Open notepad.

[*]Click Start
[*] Type notepad.exe in the search programs and files box and click Enter.
[] A blank Notepad page should open.
[] Copy/Paste the contents of the code box below into Notepad.

Start
HKCU\...\Run: [SearchProtect] - C:\Users\MALO\AppData\Roaming\SearchProtect\bin\cltmng.exe
C:\Users\MALO\AppData\Roaming\SearchProtect\bin\cltmng.exe
HKCU\...\Run: [xUxnVwzA] - C:\Users\MALO\AppData\Local\Adobe\dfXbRBHI.exe [129024 2013-09-23] ()
C:\Users\MALO\AppData\Local\Adobe\dfXbRBHI.exe
Startup: C:\Users\MALO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\pNAhnRbS.exe ()
Startup: C:\Users\MALO\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_.lnk
ShortcutTarget: _uninst_.lnk -> C:\Users\MALO\AppData\Local\Temp\_uninst_.bat ()
C:\Users\MALO\AppData\Local\Temp\LvQewNPE.exe
HKLM\...\Run: [vProt] - "C:\Program Files\AVG Secure Search\vprot.exe"
C:\Program Files\AVG Secure Search\vprot.exe
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,,C:\Program Files\AVAST Software\UodBJaIJ.exe
C:\Program Files\AVAST Software\UodBJaIJ.exe
S2 vToolbarUpdater15.5.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [1643184 2013-08-16] (AVG Secure Search)
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [37664 2013-08-16] (AVG Technologies)
C:\Windows\system32\drivers\avgtpx86.sys
End

[*] Save it to your USB flashdrive as fixlist.txt

Boot into Recovery Environment

Start FRST in a similar manner to when you ran a scan earlier, but this time when it opens …

[*] Press the Fix button once and wait.
[*] FRST will process fixlist.txt
[*] When finished, it will produce a log fixlog.txt on your USB flashdrive.

Exit out of Recovery Environment and post me the log please.

after I did what the virus will delete?

Yes.

I will try my luck. was fed up with this virus

ASK

What is this new virus?
what this virus can only be removed in this way is not the antivirus scan?

The virus could be so new that even Avast has no signature for it, or it made it through the protection completely.

Even Kaspersky misses some of these Lockscreens EVEN WITH AUTOMATIC RANSOMWARE AND SCREENLOCKER DETECTION.

On top of this. If Avast misses the initial signs and bdidn’t block the URL, The only way to remove it is via these tools. What’s your native language?

German. If you want to know.

http://i1292.photobucket.com/albums/b576/argus13/2013-09-24_220744_zps6f51fc8d.jpg

Not really he asked me something, and he gets an answer.

before I did this http://forum.avast.com/index.php?topic=135532.msg992226 # msg992226
I got a computer virus avast notification appears pNAhnRbS.exe
but avast can not remove this virus pNAhnRbS.exe

then I tried your suggestion of http://forum.avast.com/index.php?topic=135532.msg992226 # msg992226

to remove a virus successfully

thank you team avast!

Fixlog

Now everything is fine?

Another check.

Please download zoek.zip (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log”

fine!!!

What should I do zoek?

my computer is fine

Additional check.

But if you do not want OK.

thank you team avast!