malicious URL

I keep getting a message that Avast has blocked a malcious URL.

http://download.newnext.me/spark.bin?rnd
Infection: URL:Mal
process: c:\windows\sysWOW64\rundll32.exe

What should I do?

hey and welcome to the forum

please follow this guide and attach your logs

we need the logs from mbam, otl and aswmbr

http://forum.avast.com/index.php?topic=53253.0

a malware expert will help you from there.

Thanks!
Will get back with the logs.

I don’t get any more warnings after removing infections using MBAM.
Do I need to proceed with the rest of the tools? :slight_smile:

there may be leftovers that need to be removed so run OTL and attach the log

also attach Malwarebytes log so that the malware expert can see what was removed

The logs are attached.
Thanks to all for your help!

Hi,

Please download zoek.zip or zoek.rar by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*]Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait for the tool to start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

createsrpoint;
gpt.ini;z 
C:\Windows\System32\GroupPolicy;v
C:\Windows\SysWOW64\GroupPolicy;v 
StandardSearch; 
emptyfolderscheck; 
installer-list; 
installedprogs; 
uninstall-list;

[*]Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log