Malicious URL blocked, Help!

I have this red Avast sign that keeps popping up. It runs between 10- 20 different objects before it stops. Is this a good thing or can I please make it stop?
Since this started, when I reboot my computer I get a blue screen and the puter shuts down.
I need help… I have run MBAM- shows nothing. I have run the AWcleaner, also.

Please please help!

a screenshot always help…

follow the guide on top in this forum section and attach the logs…

I will try again to attach…
Thanks

also Malwarebytes and aswMBR logs

and a screenshot of the avast popup…
click the pin in top right corner of the popup to make it stay on screen, that should give you time to take the shot

most removal specialists are in european timezone, so i guess you want see any here untill tomorrow so be paitient

Thanks for all your responses and your willingness to help. I am patient and understand the time difference.
I’m not computer dumb but what does aswMBR stand for and how do I get that information?
I am currently running Malwarebytes Anti-Malware and will get you this info you requested when its done, along with screen shot of the Avast blocked window.

aswMBR is avast rootkit tool

you find it here http://forum.avast.com/index.php?topic=53253.0

Hello again,
I have attached the aswMBR and a screen shot of the avast blocked window. I’m waiting the Maliware again. When i ran it last night it, I woke to my computer frozen w/ a black screen, had to shut it down it rebooted twice with a blue screen.
So, I am sorry its taking so long for me to get your requested info.
I really appreciate your help!

We will try this first I feel

Download the latest version of TDSSKiller from here and save it to your Desktop.

[*]Doubleclick on TDSSKiller.exe to run the application

https://dl.dropbox.com/u/73555776/tdss%20start.JPG

[*]Then click on Change parameters.

https://dl.dropbox.com/u/73555776/tdss%20Change%20param.JPG

[*]Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.

[*]Click the Start Scan button.

[*]If a suspicious object is detected, the default action will be Skip, click on Continue.

https://dl.dropbox.com/u/73555776/tdss%20threat.JPG

[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.

[*]Get the report by selecting Reports

https://dl.dropbox.com/u/73555776/tdss%20report.JPG

[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

Please copy and paste its contents on your next reply.

okay, I will try that.
Here is the data from MBAM 11/21.Malwarebytes Anti-Malware 1.65.1.1000
www.malwarebytes.org

Database version: v2012.11.15.01

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Flower :: FLOWER-PC [administrator]

11/21/2012 1:18:51 PM
mbam-log-2012-11-21 (13-18-51).txt

Scan type: Full scan (C:|D:|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 406862
Time elapsed: 2 hour(s), 55 minute(s), 52 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

I did go back through the tabs in MBAM and found tons of stuff sitting in the Quarantine for 11/14. I cant figure out how to attach since its not stored in my computer.

I ran the last program you asked… I could not copy/paste the report, it would not allow me to. I did take a screen shot and attached the final wording on the report.

why not attach the log here?

Re-run TDSSKiller with the same parameters as before
Once this element appears select delete :

\Device\Harddisk0\DR0 ( TDSS File System )

Avast will alert as the files are being moved.

THEN

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

I ran the TDSSkiller again, I have attached a pic of the final results. It does not give me an option to delete. Since, I cant delete, do I still run the Combofix?

I wasnt able to attach the report of the TDSSkiller cause it doesnt allow me to copy/paste nor does it allow me to save the file/report to my computer. I’m sorry.

The log will be at C:\TDSSKiller date time ;D

Never mind that last reply! I dont have a brain today. Next onto Combofix… Thanks

:slight_smile: okay, when they are hid its hard to find. Here are the files.

Methinks we may have got it all … How is the computer behaving now ?

So far so good! No more Avast “blocked” showing up. It hasn’t been shutting down and rebooting either. Can you help me with a few questions, I still have?
Can you tell me what may have caused it?
Was there a site someone went onto that started this pickle?
Should I clean/delete the quarantine in my Avast?

I, Thank you both for all your help! :slight_smile:

Maybe spoke to soon… Should I be concerned?
file /pic attached.

Could you run TDSSKiller once more please