hopefully I’m in the right place…
I have recently had a koobface infection, and since then, avast frequently pops a red warning box into the corner of the screen saying “threat Detected”
the process is either svchost or, more commonly iexplore.exe
This threat detection is happening more and more and avast full scan picks up nothing.
I have run malware bytes and it found leftovers from the koobface, I have uninstalled all toolbars, cleaned off system restore points but still have this warning pop up all the time and its driving me nuts!
Is there any solution besides a format?
Please help…

Thanks

Further detail:
the warning will pop up intermittently when no browser is open, which gives the svchost process,
and iexplore as the process anytime I enter ANY search via google.

Thanks

Try this

TFC - Temp File Cleaner by OldTimer
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.

Dr.Web CureIt http://www.freedrweb.com/cureit/?lng=en
How Do I Use Dr.Web CureIt!? http://www.freedrweb.com/cureit/how_it_works/
Norman Malware Cleaner http://www.norman.com/support/support_tools/58732/en-us

I have the EXACT same problem.

Avast picks up nothing.
I followed the tips below - nada.

<<TFC - Temp File Cleaner by OldTimer
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/>>

OK, cleaned 1G of temp files and stuff, but the problem is still there.

<<Dr.Web CureIt http://www.freedrweb.com/cureit/?lng=en>>

Site cannot be found.

<<How Do I Use Dr.Web CureIt!? http://www.freedrweb.com/cureit/how_it_works/>>

Gives you a bunch of products, six approximately - not sure which to download.

<<Norman Malware Cleaner http://www.norman.com/support/support_tools/58732/en-us>>

OK, this one gave red “Gen.Rootkit” message, suggested to restart, which I did, then it scanned again, and again the same message right away, restart, again the same thing, round and round it goes. Is it in my memory? Then what should I do? On their site it says that it would not run in Safe Mode, but I’m desparate, so I tried nevertheless, and it actually ran, found and killed a bunch of files in my very old achives - can’t be dangerous. Never mind, the problem is still there.
Help?

Just an update - ran the above cleaners and was still having the problem, but normans helped in that it identified the threat, but wouldn’t remove it.
The threat identified was W32/rootkit!TDSS_TDL3.26+

so I got a copy of tdsskiller from http://support.kaspersky.com/downloads/utils/tdsskiller.exe
this got rid of the threat.
Normans then ran a really thourough scan that picked up a couple of little problems and computer is now seeming to run fine.

YAY!
Thanks for all your help!

Hi mate,
Mine did the exact same thing but kaspersky tdsskiller cleared out the rootkit infection that kept causing it to keep going.
see my last post for the link to get it, then run the normans.

Good luck!

Wow, man, thanks a bunch, kaspersky did fix it. Running Norman now, but my IE already behaves normally.
Thanks again for this. How did you know where to find this tdskiller?

Google is a wonderful thing

the Kaspersky fix worked for me too! Thanks a thousand times!

The tool worked for us too. Thanks a ton!