Malicious URL Problem Virus - Please Help.

Hi,

I keep getting a recurring pop-up with this message.

MALICIOUS URL BLOCKED

Infection Details:

URL: http://inuxland.eu/xmlrpc.php
Process: C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools\MediaIconsOverlays.dll
Infection::URL:Mal.

I have run scans and Malwarebytes as well as everything else, here are my logs. I have no idea where this website is coming from. Any help would be appreciated, thanks.

Hi it was in the codec pack you recently downloaded

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
IE - HKU\S-1-5-21-602162358-73586283-839522115-1004\..\SearchScopes\{4593ECE1-C6C4-4A27-A90B-A0D2AEF7D595}: "URL" = http://start.funmoods.com/results.php?f=4&a=bf4&q={searchTerms}
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
[2013/05/20 19:41:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\MyFree Codec

:Files
C:\Documents and Settings\All Users\Application Data\Microsoft\Media Tools

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Thanks for the help. I was completely lost.

Here’s the log:

Are you still getting the alerts ?

No, they have stopped. Thanks.

Run OTL and press the cleanup button

Okay, that’s done. Is there anything else I should do?

Nope, if you are happy you are good to go :slight_smile:

No I’m happy with that. Weird thing is I don’t know when I downloaded the codec. Thanks for the assist.

[2013/05/20 19:41:28 | 000,000,000 | —D | C] – C:\Documents and Settings\All Users\Start Menu\Programs[b]MyFree Codec[/b]

I just started to get the same problem a few days ago. I’m not sure if I am running the cleanup program correctly.

I’m not getting a report posting on my notepad. Is there someway I can dig into it and get the results?

Could you follow the steps in this thread http://forum.avast.com/index.php?topic=53253.0 and create your own topic please

hi,
I keep getting a recurring pop-up with this message.

MALICIOUS URL BLOCKED

Infection Details:

URL: http://inuxland.eu/xmlrpc.php
Process: IEXPLORER.exe

Can you help me?
thank

Could you create your own topic please http://forum.avast.com/index.php?topic=53253.0