I have been getting multiple “Malicious URL blocked” notifications from Avast, about 2-3 a min. They are all coming from Process: svchost.exe
have run AV scan and mbam and they have not helped. Please help me
Mbam log:
Malwarebytes Anti-Malware 1.62.0.1300
www.malwarebytes.org
Database version: v2012.08.19.07
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
Doodle Bug :: DOODLEBUG [administrator]
8/19/2012 3:57:18 PM
mbam-log-2012-08-19 (15-57-18).txt
Scan type: Full scan (C:|D:|G:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 62678
Time elapsed: 52 minute(s), 1 second(s) [aborted]
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 6
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{0ED403E8-470A-4A8A-85A4-D7688CFE39A3} (Adware.Gamevance) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEBF} (Adware.SmartShopper) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{3CC3D8FE-F0E0-4DD1-A69A-8C56BCC7BEC0} (Adware.SmartShopper) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{4A7C84E2-E95C-43C6-8DD3-03ABCD0EB60E} (Adware.SmartShopper) → Quarantined and deleted successfully.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats{BEAC7DC8-E106-4C6A-931E-5A42E7362883} (Adware.GameVance) → Quarantined and deleted successfully.
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 3
C:\Documents and Settings\All Users\Documents\SoftonicDownloader_for_putty.exe (PUP.OfferBundler.ST) → Quarantined and deleted successfully.
C:\Documents and Settings\Doodle Bug\Local Settings\Application Data\Xenocode\Sandbox\Mafia Bot\1.0.306.0510\2010.06.28T09.11\Native\STUBEXE\8.0.1112@PROGRAMFILES@\Mozilla Firefox\firefox.exe (Trojan.Agent) → Quarantined and deleted successfully.
C:\Documents and Settings\Doodle Bug\Local Settings\Application Data\Xenocode\Sandbox\Mafia Bot\1.0.306.0510\2010.06.28T09.11\Virtual\STUBEXE\8.0.1112@PROGRAMFILES@\MafiaBots.com\MafiaBot\mBot.exe (Trojan.Agent) → Quarantined and deleted successfully.
(end)