DavidR
8
@ polonus
But fortunately since avast blocks access to the click.php page the redirect is also redundant. Which is why I generally don’t go investigating further levels
@ alleyandy
Yes a MBAM Quick scan is generally good enough as a first look as Pondus mentions.
The message that it can’t find the .dll is probably a registry entry trying to register/run the dll, which I was hopefully that MBAM would find suspect and remove.
I don’t know if the Full scan should take this long anyway. You could make a note of what it has found so far and stop it and run a Quick scan.
Given your first post and the VT results show it is effectively only two detections as Nod32 and ESet are one and the same scanning engine. Both of these however are using either generic or heuristic detections, but given what the file is actually trying to do (connect to a malicious site) it is at the least highly suspect.