Malicious URL Blocked

The following message is apearing every 30 seconds or so and I can’t download anything to scan it or remove it.
Please help.

Malicious URL Blocked
avast! Network Shield has blocked a harmful site.
object: http://vjlvchretllifcsgynuq.com/UhZq14Rh… (this is different every time)
Infection: URL:Mal
Action: Blocked
Process: C:\WINDOWS\System32\svchost.exe

Hi raresh,

Follow this guide:
http://forum.avast.com/index.php?topic=53253.0

Attach here logs:

AdwCleaner ← cleening adware & junkware …
Malwarebytes ← preventive & first step for malware removal
OTL and aswMBR ← primary system and antirootkit diagnostic tools.

can not download anything. If it shows that it downloaded it, I can’t run it.
tried with another browser and everithing I download gets deleted because it sais it’s infected

What system you have? Windows7, Vista…?

Windows 7 Ultimate

Sometimes one can search for expired and deleted domains used for these malicious purposes: http://www.justdropped.com/drops/022212com.html
That IP launches malwared like Java/Exploit.CVE-2012-0507.L trojan and Exploit.TIFF.Gen
I wonder if you java software is outdated and so vulnerable to these infections?

polonus

Try to run RogueKiller.
http://forum.avast.com/index.php?topic=53253.0

If you fail again to run RogueKiller, then run this tool:

[*]Download FRST to a USB flash drive.

Download link is for 32bit(x86) or x64bit based system:
http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

[*]Plug the USB drive into the infected machine.

Boot your computer into Recovery Environment

[*]Restart the computer and press F8 repeatedly until the Advanced Options Menu appears.
[*]Select Repair your computer.
[*]Select Language and click Next
[*]Enter password (if necessary) and click OK, you should now see the screen below …

http://i1090.photobucket.com/albums/i366/garyr56/W7InstallDisk2.png

[*]Select the Command Prompt option.
[*]A command window will open.

[*]Type notepad then hit Enter.
[]Notepad will open.
[list]
[*]Click File > Open then select Computer.
[*]Note down the drive letter for your USB Drive.
[
]Close Notepad.[/list]
[*]Back in the command window …

[*]Type e:/frst.exe
(or type e:/frst64.exe If you download the FRST for 64-bit windows) and hit Enter
(where e: is replaced by the drive letter for your USB drive)

[*]FRST will start to run.
[list]
[*]When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]When finished scanning it will make a log FRST.txt on the flash drive.[/list]
[*]Next

[*]Type explorer.exe;winlogon.exe;services.exe into the Search: field in FRST then click the Search File(s) button.
[*]FRST will search your computer for files and when finished it will produce a log Search.txt on the flash drive.
[*]Exit FRST.
[*]Close the command window.
[*]Boot back into normal mode and post me the FRST.txt and Search.txt logs please.

same story.
Can’t download anything. Not even on USB drive

Hi raresh,

Malware identified as Gen:Variant.Symmi.17255, infected through skype…
Make that link non-click-through, like with hxtp://etc. → https://www.virustotal.com/nl/url/f68d3515a3836075ead23aee0b68147edc0f6e64a5d204cedac8ca4db419a383/analysis/1369948357/
and
http://urlquery.net/report.php?id=1525068
malware analysis: https://dylansserver.com/note/malware_analysis
and
http://blog.webroot.com/2013/04/04/madimahdiflashback-os-x-connected-malware-spreading-through-skype/

polonus

and what can I do in this case? How can i get rid of it?

Follow magna86’s intructions to the dot, that is what you should do…

polonus

Hello! Y was having a license for 1 year , but after 1 week Y do not have it. Please give me that year free license. Send me a email with the answer please make a verification. thank you

but I told you, I can’t download anything. Every single file I download it’s getting deleted as it says it’s infected.

@raresh

Did you try to run some tools in safe mode?

Do you have clean PC?
From clean computer, download FRST and then on infected computer, run FRST from Recovery Environment.

Downloaded and tried to do what you said, but didn’t worked so I decided to format my computer.
Still, I tried one more thing and it worked. I made a system restore and now it’s working fine. No more alerts.
Thank you.

Did you see to it all of the OS and third party software like java for instance was fully updated and patched,
else you could be reinfected before you cpi;d say Jack Robinson,

polonus

the software updater from avast says it’s all up to date.

Then you are good to go,

pol