Avast continuously show me that it has detected a this dangerous program (skegnessasc.org), but it never tell me how to get rid off it.
I tried using AdwCleaner but it did not detect the problem.
Please, please, please, help me…
Attach your basic diagnostic logs. (MBAM and FRST)
Instructions: https://forum.avast.com/index.php?topic=194892
Monitoring.
sorry, I have problem with this point:
In the Guide it is wrote “When the scan is complete, if threats are detected, make sure that everything is selected, click Remove Selected”
But I don’t see any “Remove Selected button”.
Use Quarantine option. 
I imagined, but better be sure…
ok. These are my attachments
OK, now you’ve to wait a bit… (Valinorum will check your logs)
Uninstall JDownloader 2. Are you using a pirated version of Adobe Products. If yes, I will counsel you to remove it as they are one of the major sources of malware distribution.
[*]Step #1 Scan with Zemana Anti-malware
Download and install Zemana anti-malware from here.
[*]Double-click to run the software;
[*]Click on the gear-icon on the top right portion to navigate to Settings.
[list][*]Click on Scan > put a tick on Create System Restore
[*]Click on Advanced > put a tick on Check for Suspicious Root Certificates
[*]Click the home icon on top left and click on Scan
[*]After scan finishes click on the report tab on the top right corner;
[*]Choose the latest report by clicking on it and click on Open Report afterward.
[*]Copy and Paste the contents of the report in your next reply.
[/list]
[*]Step #2 Fix with FRST
Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
[*]Open Notepad.exe. Do not use any other text editor software;
[*]Copy and Paste the contents inside the code-box to your Notepad –
Start
CreateRestorePoint:
CloseProcesses:
EmptyTemp:
bl (HKLM-x32\...\{2A075BB4-E976-4278-BF3F-E5C6945D84C0}) (Version: 1.0.0 - Your Company Name) Hidden
CustomCLSID: HKU\S-1-5-21-223384220-4238443302-1333253475-1001_Classes\CLSID\{59B55F04-DE14-4BB8-92FF-C4A22EF2E5F4}\InprocServer32 -> C:\Users\vaian\AppData\Local\Google\Update\1.3.31.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-223384220-4238443302-1333253475-1001_Classes\CLSID\{8C46158B-D978-483C-A312-16EE5013BE04}\InprocServer32 -> C:\Users\vaian\AppData\Local\Google\Update\1.3.33.3\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-223384220-4238443302-1333253475-1001_Classes\CLSID\{CB492AF1-2CEF-4E58-BE47-471C77D0C8BA}\InprocServer32 -> C:\Users\vaian\AppData\Local\Google\Update\1.3.32.7\psuser_64.dll => No File
Task: {7883153C-E655-4482-890D-BC47F1739FB1} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
End
[*]Click on File > Save as…
[list][*]Inside the File Name box type fixlist.txt
[*]From the Save as type drop down list, choose All Files
[*]Save the file to your Desktop;
[*]Re-run FRST.exe and click Fix;
[*]Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.[]After the completion, a log will be produced;
[]Attach the log in your next reply.[/list]
Ok.
This is what the step 1 (Scan with Zemana Anti-malware) produced. Now I’m doing the next step.
Zemana AntiMalware 2.74.2.76 (Installed)
Scan Result : Completed
Scan Date : 2017/6/29
Operating System : Windows 10 64-bit
Processor : 8X Intel(R) Core™ i7-6700 CPU @ 3.40GHz
BIOS Mode : UEFI
CUID : 12579C6987E704AAE651C1
Scan Type : System Scan
Duration : 12m 42s
Scanned Objects : 120371
Detected Objects : 3
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
Firefox Search
Status : Scanned
Object : Hoepli - http://dizionari.hoepli.it
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search
wrc@avast.com
Status : Scanned
Object : %appdata%\mozilla\firefox\profiles\f6brhqtr.default\extensions\wrc@avast.com.xpi
MD5 : F4D84EDE07FC20A22993292E221B9B55
Publisher : -
Size : 692271
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Repair
Related Objects :
Browser Extension - wrc@avast.com
File - %appdata%\mozilla\firefox\profiles\f6brhqtr.default\extensions\wrc@avast.com.xpi
Sims2EP9.exe
Status : Scanned
Object : D:\EA GAMES\The Sims 2 Mansion and Garden Stuff\TSBin\Sims2EP9.exe
MD5 : 1FDCB038ED628672F107A110BA47DB62
Publisher : -
Size : 46208224
Version : 1.17.0.66
Detection : Malware:Win32/Gavin.A!Iike
Cleaning Action : Quarantine
Related Objects :
File - D:\EA GAMES\The Sims 2 Mansion and Garden Stuff\TSBin\Sims2EP9.exe
Reference - C:\Users\vaian\Desktop\The Sims 2.lnk
ok.
