So I’m in the same boat as a few other people. avast! keeps pulling up the “Malicious URL Blocked” notice with it constantly blocking C:\WINDOWS\system32\midimap32.exe
It only blocked it at first, but now it’s actively redirecting the Google searches.
can you post one more log
Essexboy is notified an will check the logs when he arrive, usually around 08:00pm - 11:59pm uk time…
Sorry about that, here we go.
Hi onibi808
Submit for analysis at the Virus Total http://www.virustotal.com/
C:\WINDOWS\System32[b]mchgrcoi32.exe[/b]
C:\WINDOWS\System32[b]midimap32.exe[/b]
Copy the link with reports of.
C:\WINDOWS\System32\midimap32.exe
http://www.virustotal.com/file-scan/report.html?id=e9e236644f77fdde897aa5f6d002ee74fa002d16befa670f11f0e9124cfe45d2-1313485956
C:\WINDOWS\System32\mchgrcoi32.exe
http://www.virustotal.com/file-scan/report.html?id=e9e236644f77fdde897aa5f6d002ee74fa002d16befa670f11f0e9124cfe45d2-1313486231
Run OTL
Under the Custom Scans/Fixes box at the bottom, paste in the following
:Commands
[purity]
[emptytemp]
[resethosts]
[EMPTYFLASH]
[Reboot]
Then click the Run Fix button at the top
Let the program run unhindered, reboot the PC when it is done
Post the log it produces in your next reply.
Okay, so I ran the fix, and… I’m still getting it.
Log attached for OTL custom fix.
Please visit this webpage for download links, and instructions for running ComboFix tool:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Please ensure you read this guide carefully and install the Recovery Console first.
Please continue as follows:
Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix, link
Remember to re-enable them afterwards.
Click Yes to allow ComboFix to continue scanning for malware.
When the tool is finished, it will produce a report for you.
Please include the following reports for further review, and so we may continue cleansing the system:
C:\ComboFix.txt
Okay, here are the results from ComboFix.
Open notepad and copy/paste the text present inside the code box below:
File::
c:\windows\system32\mchgrcoi32.exe
c:\windows\system32\mmutilse32.dll
c:\windows\system32\midimap32.exe
c:\windows\system32\atiiiexx32.dll
Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0C9A7B50-86E9-4658-A342-751DBC0020Ae}]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
Driver::
SamSs32
Save this as CFScript to desktop.
http://img213.imageshack.us/img213/1218/cfscript1.gif
Drag CFScript.txt into Combofix.exe. ComboFix will re-run.
When finished, it will produce a log for you.
Copy/paste the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
c:\documents and settings\Administrator\My Documents[b]Downloads[/b]\ComboFix.exe
Cut / paste combofix to desktop
Alright, thanks very much, you guys. If I come up with anything else, I’ll be in touch. Just in case you need it, here’s the result scans from the last ComboFix run.
any problem now?
Ironically, right when I was about to tell you “Yep, everything’s good,” avast! blocked it again.
Open notepad and copy/paste the text present inside the code box below:
File::
c:\windows\system32\atiiiexx32.exe
c:\windows\system32\mmsystem32.dll
Driver::
stisvc32
Save this as CFScript to desktop.
http://img213.imageshack.us/img213/1218/cfscript1.gif
Drag CFScript.txt into Combofix.exe. ComboFix will re-run.
When finished, it will produce a log for you.
Copy/paste the contents of the log in your next reply. (typical location: C:[b]ComboFix.txt[/b] )
Here’s scan #3.
Ok now you have a problem?
Fingers crossed, I’m saying I don’t. Thanks again for the help, argus. I’ll be back if the problem arises again.
onibi808
Need to uninstall Combofix
Start > Run > Copy/Paste
Combofix /Uninstall
enter.