can someone help me to understand it and if yes how to fix it? Thank you very much.

Alessandro

icon

Best answer by Flood and Flood's wife 9 October 2019, 19:37

View original

This topic has been closed for comments

29 replies

Userlevel 7
Badge +11
Hello @alessandroleoni,
Welcome!
  • Have any new extensions or themes been installed recently?
  • If "yes" please tell us which ones & the source please?



(&) I've asked the Lab to give a definitive answer.
I will let you know.
Thank you🙏🏽
Userlevel 7
Badge +5
Hello,

I follow the url. There is a JSON element replied by the server without any malicious code, except for regular expression. Maybe the regular expression strings trigger a detection feature. Interesting......



Regards.
Userlevel 1
Hello @FLOOD. Thank you very much,
These are my extensions. Last one I installed is Kaspersky Protect Manager.
I have never installed any theme.



I hope Lab can give us an answer.
Thank you.
Userlevel 1
Hello @Wesly.Zhang and thank you to you too.
Unfortunately I don't know anything about JSON element or stuff like that. 😅
I hope someone can tell me what is better to do to fix that.
Have a nice day.
Userlevel 7
Badge +11
Hello @FLOOD. Thank you very much, These are my extensions. Last one I installed is Kaspersky Protect Manager. I have never installed any theme. I hope Lab can give us an answer. Thank you.
Hello @alessandroleoni,
You're welcome & I hope so too!
Please export Detailed Reports, All Events, 30days, save as a .txt file & upload to your post using the Upload icon.
--
Then please do the following:
1⃣ Create a System Restore Point.
2⃣ Go to: C:\Windows\Temp - delete everything, there will be several files/folders requesting "Admin" permission, select "yes" or "ok', &, there will be several files/folders "in use", select skip.
3⃣ Go to: C:\Users\YOURNAME\AppData\Local\Temp - delete everything.
4⃣ Check Google Shortcut (on Desktop), right-click the shortcut, select Properties, Target, there should be no text after chrome.exe. If there is any text, remove it so the Target field is
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
5⃣ Export Chrome Bookmarks
6⃣ Run KIS Privacy Cleaner Wizard
7⃣ Run KIS PC Cleaner
8⃣ Reboot PC, using FULL shutdown, not Restart, when PC is full off, restart, login.
9⃣ Make sure KIS is active
🔟 Run KIS manual Database Update, allow it to complete and do not use the PC while it's running.
1⃣1⃣Run KIS Full Scan, allow it to complete and do not use the PC while it's running.
1⃣2⃣ Start Chrome and monitor issue.

Please post back?
Thank you
Userlevel 1
Dear @FLOOD I'm going to do what you suggested to me as soon as possible then I'll be able to tell you something about it. Thanks.
Userlevel 7
Badge +11
Hello @alessandroleoni,
Thank you, take you time, please before you do 1 > 12, please export and post the 30day, All Events Report please🙏🏽?
Best regards.
Userlevel 7
Badge +11
Hello @alessandroleoni,
From: Kaspersky AntiVirus Lab, Sent: Wednesday, 9 October 2019 00:57, Subject: [Malicious link]
Detection is correct. This domain is used by browser extensions for "cookie stuffing".
Best regards, VG, Malware Analyst

"Cookie stuffing", unscrupulous marketing technique that is not accepted, nor supported by most reputable affiliate networks. Spammers drop cookies in scripts, pop-ups, toolbars, and images. The cookies are stored in the visitors’ computers; when they visit a site that pays for advertising, the spammer receives a fee. Essentially, it's an act of fraud that lets people earn illegitimate commissions without doing any honest work.
----
Thank you🙏🏽
Userlevel 2
Badge
Hi @alessandroleoni

In addition to what FLOOD indicated in the post located above this [post,

  • Is kaspersky still detecting the said URL?
  • Were you able to perform the instructions provided by @FLOOD?
If the issue is still there, you can try these steps below:
  • Clear the cache in your browsers: https://support.google.com/chrome/answer/2392709?hl=en&co=GENIE.Platform%3DAndroid&oco=1
If clearing the cache of the browser doesn't help, the last this thing the you can try to do is to reset your google chrome browser (This is what I personally do most of the time.)

https://support.google.com/chrome/answer/3296214?hl=en

* Click Chrome Menu button click Setting from drop down men

* In search box, type "Reset and cleanup

*Click on "Restore settings to their original defaults"

* Click on "Reset settings" (Please note that this will reset your startup page, new tab page and search engine and pinned tabs. It will also disable all extensions and clear temporary data like cookies. Your bookmarks, history and saved passwords will not be cleared.)

