Since the beginning of the year Avast keeps blocking JS adwares when I open Mozilla Firefox browser. I have reinstalled: Firefox, Java, Adobe Flash. I have ran: Avast, Malwarebytes, super spyware and at the recommendation of Mozilla Support, adwCleaner, but to no avail.
I do not believe my computer is infected ( because Avast blocks threat), however, the threat keeps attempting.
How do I get rid of this threat?
When blocked, Avast shows:
URL: http://axp.zedo.com/asw/fmr.js?c=...blah, blah…
INFECTION: JS:Redirector-BWW [Adw]
PROCESS: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

I have been back and forth with Mozilla and I really don’t think they have a clue.
Have you any advice?

see instructions https://forum.avast.com/index.php?topic=53253.0
scroll down to Farbar Recovery Scan Tool … run as instructed and attach the two diagnostic logs

And in the mean time read this: http://malwaretips.com/blogs/axp-zedo-com-virus-removal/

polonus

Logs ( even individually) are exceeding characters. What can I edit ?

attach … not copy and paste

OK. Files are attached.
I had previously followed the link you have mentioned, with no negative results.

now you wait for Essexboy to come and do some magic be patient, it may take a couple of hours before he is online again

Thx

Do you also get the alert if you use IE ?

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKU\S-1-5-21-1882937795-3887342577-2179202785-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKU\S-1-5-21-1882937795-3887342577-2179202785-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File Toolbar: HKU\S-1-5-21-1882937795-3887342577-2179202785-1000 -> No Name - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No File EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

I do not use IE at all.

Could you try IE and see if it appears there

I can not. I had bought this used and there was a corrupt file or something where IE won’t load. This has been this way for a year or so but this zedo issue started beginning of this year.

OK bigger hammer

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

• IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

At line 50, while running:

“PEV.exe has stopped working - A problem caused the program to stop working correctly”.

Rebooted PC and opened Firefox. The threat did not occur this time. As for how PC is running, let’s just say not fast but not painfully slow. Seems a lot is running in background but when going to a URL, loads up right away.

Have you run a disc defragment recently ?

No, I have not run Defrag. in quite some time.
No issues as of turning on today. Would you mind letting me know what you had found in the logs as well as the repair you had compiled/ ( in Private message)?

Do you recommend running Defragment?

Very basically I cleared your temp folders, removed orphan registry entries and cleared the BITs tasks

The probable suspect is the one combofix removed (which I am now looking out for ) c:\windows\msdownld.tmp

I would highly recommend running defrag as A lot of temp files were removed and your files are probably split all over your disc