I am new to the forum and I’m not very technically sound. Since the last few days, I have been getting a pop up message from Avast about a malicious URL being blocked.
I tried running full scan on tdsskiller, Norman Malware Cleaner, MBAM and AVAST but nothing was found.
This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware.
Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
If the alerts happen again after this run could you post a screenshot of the alert
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run
To disable MBAM
Open the scanner and select the protection tab
Remove the tick from “Start with Windows”
Reboot and then run OTL
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
Download ComboFix from one of the following locations: Link 1 Link 2
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks
I haven’t received any more alerts after scanning with ComboFix and the system seems to be acting fine. Will check for the next 4 - 5 hours and let you know.
If not, perhaps the same thing is true…as you can see from my thread I ran every MW/AV/etc known to man with no luck.
It was when JeffCE told me to check the file thru SystemLook…see attached post from thread that covers this.
It may be different file than yours but perhaps the experts here may want you to try this ?