Hi, I’m new to this forum but please help me. I badly need help, I think. My Avast keeps telling me that it has detected a URL: MAL. every 30minutes or so, it would ping me but i already ran a full scan and a boot-time scan. also had malwarebytes check it for me. all threats detected have either been deleted or quarantined by both but i still get this message from avast constantly. I’m trying to ignore it but it creeps me out like there’s something i dont know going on in my pc. help please. what should i do?

Hello and welcome to the Forum! :slight_smile:

Please follow the instructions in this thread and attach the requested logs: https://forum.avast.com/index.php?topic=53253.0
A malware remover will help you get rid off your malware.

DJBone

Hi DJBone,

Thank you so much. I’m doing it as we speak. :slight_smile: Hopefully this clears it out as I have tried running the scans in safe mode yesterday but that didnt work either.

you have to attach the requested logs for reciving help…

Yes thank you. Here are the logs for MBAM. still working on getting the logs for OTL.

Hi,

I’ve got the logs from OTL. Here are they are.

Here are the OTL logs on ANSI

next up… logs for aswMBR.

i think another problem came up. when i was downloading aswMBR, i got pinged by avast of a potential threat called WIN32: gen something dropper… i think. i didn’t catch all of it. anyways, it was quarantined from what i could tell and now the download failed.

where should I go from here? Please respond immediately as I am literally freaking out now.

You can ignore it, it’s a FP.

Let me know if the alerts continue after this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:Commands
[CREATERESTOREPOINT]

:OTL
IE - HKLM\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
IE - HKU\S-1-5-21-3763609004-1109474999-2060609816-1000\..\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2653012
O3 - HKU\S-1-5-21-3763609004-1109474999-2060609816-1000\..\Toolbar\WebBrowser: (no name) - {5A54562D-5636-006A-76A7-7A786E7484D7} - No CLSID value found.
O3 - HKU\S-1-5-21-3763609004-1109474999-2060609816-1000\..\Toolbar\WebBrowser: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - No CLSID value found.
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [ApnUpdater] C:\Program Files\Ask.com\Updater\Updater.exe (Ask)

:Commands
[resethosts]
[emptytemp]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Hi Essexboy, sorry this is delayed. anyways, i’m gonna try this now but do i still have to do the aswmbr logs? i kinda fell asleep last night so my bad…

btw, i dont have the tick box for the 64 bit scan on my otl. is that alright? i had to use the alternate link because the first one wasn’t downloading.

here are the logs from OTL after quick scan. i also attached the logs from the “run fix” procedure in case you need it.

here’s the log for AdwCleaner.

the last time i saw the alert was when i was running OTL during the “run fix” procedure. i haven’t seen it since and am crossing my fingers. :slight_smile: will let you know if anything comes up in 24 hours. Thanks a whole lot essexboy! :smiley:

Let me know when you are happy and I will tidy up

You are amazing! I haven’t seen the alert at all since yesterday. Thank you so much! :slight_smile:

Are the alerts still appearing ?