hello,i got a problem with avast that keep blocking a access to a url message pop up every 10 15 minuts tried malwarebytes and other avast scan it find nothing…also i cant connect diablo 3 but maybe doesnt depend on that anyone could help me?
processo is process where its copyed malware (guess)
still running scans but i think i found out problem with hijackthis its
CDisplay_is1.scr
it run pop up and block all host(explain why i cant run diablo that use spec host file)
still working on 2 scans but im almost sure thats problem i cant remove it from msconfig/run and itried fix it with hijackthis but it cant be fixed tried delete CDisplay_is1.scr but it say program is in use so ya im kinda blocked anyone has a solution?
put 2 logs for now still finishing malware bytes log and otl ill put later
i dont know really how to fix…tried unactivate HKLM…\Run: [CDisplay_is1] C:\Users\kkk\AppData\Roaming\CDisplay_is1\CDisplay_is1.scr () in msconfig but it activate again alone and avast keep showing pop up with blocked access to a url
really need help
[2012/09/26 15.32.30 | 000,000,000 | --SD | C] – C:\Users\kkk\AppData\Roaming\CDisplay_is1 thats issue was create today at 3.30 pm after iw as back from work and turned on my pc
:OTL
O3:64bit: - HKLM\..\Toolbar: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1136535188-260250515-840242000-1000\..\Toolbar\WebBrowser: (no name) - {1392B8D2-5C05-419F-A8F6-B9F15A596612} - No CLSID value found.
O3 - HKU\S-1-5-21-1136535188-260250515-840242000-1000\..\Toolbar\WebBrowser: (no name) - {32099AAC-C132-4136-9E9A-4E364A424E17} - No CLSID value found.
O3 - HKU\S-1-5-21-1136535188-260250515-840242000-1000\..\Toolbar\WebBrowser: (no name) - {414B6D9D-4A95-4E8D-B5B1-149DD2D93BB3} - No CLSID value found.
O4 - HKLM..\Run: [CDisplay_is1] C:\Users\kkk\AppData\Roaming\CDisplay_is1\CDisplay_is1.scr ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: CDisplay_is1 = C:\Users\kkk\AppData\Roaming\CDisplay_is1\CDisplay_is1.scr ()
[2012/09/26 15.32.30 | 000,000,000 | --SD | C] -- C:\Users\kkk\AppData\Roaming\CDisplay_is1
:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
yes worked while otl was removing registry key avast blocked a file “dropper” with always cdisplay in system after reboot all registry and msconfig was clean
thx for help is it a new virus?cause no other antivirus detected it tried everything