I keep on getting this warning and the site is identified as yourcpmsolution.biz, sometimes it is a sub-domain of this main domain.

I have done an Avast, Malwarebytes, Spybot and Superantispyware checks and none of them find anything.

I use the Firefox browser v3.6.17, I went to V4.01 but this Avast warning kept on crashing the browser. I don’t have the same warnings in any other browser IE, Opera, Chrome or Safari. So it looks as though my Firefox installation is infected, I have tried reinstalling without success.

Anyone got any ideas / suggestions please?

can you post a screenshot of the warning?

if you right click the avast icon down by the clock there is a “show last popup” and the pin in the corner will pin it to the screen…

Thanks for the quick reply.

This is just one example there are many different messages but all are to this URL.

try this

• download and save aswMBR.exe to desktop http://public.avast.com/~gmerek/aswMBR.exe
• click aswMBR icon to run and then scan
• click save log and post it here in your next reply

Thanks log file attached.

Log looks clean to me…

next, try this

Kaspersky TDSSKiller http://support.kaspersky.com/faq/?qid=208283363

Thanks. Done that and it reports nothing found ??? Still getting the Malicious warning message too. I just got it posting this reply.

OK then we call in the expert

Follow this guide from our expert malware remover Essexboy
http://forum.avast.com/index.php?topic=53253.0
( post the logs here in this topic and not in the guide )

To avoid using multiple post with copy and paste you have to attach the log`s
Lower left corner: Additional Options > Attach ( OTS log ) save OTS log as ANSI

Essexboy will look at the log when he arrive…

Thanks for trying to help me. I’ll do that now.

Could you confirm it is Firefox only that is having the problem

Hi, Yes I can confirm that it is only Firefox. But this is my usual browser so to stop using it would be a real pain.

I attach the Mbam file and the ots file. Mbam found nothing.

I must admit I hate Firefox as there are so many nooks and crannies where the malware can hide… I see you have run combofix, could you attach the log please

Start OTS. Copy/Paste the information in the quotebox below into the panel where it says “Paste fix here” and then click the Run Fix button.

[Unregister Dlls]
[Registry - Safe List]
< FireFox Extensions [Program Folders] > -> 
YY -> z   -> C:\Program Files (x86)\Mozilla Firefox\extensions\{9cda59e5-5726-b7e5-cc9c-24262bba3ddc}
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
  

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here

I will review the information when it comes back in.

This caused me a major problem.

OTS told me to reboot without creating a log file. On reboot PC hung with no desktop. Forced reboot and still no desktop. Killed explorer.exe process and started a new one and eventually got back here. I will try and find the combofix file, any ideas where it may be? What about the ots file will that have been saved anywhere?

That does not sound right for OTS the log should be in the same location as OTS and the combofix log should be at C:\combofix

Has it booted OK now ?

PC is up and running now having to start some processes manually.

The OTS log is the original one that I already posted. I have found the combofix one but it is about a week old (that is how long I have been trying to fix this for). I should have come here sooner.

It looks as though I may now be clear as I haven’t had the warning so far in this browsing session.

Which ones are you needing to start manually - as I went nowhere near the run keys

1. Please open Notepad
   [*] Click Start , then Run[*]Type notepad .exe in the Run Box.

2. Now copy/paste the entire content of the codebox below into the Notepad window:

File:: c:\program files (x86)\Mozilla Firefox\extensions\{9cda59e5-5726-b7e5-cc9c-24262bba3ddc}\components\ef292d18.dll

3. Then in the text file go to FILE > SAVE AS and in the dropdown box select SAVE AS TYPE to ALL FILES

4. Save the above as CFScript.txt

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif

6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
   [*]Combofix.txt [*]A new OTListit log.

Hi,

Things like Skype, Messenger, Snarfer etc.

No need to reboot.
No OTListit log generated but combofix log attached.

Thanks for all your help.

Is Firefox still causing problems ?

No it now seems OK as I mentioned earlier. I haven’t had the problem since the awkward reboot.

If you are still OK tomorrow let me know and I will remove my tools