hi …few days ago avast started to block conenection hxxp://146.185.246.50/hh.exe and it does till now. Scaned pc with Malwarebytes and it detects some trojans :
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 3
C:\RESTORE\k-1-3542-4232123213-7676767-8888886 (Trojan.Agent) → Quarantined and deleted successfully.
C:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) → Quarantined and deleted successfully.
C:\RECYCLER\S-1-5-21-0243556031-888888379-781863308-1830 (Worm.AutoRun) → Quarantined and deleted successfully.
Files Detected: 4
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\425P7AWA\x[1] (Malware.Packer.u64) → Delete on reboot.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\CWA73FOH\x[1] (Malware.Packer.u64) → Delete on reboot.
C:\RESTORE\k-1-3542-4232123213-7676767-8888886\Desktop.ini (Trojan.Agent) → Quarantined and deleted successfully.
C:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) → Quarantined and deleted successfully.
(end)
after that avast still blocking from time to time that hh.exe…
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[]Accept the disclaimer and allow to update if it asks
[]Allow the installation of th erecovery console
Scanning fo infected files…
This typically doesn’t take more than 10 minutes
However, scan times for badly infected machines may easily double
T was unexpected at this time.
OK change of tactic… First delete the current copy of Combofix from the desktop
Download a fresh copy but rename it to Gotcha prior to saving
Then boot to safe mode and run the renamed combofix from there
well… yesterday windows crashed… got some win32 errors and couldnt start it…today coming home i bought windows 7…and instaled it… At the moment everything fine…do i have to run on it any antimalware program right now?