Hey guys. First post here, but I need some massive help. Yesterday my computer started getting avast network shield coming up blocking harmful sites. It now happens very few minutes or so. Sometimes without even being on line. I pinned the most recent one.
Object: 95.143.193.171/ (sometimes it says something like “longtrip-todayz”)
Infection: URL:Mal
Action: Blocked
Process: C:\Windows\system32\svchost.exe
So far, here’s what I have done to try to fix the problem.
Updated and ran Avast scan. Came up clean.
Updated and ran Malwarebytes. Again came up clean.
Updated and ran SuperAntiSpyware. It found adware.HBhelper & browser hijacker.deskbar
I quarantined and deleted those.
After some more searching and reading, I decided to download and run CW-shredder.
It found CWS.msconfig. I deleted and reran several times, but it wouldn’t be deleted.
I turned off system restore, rebooted (which caused a problem with my computer).
After having to reboot my computer several times, I finally got everything back up.
I have now reran Avast, Malwarewareytes, SuperAntiSpyware and CW-Shredder and found nothing on any of those.
However, I am still getting the same messages as I posted above from Avast. I am as clueless as to what to do now as possible. If anyone has any possible solutions, let me know. I will post whatever logs you need to be as helpful as possible. Just let let me know. Thanks.
Okay. I ran the scan and fixed it. I had to restart the computer. After that I reran the scan and here is the saved file.
aswMBR version 0.9.5.256 Copyright(c) 2011 AVAST Software
Run date: 2011-05-04 15:02:08
15:02:08.681 OS Version: Windows 6.0.6000
15:02:08.681 Number of processors: 2 586 0x604
15:02:08.682 ComputerName: TDFS01 UserName:
15:02:18.946 Initialize success
15:02:20.521 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IAAStorageDevice-0
15:02:20.523 Disk 0 Vendor: ST325082 3.AA Size: 238475MB BusType: 3
15:02:20.546 Disk 0 MBR read successfully
15:02:20.551 Disk 0 MBR scan
15:02:20.554 Disk 0 unknown MBR code
15:02:20.562 Disk 0 scanning sectors +488395120
15:02:20.645 Disk 0 scanning C:\Windows\system32\drivers
15:02:31.688 Disk 0 MBR has been saved successfully to “C:\Users\Triangle Detailers\Desktop\MBR.dat”
15:02:31.688 The log file has been saved successfully to “C:\Users\Triangle Detailers\Desktop\aswMBR.txt”
Unfortunately, as I was typing this, I just had another of the Avast warnings come up. I pinned it adn here is what is says …
Please download MBAM free by clicking on the MBAM in my signature.
Start it.
Update it via the “Update” tab (important).
Run a quick scan and have it remove all it finds.
In the meantime, please do this, as we need that log anyway:
Download OTS to your Desktop and double-click on it to run it
[*]Make sure you close all other programs and don’t use the PC while the scan runs.
[*]Select All Users
[*]Under additional scans select the following Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check
[*]Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
[*]When the scan is complete Notepad will open with the report file loaded in it.
[*]Please attach the log in your next post.
On a side note … any idea where this stuff comes from. This is my work computer. So, I rarely use it for much of anything except checking my yahoo mail and some occasional internet radio (which in hindsight sounds like perfect places to pick this virus junk up).