I keep getting pop ups saying Malicious Malware Blocked. It does this repeatedly, and is very annoying. How do I get it to stop doing this. It just started doing it yesterday.
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Monitoring - could you also include the details on the alert popup
After the pop up it went to a screen that said Idogged a bullit. It had this information in a box on the side.
Infection Details
URL:http://109.235.49.172/click.php?s
Process:C:\WINDOWS\system32\svchost.exe
Infection:URL:MAL
Could you run the log sequence please and attach them here
Hi all,
The IP seems to be a unknown code injection/blackhole exploit attack…
see all reports come up as benign:
http://urlquery.net/report.php?id=84530
http://zulu.zscaler.com/submission/show/d4a1edba4ab79a4394debd4ee09131f4-1341650752
but this attack redirects to fake google.com that has a code injection:
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
<!-- a padding to disable MSIE and Chrome friendly error page -->
so the machine in question has some unknown or brand new redirector malware
What is on the other end isn’t relevant as avast is blocking the connection, leave it in essexboy’s capable hands to to clear the infection on the system once the OP posts their logs.
How do I attach the logs? Thanks.
In the Reply window you will see “Attachments and other options” that is how they are attached.
Thanks, How do I run the log sequence and attach them?
Follow the link posted in reply #1
It won’t let me attach it. It says it is a MBR.dat.
Attach the following please
aswMBR.txt
OTL.txt
Here is one. I can’t seem to find the other one.
I believe this is the other one.
Did you press run scan or run fix ?
On which one? I can run it again if needed.
The OTL scan failed so I would like you to run it again
[*]Run OTL
https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif
[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
HKEY_CURRENT_USER\Software\Microsoft\Windows Media\WMSDK\Local\AutoProxyCache /s
CREATERESTOREPOINT
[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs
I tried to download OTL and got this message 403 Forbidden.Access to this resource on the server is denied! Is there another way to download it? Thank You
http://majorgeeks.com/OTL_OldTimers_List-It_d7074.html
Use this link