New here…and sorry if this is a noob question or what DX I use Avast 4.8 Pro and for some reason Script Blocker keeps popping up even if I’m using Firefox, or no web browser is open at all. I once thought it was because of Yahoo Messenger, but I realized that while I was performing a thorough virus scan, the Script Blocker still appears. I have a niggling suspicion that a virus is involved, since this happened around the same time I got a bunch of malware (which was yesterday). Then again I have them deleted already, but the Script Blocker still appears. Please help. Thanks. XD
Hi grayness, welcome to the forum
First of all, did you try a boot-time scan ??? Or else follow the directions from this topic :
http://forum.avast.com/index.php?topic=53253.msg451454#msg451454
… and post/attach the requested logs in your next reply here. I will pm Essexboy with a link to this topic so he can help you
Greetz, Red.
Thanks, Rednose! XD Followed the instructions. XD If boot-time scan is the one where you restart the computer so that avast can tackle problem before the virus starts (or whatever you call it - I’m woefully un-techie DX), yes I did it.
Malwarebytes must’ve done something - after the restart I haven’t seen the Script Blocker splash page. Here are the logs–
Thanks again!
Hi grayness
You are infected. But please read the instructions for MBAM again :
# When the scan is complete, click OK, then Show Results to view the results. # Make sure that everything is checked, and click Remove Selected.
You didn’t check what MBAM found, so nothing was removed.
So please update MBAM and do a Quick Scan. Check everything it found, and click Remove Selected. Than replace the MBAM log you have posted with the new MBAM log
Greetz, Red.
tol ang iyong mbam no action taken kailangan mong e scan ulit pagkatapos tingnan mo ang settings pagkatapos ng scan palitan mo ang no action taken sa quarantine. ayos ba?
goodluck!!
;D kaya pala tol puno ng malware ang computer mo puno pala ng laro ;D
kamusta pala ang halaman mo nakagawa ka na ng rose of asula? ;D
ang sayo e nag scan ka nga pero no action taken naman, rescan ulit ng mbam at quarantine yan ang pinakamagandang
gawin diyan tol ;D
English please.
ok tech, but seem we are in the same language i can help with our own language.
Filipino always speak good English, but me im not fluent. so im thinking that i can deliver my help more clearly
when im using my own language.
sorry for that tech that im using my own language.
A few Vundo elements remaining - lets kill them
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
:OTL
O20 - AppInit_DLLs: (app_dll.dll) - File not found
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\precious\csrss.exe) - C:\Documents and Settings\precious\csrss.exe File not found
O33 - MountPoints2\{d8ed4851-1a96-11df-9d6c-001060aae297}\Shell\AutoRun\command - "" = F:\ZRNO\\soli.exe -- File not found
O33 - MountPoints2\{d8ed4851-1a96-11df-9d6c-001060aae297}\Shell\open\command - "" = F:\ZRNO\\soli.exe -- File not found
:Files
C:\WINDOWS\tasks\At*.job
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
@bong2x: Haha, kailangan ko nung mga laro, mababaliw ako kung wala sila (Haha, I need the games or else I’ll go crazy) XD
@Rednose, essexboy: I’ve done that step too XD Still I ran MBAM again. Nothing detected this time around. I followed essexboy’s instructions and here’s what I got –
Thanks guys!
napalungkot naman pagkatapos nito iba diyan di na gagana, saan ba kasi galing ang laro na yan? download ba o sa quiapo?
nakakita ako ng backdoor boot galing yan sa keygen pag natanggal yan di na gagana ang iba diyan.
OK the last OTL was corrupt - you probably saved the file as unicode instead of ansi.
What problems are you having now