Avast blocked an url

Hi, today avast showed me warning that firefox try to access malicious website (I have opened multiple tabs so i have no idead which it could be).
Reported url was:

http://52.18.68.0/sync?dmp=visual_dna

And here is the question: I am infected or not?
This url sugests me that I am infected and some malicious app try to synchronize using firefox.

Can anyone tell what kind of worm it is, name, and how to remove it?

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0

Ok, scans done, but in which form you want to receive logs? I don’t see attachment fields anymore…

See screenshot…

https://dl.dropboxusercontent.com/u/73555776/attach.JPG

Yep I’am blind :slight_smile:

see attachments

OK, now you’ve to wait a bit…

It may have been an infected website, has it happened again ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: HKLM-x32\...\Run: [] => [X] 2015-02-22 08:19 - 2015-02-22 08:20 - 0000000 _____ () C:\Users\Anno0\AppData\Local\{CB154715-BD39-4B33-8DB7-F91D8B7B8ABD} C:\Users\Anno0\andro.bat RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

C:\Users\Anno0\andro.bat

This file is my private setup for android tools. Not an virus :slight_smile:

OK delete that from the fixlist… Have you received any further alerts ?

From this what i understand this whole fixlist is for only one file? Or i have to remove one line and run it?

No, i only received this message one time, but as you know malware can be hidden and can try to synchronize one time or just use other server etc.

Just delete this line from the fixlist :

C:\Users\Anno0\andro.bat

The remainder are just a tidying up exercise