I have a problem similar to one discussed two years ago (https://forum.avast.com/index.php?topic=165280.0). In my case though it’s not the navigator that’s being attacked, but my torrent client (qBittorrent). Update: Chrome was induced to spontaneously open a suspect URL too, but only once
Actually, I think the infection took place through a website and now it’s trying to process something through my torrent client.
Anyway, Avast notices HTML:iframe-inf infection when qBittorrent is running, but cannot find any threat while scanning.
MBAM’s scan identified nothing either. However, as it’s now installed, it took the place of Avast in notifying me something is wrong when I run qBittorrent (I added a log generated by it too).
Neither FRST.
ASWMBR did found something. While it is scanning, even in safe mode without internet connection, it shows:
Service ESProtectionDriver C:\WINDOWS\system32\drivers\mbae64.sys LOCKED
after some seconds, Windows shows a blue screen. It says that aswmbr.sys has failed.
Could someone please help me?
Thank you in advance
Avast blocked yesterday an attempt of connecting to a URL not through qBittorrent, but through Chrome. Unfortunately I didn’t a screenshot at the moment.
I didn’t do anything. I only checked file that turns to be MS Office activator. In qBittorrent, find in trackers blocked URL and remove it from tracker list.
• The following will implement some post-cleanup procedures:
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.