So I’ve recently begun receiving notices that avast! is blocking the mentioned infection, usually the first or second time I open Google Chrome after a shutdown. From the name, I’m assuming it’s just meant to redirect me to a new website, which avast! has blocked every time.
Unfortunately I didn’t get a screen capture of avast!'s notification, but the directory involved was, if I remember correctly, the typical Google Chrome directory. I remember the URL involved was something similar to tribalfusion.com, but unfortunately I don’t have the exact for either the directory or the URL. I figured I’d get it again this morning and could record it, but it hasn’t shown up. But I’d still like to get it checked out since it’s been coming up so much.
I did a threat scan on Malwarebytes earlier on when it started, but it didn’t catch anything. Since logs were required for Malwarebytes here, I figured I’d just do a more recent scan, but have it cover a bit more with a custom scan. This time it caught something as the logs will show. The file hid itself in an English translation patch I’d gotten around 3 months back. I don’t really feel like it was hidden there, as the translation has been used a fair bit, so maybe it just latched on somehow recently? Anyways, it’s in quarantine right now, so I figured I’d go ahead and finish the other logs, just to make sure things looked good. Thanks for the help guys, I appreciate it.
Unfortunately I didn't get a screen capture of avast!'s notification
if you have not rebooted since it happend, you can right click avast tray icon and select show last pop up .... and take a screenshot
the popup has a pin in top right corner so you can pin it to the screen if needed
This time it caught something as the logs will show.
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.
I tried IE, nothing popped up from avast! and nothing unusual happened. But Google Chrome didn’t always cause an avast! pop-up either. And here are my new logs.
Absolutely, I’ll be on the lookout. Despite shutting down a few times for the scans, it hasn’t popped up, which is unusual. Though Malwarebytes did quarantine the potential perpetrator, so maybe that’s why.