I will quote what other user asked because I had the same problem:
"Hi there,
For the past few days I have been receiving constant (pretty much every two minutes) pop-ups screaming “Malware Blocked!” whenever my computer is on. It’s not necessarily linked to any particular website I visit. It happens even when I don’t have Chrome open because I am usually connected to the net in some fashion (email/weather updates etc).
I’ve never been on this skegness site, so I have no clue where this is coming from. A google search shows that it is a skegness swimming association website, which has nothing to do with me. "
Here goes my part:
I had the same problem. Then I downloaded the Malwarebytes’ Anti-Malware, did the scaning, restarted the computer but it made no difference. The problem was still there. So I decided to restore the system to earlier time, when I didn’t have this problem.
This, as it seems, made the thing only worse. At first I couldn’t see the password section, only the mouse. Somehow I managed to log in, but bunch of .exe errors appeared (like AsusTPLoader.exe, Skype.exe etc.). Addblock on Goole Chrome and Itunes aren’t working, I can download things but not install them. Task manager and control panel aren’t reachable, so I can practically do nothing.
Then I did the Avast fullscan - It did find one malware: win32malware-gen and it is sealed now. But when I restarted the computer nothing changed!
Could someone help me? Exuse me for my english, as it isn’t my mother tongue
Here goes my part:
I had the same problem. Then [b]I downloaded the Malwarebytes' Anti-Malware[/b], did the scaning, restarted the computer but it made no difference. The problem was still there. So I decided to restore the system to earlier time, when I didn't have this problem.
This, as it seems, made the thing only worse. At first I couldn’t see the password section, only the mouse. Somehow I managed to log in, but bunch of .exe errors appeared (like AsusTPLoader.exe, Skype.exe etc.). Addblock on Goole Chrome and Itunes aren’t working, I can download things but not install them. Task manager and control panel aren’t reachable, so I can practically do nothing.
This sounds like file infector. Could you please post thge Malwarebytes log, the part which is detected infection. Here is how to extract the MBAM’s logreport;
Click on the History tab > Application Logs. Double click on the Scan Log which shows the date and time of just performed scan.
Click Export button at the bottom, and then select the ‘Text file (*.txt)’
In the Save File dialog box which appears, click on Desktop.
In the File name: box type “mbam” (without quotes) for your scan log name and click Save.
A message box “Your file has been successfully exported” should appear, click Ok and close the windows.
In the meantime, I shall take a peek into posted FRST logs.
As I did System Restore function I don’t have MBAM log. After doing MBAM scan and restarting problem was same as in the beginning, practically nothing changed (or at least orginal problem was not solved). But after doing system restore it turned to mini-hell
The following FixList shall tell FRST to preform some fixes. It shall also clean a lot of junk and temporaly files. Tell me how is the computer behavior after the execution of this script.
1. Open notepad and copy/paste the text present inside the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
2. Save notepad as fixlist.txt to your Desktop. NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. Note: If the tool warned you about the outdated version please download and run the updated version.
Pozdrav magna86 i puno ti hvala!
So I did what you tell me to do.
Now I don’t get any -exe errors and I can assess control panel and task manager normally.
I can install programs again and I-Tunes is running normally.
Although I would say that Google Chrome and my computer aren’t fast as before. Adblock didn’t work so I reinstalled adblock and now it’s going well.
Anyways it seems to me that the biggest part of the problem is solved Thanks
Do not add or do anything with your machine at this time other than use it normally. Magna86 needs to remove tools he put on your machine for removing the malware, so do not leave this thread before he does that. Do you understand? Thank you.
That is why we wait for Magna. He is the malware removal specialist, and he put things on your machine to help remove the malware. So do not make any more changes to your machine until he tells you. OK? You can use it normally, and if it acts strangely (differently), let us know here right away…that means something is wrong. He will want to know if your machine is acting normally again or not.
1. Open notepad and copy/paste the text present inside the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Start
Reboot:
C:\wintemp\*.tmp
C:\Users\Matej\AppData\Local\EmieUserList
End
2. Save notepad as fixlist.txt to your Desktop. NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait. If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply. Note: If the tool warned you about the outdated version please download and run the updated version.
.
From normal mode re-run FRST …
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
SRB::
PS: Nepravilno je reci McShield jer podseca na McAfee Shield (McShield komponenta) a to ne zelimo. MCShield stoji za MyCity (forum) Shield.
Ziveli,
ENG::
It is incorrect to say McShield becose it recalls for McAfee Shield (McShield component) and we do not want that. MCShield stands for MyCity (forum) Shield.
I Have the exact same problem as above, seems like this forum is the only one that really succed to correct this problem !
I ran MBAM, FRST and aswmbr, but I had an error during the scan of the last one, which made him stop.
Also, I don’t know if it’s related but I’m not able to uninstall program. I hope that If I succed to fix the URL:mal problem, it will work again, otherwise I’ll try to look for seomthing else.
I really hope taht someone will help me,
And like the OP, I’m not a native english speaker, so I apologise for my mistake
Ok, I will assist you. Know that next time, you should create your own topic. First from Control Panel > Programs and Features you need to uninstall the following PUP program:
[*]Close any open browsers and temporarily disable your AntiVirus program. (if it is necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool. Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Good. We shall use Zoek tool one more time to target malware and to preform the additional cleaning. Then we shall preform one more ARK (antirootkit) scan with Kaspersky’s tool.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
[*]Close any open browsers and temporarily disable your AntiVirus program. (if it is necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool. Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
[*]Save notepad to your Desktop and attach here zoek-results.log Note: It will also create a log in the C:\ directory named “zoek-results.log”
.
Please download TDSSKiller and save it to your desktop
Execute TDSSKiller.exe by doubleclicking on it. Confirm “End user Licence Agreement” and “KSN Statement” dialog box by clicking on Accept button.
[*]Under Additional options check the boxes next to: - Verify Driver Digital Signature; - Detect TDLFS file system - Use KSN to scan objects
[*] Press Start Scan
[*] If Suspicious object is detected, the default action will be Skip, click on Continue.
[*] If Malicious objects are found, select Cure.
Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt
Please post the contents of that log in your next reply.