Malicious URL Blocked explorer.exe

Hi, i am new the the forum and have a reoccurring url being blocked. (currently have 12 from the last hour-ish)

MALICIOUS URL BLOCKED
Avast! Network shield has blocked a harmful site.

Object: 213.155.31.56/_cp_gate.php?guid=6.0.6002!GAZ-PC!D4B9BCB2&ve
Infection: URL:Mal
Action: Blocked
Process: C:\Windows\explorer.exe

Any advice would be good. I am currently running a Full Scan with Avast! now.

Thank you
Dave

try clearing your browser cache/temp files

TFC - Temp File Cleaner by OldTimer
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.

If no success do this so Essexboy can have a look inside

Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
(post the logs here in this topic and not in the guide)

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( OTS log / Malwarebytes log )

I am experiencing the exact same issue from the same IP address again from explorer.exe
Avast Pops up approx every 5 mins to say Malicious URL Blocked. It come up under the network shield tab of the shields setting.

Any help would be appreciated!

@sharpinf

Run the TFC then after re-boot you need to run a scheduled boot scan… worked for me :slight_smile:

Also look here: http://xml.ssdsandbox.net/index.php/2dfe1699bd3fb09b140d5b95d023a275

polonus

@dave_bole
@Pondus

Thanks, worked a treat! ;D

I’m having the exact same problem. I tried the TFC cleaner and after that a schedules boot scan.
Avast didn’t find anything. And it Still pops up every 60 seconds :frowning:
Any other ideas?

Thanks,

bitbuster

I'm having the exact same problem. I tried the TFC cleaner and after that a schedules boot scan. Avast didn't find anything. And it Still pops up every 60 seconds :-( Any other ideas?
yes.......already posted in my reply above

It starts with: If no success do this so Essexboy can have a look inside :wink: