Last time I was here, I got a lot of help, and I’d like to say thanks for that. I figured there’s no better place to get my latest problem squared away than here.

The other night, I had a bit of a scare when I was on memegenerator, clicked on My Page, and was redirected to a strange URL and got a pop up from AVG saying that some sort of “Black Hole Kit” was blocked. Later that night, a number of Trojans were detected, so I immediately went into safe mode and did a System Restore. After that, AVG found a “Generic26” Trojan, which, I was surprised to see was supposedly quarantined. I deleted that, ran a few system scans and came up empty. I thought I was in the clear, until today when I randomly got a little pop up that said “preparing to copy” and then “copying 59 items” before it quickly disappeared. I don’t know exactly what that was about, but I’m really hoping it’s not what I’m thinking. I turned off my computer, and now I don’t really know what to do. Any advice or explanations as to what that pop up could have been? Thanks!

for help, follow the guide…
http://forum.avast.com/index.php?topic=53253.0

Ah yes, I forgot the proper procedure, thanks for reminding me.

Here’s the MBAM log:

Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org

Database version: v2012.02.23.05

Windows 7 x64 NTFS
Internet Explorer 9.0.8112.16421
Ean :: EAN-HP [administrator]

Protection: Enabled

2/26/2012 3:55:42 PM
mbam-log-2012-02-26 (15-55-42).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 204875
Time elapsed: 11 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Just scanned with OTL exactly as described, but for some reason, only the OTL.txt file was saved, and not the Extras.txt file? Not sure why that is. Anyway, here’s OTL.txt. If I need Extras.txt, please let me know and I will rescan. Thanks.

Could you run aswMBR as well please

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

If you have Malwarebytes 1.6 or better installed please disable it for the duration of this run

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL IE - HKU\S-1-5-21-2105176322-3341146639-2410393468-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;127.0.0.1:9421;

:Files
ipconfig /flushdns /c

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

I am currently running aswMBR, and will post the log as soon as I am done. Thank you for assisting me.

Alright, here’s the aswMBR log. Should I still run the OTL fix, or would this log change anything?

Should I still run the OTL fix,

yes

OTL crashed during the fix, and nothing is responding. Is it safe to restart my computer and attempt to run the fix again? I’m not sure what other course of action I could take at this point.

Looks like the second time was a charm; I ran the fix, rebooted, and ran a quick scan. Here’s the log from the OTL quick scan. Thanks again!

Are you getting any further alerts ? And how is the system running

It’s been running well, and no alerts since I ran your fix. If I have any further difficulties, I’ll let you know if that’s alright. Thank you, you wouldn’t believe how much I appreciate the help!

To clear OTL just run it and hit the cleanup button