Hello,
I am constantly getting avast notification of a blocked malware wpad.net, every time a program run.
I have followed the intruction available in another post (topic=109846.0) and combofix improved a bit things but didn’t fix the issue.
I see that i am the second one today with the same issue, is there anything we can do?
Thanks for your help
Please run these prgrams in the ordered list…
http://forum.avast.com/index.php?topic=53253.0
Adwcleaner/MBAM (Quick Scan Updated)/OTL/AswMBR.
If the tools crash please run them in Safemode. After that I will notify Essex or somenoe to assit you with any probelms.
Also, please do not run any other fixes from other threads. This can damage your system. This goes for ComboFix and OTL.
Still with us?
collecting the file, here the first two logs
here the other
Could you let me know if this stops it
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
IE - HKU\S-1-5-21-1634337353-1937076583-2420443773-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://startsear.ch/?aff=1&q={searchTerms}
@Alternate Data Stream - 1354 bytes -> C:\ProgramData\Microsoft:KWSWuofp8VWYKBG2Zw
@Alternate Data Stream - 1181 bytes -> C:\ProgramData\Microsoft:BW0fgzVxO93nuHHHKBFzQlJ
@Alternate Data Stream - 1151 bytes -> C:\ProgramData\Microsoft:D4ZBgfpLhK2j1XXN8pLQh
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
hi, it seems fine, but I will check for the next couple of days
attached the latest scan
Let me know when you are happy and I will tidy up
it still happened again for the avast update 
Could you temporarily disable the Kies items using MSconfig please and let me know if that stops it
I have disabled Kies from the startup application and restarted, still getting the same error, even if only once/twice every boot (much better than at the beginning)
Could you report that as a false positive please as Avast is reporting itself
Hello i have done it, but it doesn’t change. Now it appears as well referring to firefox.exe
OK lets try a registry search
Run OTL with the following script please
hklm\software\clients\startmenuinternet|command /rs hklm\software\clients\startmenuinternet|command /64 /rs
I have just installed Skype on my system and am checking it out
it tells me that the code is not valid, and today the error is with every app I have open again. Apparently all of this after avast updates
below the exact error message:
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /rs> in the current context!
Error: Unable to interpret <hklm\software\clients\startmenuinternet|command /64 /rs > in the current context!
Did you press run scan for OTL ?
I have installed Skype on my system and there is not a peep from Avast so I do not feel now that this is a false positive
it started to really do it with any application i have opened, and everyday it is installing an avast update, or at least i can see the green window
Do you use a router to connect to the net ?
Yes I do,
I have attached the latest log file from the OTL test