Chrome throws an Avast warning on half the pages I visit including Google search results. this has been true for as long as I’ve had Avast; several months. The last three occurrences included the following URLs (where … are seemingly random characters):
http://zfw…zqi.falconhat.org/s/?nmeDe…
http://e5wwdw…5ya.falconhat.org/s/?G 4H5…
http://623vm…7ou.falconhat.org/s/?SPSNbre…
and all with Infection URL: Mal2
Any help to be had for this one?
Hi,
Follow this thread and attack the logs (MBAm,OTL, aswMBR)
Thanks!
Malwarebytes found nothing with a quick scan.
OTL.txt attached. No Extras.txt was generated. aswMBR.txt attached.
Nothing like showing everyone your underwear.
P.S. The Avast warnings only pop with Chrome though it is attached to both Chrome and Firefox.
Hi,
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
[*]Click on the Scan button.
[*]After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
[*]After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
[*]Post logfile will also be saved in the C:\AdwCleaner folder.
Then…
Please download Farbar Recovery Scan Tool by Farbar and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Thanks Eagle. AdwCleaner and FRST run. Logs attached.
A “install.rdf could not be found” error popped up while FRST was running. Don’t know if that was related to FRST or coincidence. Only references I could find to it were related to Firefox. Error popped a second time but FRST continued on its way.
I noticed a 30-day file check in one of these and the prior set. This problem – or its evidence – has been around since I started using Avast in July.
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
FF SearchPlugin: C:\Users\Bruce\AppData\Roaming\Mozilla\Firefox\Profiles\o96ze6pn.default\searchplugins\duckduckgo.xml
C:\Users\Bruce\AppData\Roaming\docXConverter (3).ini
C:\Users\Bruce\AppData\Local\Temp
cmd: ipconfig /flushdns
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.
How are the things now?
Fixlog.txt attached.
Still get same Avast popups. They’ve always been sporadic; not on every page but many pages with no apparent pattern. Google search result pages and their click-throughs are heavy with them.
Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…
[*]Close any open browsers
[*]Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
createsrpoint;
StandardSearch;
installer-list;
installedprogs;
uninstall-list;
[*]Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)
[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log”
zoek run; log attached.
Post-zoek run, noticed displaying Chrome’s History list – just first display since Chrome start? – causes this Avast warning.
What do you think that we reset Chrome to defaults, like fresh installed?
Do you mean turn off all extensions?
Yes, we wipe everything…
Thanks for all you help, Eagle. I fixed it… uninstalled Chrome. Firefox has issues but Google is the man. Let’s call this closed.
Please download DelFix by “Xplode” to your Desktop.
Run the tool and check the following boxes below;
[] Remove disinfection tools
[] Create registry backup
[*] Purge System Restore
Now click on “Run” button. Wait for the programme completes his work.
All the tools we used should be gone.
Tool will create and open an log report (DelFix.txt)
Note: The report will also be stored on C:\DelFix.txt
I don’t need DelFix log report.
Done. Mostly. DelFix hung during restore… 0% CPU, frozen progress bar for 30 minutes or more. I killed it. (Dumb I suppose.)