This is what the step 2 produced:
Are you still facing the issue?
Yes.
Now, i’m unistalling The Sims 2. I think the problem depend on it.
Let me know.
I removed the application (The Sims 2) but the problem continues.
I’m repeating the Steps 1 and 2. This is the output of the Step 1:
Zemana AntiMalware 2.74.2.76 (Installed)
Scan Result : Completed
Scan Date : 2017/6/30
Operating System : Windows 10 64-bit
Processor : 8X Intel(R) Core™ i7-6700 CPU @ 3.40GHz
BIOS Mode : UEFI
CUID : 12579C6987E704AAE651C1
Scan Type : System Scan
Duration : 14m 8s
Scanned Objects : 116862
Detected Objects : 2
Excluded Objects : 0
Read Level : Normal
Auto Upload : Enabled
Detect All Extensions : Disabled
Scan Documents : Disabled
Domain Info : WORKGROUP,0,2
Detected Objects
Firefox Search
Status : Scanned
Object : Hoepli - http://dizionari.hoepli.it
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Suspicious Browser Setting
Cleaning Action : Repair
Related Objects :
Browser Setting - Firefox Search
wrc@avast.com
Status : Scanned
Object : %appdata%\mozilla\firefox\profiles\f6brhqtr.default\extensions\wrc@avast.com.xpi
MD5 : F4D84EDE07FC20A22993292E221B9B55
Publisher : -
Size : 692271
Version : -
Detection : PUA.FirefoxExt!Gr
Cleaning Action : Repair
Related Objects :
Browser Extension - wrc@avast.com
File - %appdata%\mozilla\firefox\profiles\f6brhqtr.default\extensions\wrc@avast.com.xpi
Cleaning Result
Cleaned : 2
Reported as safe : 0
Failed : 0
this is the log produced by the second step (attached)
[*]Step #3 Fix with AdwCleaner
[*]Download AdwCleaner by Xplode to your Desktop from the following link.
[list][]Download Link #1
[]Download Link #2
[*]Right-click on AdwCleaner.exe and choose Run as administrator;
[*]Click on Option and put a tick mark on everything;
[*]Click on Scan and let the program run unhindered;
[*]When done, click on Clean and allow the system to reboot after it is done;
[*]A log will be opened automatically after the restart. If not, it is located in C:\AdwCleaner\AdwCleaner[CX].txt, where X is replaced with a number;
[*][Attach this log in your reply.[/list]
[*]Step #4 ESET Online Scanner
Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
[*]Download esetsmartinstaller_enu.exe by clicking here.
[*]Right-click on the program and choose Run as administrator.
[*]Accept their terms and condition and proceed.
[*]Install Add-On/Active X if prompted.
[*]From the Computer Scan Setting check the following box –
[list][*]Enable detection for potentially unwanted programs
[*]Click on Advanced Setting –
[*]Uncheck the box beside Remove Found Threats;
[*]Check the box beside Scan archives
[*]Check the box beside Scan for potentially unsafe applications
[*]Check the box beside Enable Anti-Stealth Technology
[*]Click on Start and wait for the virus signature database to update.
[*]The online scan will begin automatically and can take several hours.
Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
[*]After the Scan finishes –
[*]If no threats were found:
[list][*]Put a checkmark in Uninstall application on close.
[*]Close the program and report that nothing was found
[*]If threats were found:
[*]Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
[*]Attach the log file in your next reply.[/list][/list]
Note: Enable your security programs afterwards.