Let us know if these steps help.

Many thanks!
Userlevel 1
Hi @battybatmam4unme!
Actually I still have to do what @FLOODFLOOD suggested to me 😅 then if it won't work, I'll try your steps too.
Thank you very much 😉
Userlevel 7
Badge +11
Hi @battybatmam4unme! Actually I still have to do what @FLOODFLOOD suggested to me 😅 then if it won't work, I'll try your steps too. Thank you very much 😉
Hello @alessandroleoni,
Please grab my reports before anyone else repeats my instructions & sends you on a cleaning frenzy😉
Thank you very much🙏🏽!
Userlevel 1
@FLOOD I will follow your steps for sure first, I promise! 😉
Userlevel 1
Hey @FLOOD, here you are 30 days all events detailed reports 😉
Thanks!
Userlevel 7
Badge +11
Excellent @alessandroleoni, thank you🙏🏽.
Post back after the cleanup please?
Best regards
Userlevel 7
Badge +11
Hello @alessandroleoni,
  • Before the 28/09/19, was Kaspersky software installed?
Please let me know?
Thank you🙏🏽.
Userlevel 1
@FLOOD absolutely yes. It was. I have KIS since ten, eleven years.
Userlevel 1
@FLOOD, on KIS Privacy Cleaner link which you gave me, I found these steps:

To run the Privacy Cleaner Wizard:
  1. Open the main application window.
  2. In the lower part of the main window, click the More Tools button.
  3. The Tools window opens.
  4. Go to the Clean and optimize section.
  5. Click the Privacy Cleaner link to run the Privacy Cleaner Wizard.
Here below there's a screenshot of the fourth step but I don't find any Privacy Cleaner link as in fifth step.
Can you help me even if it's in Italian? Thank you.

Userlevel 7
Badge +11
Hello @alessandroleoni,
  • Re the reports, they only go back to 28/9/19, did you select 30 days?
  • If you selected 7days, please redo reports before cleanup, select 30 days, save as a text file & upload to cloud, pm the link to me please?
  • Cleanup - do 1, 2 & 3


  • Red circled ? = Help, selecting a question make in any Kaspersky software opens a Help document specific to the window of the app.
🙏🏽
Userlevel 1
Now I see why report goes back to 28/09/2019.
On that day I installed latest version, KIS 2020. 😅
Userlevel 7
Badge +11
Hmmm, @alessandroleoni,
That makes things more difficult, however, from the report you've submitted Video Downloader Plus is a problem.
Anyway, do the cleanup, follow the process carefully & let me know please?
Thank you🙏🏽.
Userlevel 1
Hi @FLOOD.
Unfortunately the issue is still there.
After complete scan, as soon as I opened Chrome, here it is again. 😭
What about now?
Userlevel 7
Badge +11
Hello @alessandroleoni,
  1. Do you have more than one Windows account?
  2. Export the KIS Report please and post back please?
  3. Chrome Browser extensions, go to the Details of each one, scroll down to "View in Chrome Web Store", select,copy the (redirect) url, add the urls to a text file and upload to your reply please?
  4. Download Adwarecleaner 7.4.1, configure according to AdwCleaner Application settings, run, let me know what is found please?
Thank you
Userlevel 1
Hi @FLOOD.
No, I don't have any other Windows account. Just mine.
Here's what you need.





Userlevel 7
Badge +11
Hello @alessandroleoni,
When the KIS x 3 clean was run what options were selected?
While I look at the reports can you export the Adware reports & upload please?
Thank you.
Userlevel 1
Hi @FLOOD.
Which options of KIS x 3 clean are you talking about? I don't understand which they should be.
Here's Adwcleaner report.