Hi there,
I was hit by several popups by Avast today indicating that so/sth tries to bring malware to my computer. The screenshot is attached. The rubric “Action taken” in all of the shown cases is “Blocked”.
Is there any possibility that though it has been blocked a virus or trojan might have been installed on my machine? I dont have Java installed on this machine. Is the trojan that Avast caught related to Java?
Thanks so much!
hey please follow this guide and attach your logs.
Hi,
here is what I can provide:
Full Scan with Avast Free. Defaul Scan Settings (“Middle”, “Do not Scan for PUP” etc.)
→ No results.
Full Scan with Malwarebytes Anti-Malware. Here is the log. I apologize it is in German.
→ No results were found
Windows 7 Service Pack 1 x86 NTFS Internet Explorer 9.0.8112.16421 xxx [Administrator]26.09.2012 17:47:12
mbam-log-2012-09-26 (17-47-12).txtArt des Suchlaufs: Vollständiger Suchlauf (C:|D:|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 254703
Laufzeit: 2 Stunde(n), 36 Minute(n), 44 Sekunde(n)Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)
Avast only has the 7 results in the report file of the webshield (it says 1274/7). No other shields show results.
Unfortunately I have no possibility to install OTL or aswMBR.exe at the moment.
And an addition to the screenshot in the first post: the first 6 results do not show the exact URL; it is the same of the last (7th) result. One can find that out when hovering with the mouse over the result.
Can you give me at least your opinion so far on the problem? I would very much appreciate this.
Would you say that the computer is safe to do things like ebay or perhaps even online banking?
Thank you very much!
Can you give me at least your opinion so far on the problem? I would very much appreciate this.if you have random pop-ups from avast blocking a URL, then you may have a rootkit trying to phone home
surf this forum section and see all the others that Essexboy is working/have worked on…
so to fix he need the logs 
Hi,
the problem for me is that it is my girlfriend’s computer and I will only have access to install new programs in a couple of weeks. MBAM, HitmanPro as well as Avast, of course, are installed on the computer and I have assisted to create logs etc.
if you have random pop-ups from avast blocking a URLNo, there are no random popups. There were a few (I guess 7 because this is the number of blocked access entried in the avast webshield) once and no other popups since.
They are webshield java blocks i.e the website was infected
Thank you!
Is this related to Java or JavaScript? Java is not installed on the computer. So that would be a great relief.
So as long as no other popups turn up, this is just the indication that Avast has blocked access right? Together with the scans that should be fine then?
Edit: this is one URL that was blocked
/directagain.net/in.php?source=7777q=ciesuid=56rnd=0j1aomGQdgans8berqbv%2Bg%3D%3D
Would so. Be so kind and look into it? I would really be grateful.
If you could run the standard OTL scan I will certainly look at it, it is a Javascript possible on that web site
edit