Shows threat has been detected at well known sites and can't go to google search

I get the “threat has been detected” when I go to web sites that I know are ok.

Hulu for one. I can then go and will find that I can not go to google search

site at all with firefox ( the browser I most use) chrome or Internet explorer

none will go to google. This has been recurring every week or so just after

avast has updated its definitions. The only thing I know to do to fix the

problem is go back to a restore point of windows XP Home when things were ok.

About a week will go by and it starts all over again. If this is malware or a

Trojan horse or what ever I thought avast took care od them. After all the damn

app updates its definitions about twice a day after I have booted up more than

any virus protection software I have ever tried. I am running the free trail

version and was thinking of buying it when the trial period is up in a few

months but if it works like it has been forget that.
Has anybody else had the same symptoms with it saying a threat has been

detected at a reputable site and the not being able to get to google search?

Hi there may be an underlying element in one of your browsers

Download OTL to your Desktop
Secondary link

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif

[*]Select All Users
[*]Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
winsock.*
/md5stop
CREATERESTOREPOINT

[*]Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

would that effect all my browsers I have and use sometimes chrome and IE besides firefox
do you work for avast how do I know what you want me to do is safe?

do you work for avast how do I know what you want me to do is safe?
essexboy is a certified malware remover..... he does most of his work over at geeks to go forum where he also is a teacher/instructor

if you surf this forum section, you can see all the work he does here

and avast would not give him his own sticky guide above if he was not to trust. :wink:
http://forum.avast.com/index.php?topic=53253.0

Not to mention essexboy has almost 20,000 posts and almost eight years as a volunteer on the avast forums (so he is no fly by night); the greatest majority of these posts in the viruses and worms forum helping those unfortunate enough to have been infected.

When I started the application the only thing was that the extra registry radial button was on use safe list so I changed it as it is in the the above jpg in this post to show as “none”. After the scan I only got one notepad file named OTL.txt.
I reran the scan again with the with the extra registry set to “use safelist” and got the two reports I pasted in below.
The message exceeds the maximum allowed length (10000 characters). So see the next post as attachments

OK lets try this I have the two reports as attachments

Between the restore and the alerts restarting what programme did you reinstall ?

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF


:OTL
DRV - File not found [Kernel | Unavailable | Unknown] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - File not found [Kernel | Auto | Stopped] -- C:\DOCUME~1\DJW\LOCALS~1\Temp\5874.sys -- (5874)
O2 - BHO: (SavingsApp) - {11111111-1111-1111-1111-110011461139} - C:\Program Files\SavingsApp\SavingsApp.dll (215 Apps)
O3 - HKLM\..\Toolbar: (no name) - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - No CLSID value found.
O20 - AppInit_DLLs: (mad.dll) - File not found

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

I don’t think I installed any new programs before avast did a definition update and avast started to report that hulu etc. was a threat and that is also when I could not go to google with any of the three installed web browsers. After the first restore I did not install anything new it was ok for about a week and then the problem happened again so went back to a restore point when things were ok and so on. So far it has been about a month and maybe four restores I have had to do.

Are the alerts still showing ?

CLEAR THE BAD TOOLBARS

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete

https://dl.dropbox.com/u/73555776/AdwCleaner.GIF

Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

I am not having the problem right now because I did a restore back to a time no problem was but because it has been reoccurring I thought I would get a jump on it. Are the things you want me to do only working when the problem is? Not as a preventative for what most likely will be happening?

after I ran the fix with OTL a notepad file came up and I am attaching it.
when I run the scan again with OTL do I need to put any thing pasted in again as I did the first time.
Stll doing as per your instructiions so have not run ADWcleaner yet

Ok I did all asked in reply seven see the attached log after the quick scan

Ok ran ADWCleaner please see attached log generated. what is the problem do you think with the files anyway?
Also would like to add a slave hard drive to this computer is that going to complicate things while we are still in the process of fixing what ever problem there is going on here?

Slave drive will have no effect … Are the alerts still appearing ?

no alerts like I said above after I go back to a restore point I am ok until about a week and seems just after avast definition update all it starts over again with reports of hulu being bad and not being able to get to google search site. Hopefully it will never reoccur but said that before and then it starts all over again. Does not avast look for ad ware and malware and stop it coming onto the computer. As i said before never knew a protection software to update definitions as much as it does one to three a day it seems. So am I finished running fixes for now? Thank you for all your help I will post here or re-post a new topic if it happens all over again. besides avast do you recommend a ad ware or malware cleaner I should have running along with avast?

This does seem a tad weird. If you are happy I will leave my tools for about a week or so. If it should re-appear again let me know here with a fresh OTL log. I will stay subscribed so that I will know when you post

ok will do I will reply here if it happens again. Again thanks for all you time and help!

Ok started doing it again last things I updated was the application Freemaker Video Downloader and Real Player yesterday and now to day I get “threat has been detected” when I try to go to google search. Now what do you want me to do to help diagnose what the problem is?

Freemaker Video Downloader probably the culprit … Something bundled with it

Could you run a fresh OTL scan please selecting all users