Script Blocker Keeps Popping Up

New here…and sorry if this is a noob question or what DX I use Avast 4.8 Pro and for some reason Script Blocker keeps popping up even if I’m using Firefox, or no web browser is open at all. I once thought it was because of Yahoo Messenger, but I realized that while I was performing a thorough virus scan, the Script Blocker still appears. I have a niggling suspicion that a virus is involved, since this happened around the same time I got a bunch of malware (which was yesterday). Then again I have them deleted already, but the Script Blocker still appears. Please help. Thanks. XD

Hi grayness, welcome to the forum :slight_smile:

First of all, did you try a boot-time scan ??? Or else follow the directions from this topic :

http://forum.avast.com/index.php?topic=53253.msg451454#msg451454

… and post/attach the requested logs in your next reply here. I will pm Essexboy with a link to this topic so he can help you :slight_smile:

Greetz, Red.

Thanks, Rednose! XD Followed the instructions. XD If boot-time scan is the one where you restart the computer so that avast can tackle problem before the virus starts (or whatever you call it - I’m woefully un-techie DX), yes I did it.

Malwarebytes must’ve done something - after the restart I haven’t seen the Script Blocker splash page. Here are the logs–

Thanks again! :smiley:

Hi grayness :slight_smile:

You are infected. But please read the instructions for MBAM again :

# When the scan is complete, click OK, then Show Results to view the results. # Make sure that everything is checked, and click Remove Selected.

You didn’t check what MBAM found, so nothing was removed.

So please update MBAM and do a Quick Scan. Check everything it found, and click Remove Selected. Than replace the MBAM log you have posted with the new MBAM log :slight_smile:

Greetz, Red.

:wink: tol ang iyong mbam no action taken kailangan mong e scan ulit pagkatapos tingnan mo ang settings pagkatapos ng scan palitan mo ang no action taken sa quarantine. ayos ba?
goodluck!! :wink:

;D kaya pala tol puno ng malware ang computer mo puno pala ng laro ;D
kamusta pala ang halaman mo nakagawa ka na ng rose of asula? ;D
ang sayo e nag scan ka nga pero no action taken naman, rescan ulit ng mbam at quarantine yan ang pinakamagandang
gawin diyan tol ;D

English please.

:wink: ok tech, but seem we are in the same language i can help with our own language.
Filipino always speak good English, but me im not fluent. so im thinking that i can deliver my help more clearly
when im using my own language.
sorry for that tech that im using my own language.

A few Vundo elements remaining - lets kill them

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

:OTL
O20 - AppInit_DLLs: (app_dll.dll) - File not found
O20 - HKLM Winlogon: TaskMan - (C:\Documents and Settings\precious\csrss.exe) - C:\Documents and Settings\precious\csrss.exe File not found
O33 - MountPoints2\{d8ed4851-1a96-11df-9d6c-001060aae297}\Shell\AutoRun\command - "" = F:\ZRNO\\soli.exe -- File not found
O33 - MountPoints2\{d8ed4851-1a96-11df-9d6c-001060aae297}\Shell\open\command - "" = F:\ZRNO\\soli.exe -- File not found

:Files
C:\WINDOWS\tasks\At*.job
 
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

@bong2x: Haha, kailangan ko nung mga laro, mababaliw ako kung wala sila (Haha, I need the games or else I’ll go crazy) XD
@Rednose, essexboy: I’ve done that step too XD Still I ran MBAM again. Nothing detected this time around. I followed essexboy’s instructions and here’s what I got –

Thanks guys!

:wink: napalungkot naman pagkatapos nito iba diyan di na gagana, saan ba kasi galing ang laro na yan? download ba o sa quiapo?
nakakita ako ng backdoor boot galing yan sa keygen pag natanggal yan di na gagana ang iba diyan.

OK the last OTL was corrupt - you probably saved the file as unicode instead of ansi.

What problems are you having now