Avast warning keeps popping up

‘Malicoius ULR blocked’ keeps popping out with nearly every page I open, so I suspect I aready have a virus. I read your logs to assist cleaning malware and I understand that I need to create this new topic to get your help. Thank you.

Yes … and now we need the logs from that guide :wink:

Malwarebytes / OTL / aswMBR

… and I am from now in ‘Monitor’ mode. :slight_smile:

reports from MBAM attached. Does it mean that all is clean now and I don’t need to go to OTL?w

We still need OTL and aswMBR logs

Your computer seems to be a adware city so we need those logs to see if all ls gone

OTL report attached

Have done aswMBR but avast message appears (avast! Antirootkin has stopped working/ check online for a solution/ close the programme) whichever option I choose, aswMBR window closes down.

Ok, just wait for magna86 to arrive… he has other tools if that one is needed… OTL is the important one

Uh … OTL log shows lots of junkware and crapware ( known as PUP) software leftovers. Let’s clean that additionally with zoek. Thereafter we’re check the remnants, if any.

Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

CreateSRPoint;
EmptyCLSID;
FilesRCM;
EmptyFoldersCheck;Delete
AutoClean;
Reboot;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

- - - - - Next - - - - -

Re-run OTL, just hit the QuickScan button and post me the fresh OTL.txt logreprot.

zoek report + repeated OTL attached :wink:

Hi,

Tip: Do not download crap software from the internet. By crap software I mean the various programs that claim to do who know what (speed up your PC or simulat) from your PC …

Again, re-run zoek as you did before with this script:

EmptyAllTemp;
C:\Users\Justyna\AppData\Roaming\MyTurboPC.com;FS
C:\Users\Justyna\Downloads\myturbopc(1).exe;F
C:\Users\Justyna\Downloads\myturbopc.exe;F
C:\Users\Justyna\Downloads\ReimageRepair.exe;F
FFDefaults;
SignPlugin@bph.pl;FF
CHRDefaults;
blpcfgokakmgnkcojhhkbfbldkacnbeo;CHR
coobgpohoikkiipiblmjeljniedjpjpf;CHR
icmlaeflemplmjndnaapfdbbnpncnbda;CHR
pjkljhegncpnkpknbcohdijeoejaedia;CHR
C:\Users\Justyna\AppData\Roaming\BabylonToolbar;FS
C:\Users\Justyna\AppData\Local\Wajam;FS
C:\Users\Justyna\AppData\Local\Giant Savings;FS
Reboot;
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];R
"vProt"=-;R
C:\Program Files (x86)\AVG Secure Search;FS
C:\ProgramData\MyTurboPC.com;FS
C:\Users\Justyna\Desktop\*.tmp;F
AutoClean;

When zoek ask for reboot allow him and post me fresh zoek log. Then, tell me …do you still getting some avast alerts?

Hi, I’ve done another zoek and OTL. Avast message hasn’t appeared since I have done it. Thanx a lot for your help.

Please bump! your topic for about ~ two hours if I do not answer you.

Hi, bumping my topic as requested. can you just have a look please on the last sent attachments.

Hi,

This OTLFix shall just remove run leftovers. This shall be removed quickly…

Re-run OTL.exe.

[*]Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.

:OTL
O4 - HKLM..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe File not found

[*]Then click the Run Fix button at the top.
[*]Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.

I do not need OTL logreprot. Next, it’s time to remove used tools.

Good workman always cleans up after himself.
The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.