This has been going on for a few days now, I would like to get it resolved… thanks for all help!!
Avast was giving me notifications like “avast has blocked a harmful webpage” quite frequently. I installed Malwarebytes Anti-Malware and scanned, checked everything, and deleted what it found. However, the problem did not end there. Now, avast no longer notifies me with “avast has blocked a harmful webpage.” Instead, I get Malwarebytes saying something like “Successfully Blocked Access to 162.210.192.21.” When I get this message, it says the source is avastsvc.exe. When I disable avast, it then says my browser (firefox) is the source.
My computer works fine, it boots up normally and such. I have attached the OTL logs… thanks again
Wait for a qualified removal expert to help you here.
In the mean time you could read: https://forums.malwarebytes.org/index.php?showtopic=137397
Mind that that thread there was meant for another individual user and the info cannot be adopted by you, you can seriously do damage to your OS!
You have to wait for a qualified remover to appear here to-morrow to assist you on the basis of the very logs that you provided.
Hi magna86,
thank you for looking at the OTL logs! I was trying a scan with aswMBR but my computer suddenly blue-screened (hasn’t done that in at least 1.5 years)… now I am not sure if I should try it again? Let me know if I should.
[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool . Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
Instead, I get Malwarebytes saying something like "Successfully Blocked Access to 162.210.192.21." When I get this message, it says the source is [b]avastsvc.exe.[/b]
all in /outgoing requests goes true avast webshield and MBAM see this as coming from avast ....it is not
many posts about this here
Sorry for the delay; I have attached the log. Something new has happened: the malwarebytes notification used to only come up when I had a browser open. However, a few minutes after I closed my browser and started the zoek program, I got a notification that was similar to the previous one but with two differences: the address was 41.203.69.2, and the source was skype.exe. This was new and has not happened since.
Thank you for helping me today and I look forward to speaking with you again tomorrow.
edit: on this particular notification, it also said “incoming,” I can’t say for certain but I think that is also new
Okay I am going to sleep now, here are some updates on my computer performance:
-the notifications are less frequent. I thought they were gone but I left my computer on while I took a shower and came back and there was one like what I described previously; this time, the blocked address was 59.125.229.78, also skype.exe, also incoming.
-no notifications like the original ones (outgoing, 162.210.192.21, browser)
-no blue screen
Some adware or bad browser extensions creates the MBAM’s alerts. Zoek has remove them …
Ok run this zoek script and when tool finish his work, post me fresh created zoek log.
ffdefaults;
chrdefaults;
shortcutfix;
Then …
Please download AdwCleaner by Xplode and save to your Desktop.
Double click on AdwCleaner.exe to run the tool.
[*]Click on the Scan button.
[*]After the scan has finished click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
[*]After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
[*]Post logfile will also be saved in the C:\AdwCleaner folder.
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
• To help AntiVirus to protect your computer and speed it up, I recommend that you download, install and keep the following free programs:
Keep Malwarebytes Anti-Malware, update it regularly or from time to time and run a Quick Scan weekly.
Malwarebytes will detect and remove all traces of known malware. MBAM isn’t AntiVirus and it can NOT replace it.
Keep MCShield Anti-Malware, the tool will be updated regularly and perform auto-checking for malware to each attached USB memory device.
MCShield, has been designed as a lightweight scanner that’s smart enough to catch even new worms and work in fully automatic removal mode.
It’s recommended to delete Temporary Files every once in a while. Run the tool and click on the Start button and TFC will begin to clean. Then restart the computer. Temp File Cleaner aka TFC by OldTimer
TFC is small & usefull utility that shall clean up temp files from all userprofiles and system folders.
Adjust avast! to target PUP software:
Run avast! 2014 by clicking the system tray icon in the lower right corner of the screen.
Click on Settings, in the new window that opens, click on Active Protection, then under File System Shield click on gear wheel…
Under Sensitivity part of option check box for Scan for potentialy unwanted programs PUP.
avast! Software Updater. Run avast!, click on Tools > Software Updater.
For security reasons, make sure you do update your browser(s), Java, Flash Player, and basically every software you use often.
avast! Browser Cleanup. Run avast!, click on Tools > BrowserCleanup.
Browser Cleanup tool is an integrated tool in avast! AV that allows you the control on browsers unwanted addons.
avast! Malware Scan. Run avast!, click on Scan and preform QuickScan by clicking on Start button.
Every once in a whilere, it’s recommended to preform virus scan with avast! 2014.
Windows Updates, beeing up to date is very important. Please be sure to activate automatic updates in your control panel. Widnows XP; Windows Vista; Windows 7 and Windows 8