Earlier today i was browsing the web and I got a popup from avast saying It detected malware. I didn’t get a screenshot of it, but it was called
JS:Redirector-BOB [Trj]
I did a scan with avast and it didn’t find anything, but I’m still worried.
hey and welcome to the avast forum. you can be safe avast have protected you from the virus. but if you wanna a check up
please follow this guide and attach your logs we need the logs from mbam.otl. awsmbr.
http://forum.avast.com/index.php?topic=53253.0
a malware expert will help you from there.
if you have not rebooted since it happend you can right click avast tray icon and …show last popup…click the pin in top right corner of it to make it stay onscreen and take screenshot
Here are the logs
That may have been an alert on the webpage, have you received it since ?
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
[2013/11/28 13:29:24 | 000,000,000 | ---D | M] (surf. andd Keep) -- C:\Users\Paul JR\AppData\Roaming\Mozilla\Firefox\Profiles\04pbkdbe.default\extensions\zshh7u-sxap@eieaorhdln.co.uk
:Files
C:\Users\Paul JR\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpcfejhpigemnofdpflmghihpcfoclmi
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Haven’t received it since avast gave me that warning. I know the site I was on is safe to use though. I only use Mozilla firefox when I go on the web for a while now.
What site was it ? just give the name not a link
MyAnimeList
No alert on that site currently
On completion of the OTL fix could you visit the site and see if the alert re-appears
Ok, did the fix and it wouldn’t let me back onto my user account so I restarted my pc and it let me on. Visited and didn’t get an alert.
If you have no further alerts in the next day or so let me know and I will tidy up
Alright, but what exactly could have caused that popup if it weren’t for the webpage?
You had a dubious extension in Firefox which I removed
Oh alright. Thanks for all the help.
Ok, no alert so far. Just started my computer and it was a little slow so I opened up the task manager and clicked on show all users. For some reason firefox was running.
Never started firefox and it seemed a bit strange…
That is a bit weird… Lets have another look to see if can locate where it is starting from
Could you run a fresh OTL scan selecting all users
just check again and this time firefox wasn’t running, but here’s the log.
Hmm intriguing is the startup back to normal now ?
Yea everything is normal now, if anything happens or I suspect something I will tell you.