I’m hoping someone here can help me out with this problem that’s been happening the last 2 weeks.

Every 5 minutes I get an avast pop-up warning saying that avast has blocked a malicious website from opening. This happens all by itself, when I’m not opening anything. It comes from the same place every time, and this is what it says:

Infection Details
URL: hXXp://ycxv.net/result/?affiliate
Process: C:\Users\myname\AppData\Local\OverDrive…
Infection: URL:Mal

Additionally, when I open some sites from a google search, the page I open sometimes gets re-directed to a different spam site full of ads.

I’ve done full scans, a boot time scan, a Malwarebytes scan, and it hasn’t found any viruses on my system. Any ideas?

Thanks!!!

Please ‘modify’ your post change the URL from http to hXXp, to break the link and avoid accidental exposure to suspect sites, thanks.

This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.

Ok, I’ve done the scans and attached the logs. What should I do now?

also attach aswMBR log

What should I do now?

now you wait.....malware removers are notified but it may take hours before on arrive

Let me know if this stops it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF

:OTL O3 - HKU\S-1-5-21-2259030241-3016852392-550348852-1001\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found. O3 - HKU\S-1-5-21-2259030241-3016852392-550348852-1001\..\Toolbar\WebBrowser: (no name) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - No CLSID value found. O4 - HKU\S-1-5-21-2259030241-3016852392-550348852-1001..\Run: [OverDrive] C:\Users\Jeffrey\AppData\Local\OriverDve\ubtrhygi.dll ()

:Files
ipconfig /flushdns /c
C:\Users\Jeffrey\AppData\Local\OriverDve

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Thank you so much. So far it looks like that has fixed it. You guys are awesome!!!

If you are happy run OTL and hit the cleanup button