Went to visit my church’s website and got nothing but odd redirects. Cleared my cache, even though I knew it wouldn’t resolve anything. Rebooted and a warning box came up on startup that said “A malicious URL has been blocked” but then it went away real fast. Now I’m getting “threat detected” pop ups from Avast every minute or so but the Avast box is blank except for a Twitter logo. As I’m typing this, I have now had a “rootkit found” message pop up. I can’t move the box but it says, “A suspicious hidden object (rootkit) has been detected on your system. This may be a sign of a malware infection. It is recommended to remove the object immediately.” The rootkit information box is blank. The “Actions to Take” section says delete now (recommended) and Ignore but neither are clickable.
I tried to go into the “Open Avast User Interface” option but the Avast box comes up completely blank. No idea where to go from here.
It is possible that the site might have been hacked, what is the URL change the http to hXXp to break any active link to avoid accidental exposure.
Try a repair of avast. Add Remove programs, select ‘avast! Anti-Virus,’ click the Change/Remove button and scroll down to Repair, click next and follow.
Vista, win7 - Repair of avast. Control Panel, Programs & Features, uninstall a program, select ‘avast! Anti-Virus,’ click the Change/Remove button and scroll down to Repair, click next and follow.
You may need to reboot after the repair.
Using windows notepad, check the anti-rootkit scan log this should hopefully contain details of the detection - For winXP C:\Documents and Settings\All Users\Application Data\Alwil Software\Avast5\log\aswAr.log. For Vista/win7 C:\ProgramData\Alwil Software\Avast5\log\aswAr.log.
I would also recommend an immediate update of the AV definitions and a Boot Time Scan ASAP. If you do the Boot Time Scan, the default process is “Ask.” (For what to do when viruses and malware are found.) unless you have changed it. When Malware comes up and it asks what you want to do, select “Move to Chest.” You should be at your computer to select the “Move to Chest” option if something is found. Do an Avast Update of the AV definitions, than a Boot Time Scan. Than follow the instructions below:
Also, if you don’t have it already, download Malware Bytes-Anti-Malware from www.malwarebytes.org, install it, update it and run a full scan. (recommended) These two processes may take about 1-2 hours depending on the size of your hard drive, the speed, of your system, and what is found, but they need to be done as soon as you can do them. Report back with your findings.
Hello and thank you for the replies! Unfortunately, I had to completely reformat the hard drive. Here’s what happened:
The system became extremely unstable. I ran 3 boot time scans. 17 trojans were found. 14 of them moved to the chest okay but avast couldn’t move or delete the other 3.
I tried to get back to the message I posted here but I couldn’t. The browser just kept on redirecting (multiple times with just one click!) and I couldn’t get anywhere online.
Avast was singing to me every 15-20 seconds about threats being detected and malicious URLs being blocked. I spent so much time just trying to get online to get help that I finally figured I would spend less time reformatting the system and starting from scratch.
Big bummer! But I appreciate the responses so much. I still don’t know what happened.
Sounds like you had a rootkit infection and they can be a real pain to remove, especially if you don’t have access to a clean system to download tools and get instructions to clean the infected system.