multiple avast webshield blocked webpage keeps popping up

Viruses and worms
1

it keeps popping up everytime i am connected to the internet (i noticed that at least). i suppose it started after i downloaded the software YTD Video downloader. Please Help! i am quite troubled :cry:

Thank YOU very much :slight_smile:

i already downloaded the malwarebytes anti malware a while ago and currently scanning my pc now though.

any response would be greatly appreciated. i"ll wait :slight_smile:

2

Attach your basic logs. (MBAM, FRST and aswMBR…!!)
Instructions: https://forum.avast.com/index.php?topic=53253.0

3

ok ill do that. thanks :slight_smile:

4

You’re welcome, awaiting your logs…

5

here are from malwarebytes

6

It doesn’t look complete. :wink: Anyway, the most important ones are your FRST logs.

7

any more? :smiley: let me know if i missed any thing.

8

Now you’ve to wait a bit…

9

ok ;D

10

Your other thread @ https://forum.avast.com/index.php?topic=160147.0

Desktop.ini is normal. Don’t delete it. FRST automatically un hides these files for scanning. They will be re-hidden at the end.

11

many thanks, now i know. i thought it was done by a virus avast coudn’t detect. thanks again

12

You’re very welcome.

Wait until someone arrives. I presume Asyn PM’d the removal team. I hope.

13

Just message me anytime you’re done yes? I’ll catch it up as soon as I can. Thank you ;D

14

Hi there, the first thing you must do is uninstall Chrome as it has been changed to the developer version, this means there are no safeguards and security restrictions in place

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

Startup: C:\Users\jbmalunao\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk ShortcutTarget: MyPC Backup.lnk -> C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe (MyPCBackup.com) GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION BHO: GOSave -> {0563d5ef-f5fd-43fe-94ce-75c30f5c7527} -> C:\Program Files (x86)\GOSave\KSgOcUwXYnL1Cu.x64.dll () BHO: No Name -> {40ac3779-0203-46fd-b63a-89149d6e0bdf} -> No File BHO-x32: GOSave -> {0563d5ef-f5fd-43fe-94ce-75c30f5c7527} -> C:\Program Files (x86)\GOSave\KSgOcUwXYnL1Cu.dll () BHO-x32: No Name -> {40ac3779-0203-46fd-b63a-89149d6e0bdf} -> No File R2 BackupStack; C:\Program Files (x86)\MyPC Backup\BackupStack.exe [36936 2014-09-10] (Just Develop It) <==== ATTENTION S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X] S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X] Task: {0E60A852-52D4-4588-84BD-CC447371A323} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {E0FB9B8E-B82E-4657-AF09-CE9475B63A97} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\jbmalunao\AppData\Local\Google\Chrome\User Data\Default C:\Program Files (x86)\MyPC Backup C:\Program Files (x86)\GOSave

EmptyTemp:
CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

15

here is the first log :slight_smile:
kindly check if something might be wrong because I forgot to uninstall first my chrome before I ran the FRST and fixed it. I did the fixing with FRST twice though. :-\

16

Not a major problem. Did you run adwcleaner ? If so could you now run a fresh FRST scan please

17

i apologize for not attending you this week I was quite busy then. But anyways,

here are my recent the logs of FRST and Adwcleaner, respectively :slight_smile:

hope I can still receive a response from you :wink: . Thanks a lot!

18

Can you attach a Fresh FRST log as well.

You attached fixlog and Adwcleaner, both of which were needed, so don’t take those down.

19

here it is FRST log. is this it? this was scanned a second ago :slight_smile:

20

Could you uninstall Chrome please as it has been changed to developer build and that is unsafe…

How is the computer behaving now ?