Hi i installed avast yesterday after malwarebytes found some viruses on my computer and now every time i go onto a web page on crome even when i click on open tab i get a pop up saying web shield has blocked a harmful webpage or file object: htxp://sql3.true-secure.com/?id. Iv done a few scans with malware and avast and it finds no threats.
Please follow the logs in assist of cleaning malware topic on top of the viruses and worms section and attach logs from OTL, Malwarebytes and aswMBR (not compatible with Windows 8)
here are the logs you asked me to attach
Ok. Wait for a malware expert now and follow his instructions, and dont change the scripts they give you. 
Could you let me know if the alerts cease after this
Warning This fix is only relevant for this system and no other, using on another computer may cause problems
Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot
Run OTL
[*]Under the Custom Scans/Fixes box at the bottom, paste in the following
https://dl.dropbox.com/u/73555776/OTL_Fix.GIF
:Commands
[CREATERESTOREPOINT]
:OTL
IE - HKU\S-1-5-21-3526580176-2876996118-135570243-1000\..\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}: "URL" = http://www2.delta-search.com/?q={searchTerms}&babsrc=SP_ss&mntrId=A23AF46D04942816&affID=121565&tsp=5004
FF - HKCU\Software\MozillaPlugins\bebomedia.com/OfferMosquitoIEHelper: C:\Users\Chris\AppData\Local\ext_offermosquito\npOfferMosquitoIEHelper.dll File not found
O4 - HKU\S-1-5-21-3526580176-2876996118-135570243-1000..\Run: [DataMgr] C:\Users\Chris\AppData\Roaming\DataMgr\DataMgr.exe (HTTO Group, Ltd.)
O4 - HKU\S-1-5-21-3526580176-2876996118-135570243-1000..\Run: [Intermediate] C:\Users\Chris\AppData\Roaming\Intermediate\Intermediate.exe ()
O4 - HKU\S-1-5-21-3526580176-2876996118-135570243-1000..\Run: [SCheck] C:\Users\Chris\AppData\Roaming\SCheck\SCheck.exe ()
O4 - HKU\S-1-5-21-3526580176-2876996118-135570243-1000..\Run: [Snoozer] C:\Users\Chris\AppData\Roaming\Snz\Snz.exe ()
O4 - HKU\S-1-5-21-3526580176-2876996118-135570243-1000..\Run: [SSync] C:\Users\Chris\AppData\Roaming\SSync\SSync.exe ()
[2013/11/18 21:49:51 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\DataMgr
[2013/09/13 12:04:25 | 000,000,000 | ---D | M] -- C:\Users\Chris\AppData\Roaming\Babylon
:Files
C:\Users\Chris\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbmdkmlcnbapgegninelmjbfibaghdmk
:Commands
[resethosts]
[emptytemp]
[Reboot]
[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
i did all you said to but the alerts are stll there
Please make that live link non-click-through as with htxp://sql3.true-secure.com/?id
avast! Webshield blocks and detects this as infested with JS:ScriptPE-inf[Trj]
Most of the malware from site is now dead: http://support.clean-mx.de/clean-mx/viruses.php?sort=firstseen%20desc&review=176.9.255.%
Yours is dead since 2014-01-20 04:03:57 and had been ongoing and active for 7.9 hours.
urlquery does not flag: http://urlquery.net/report.php?id=8782806
VirusTracker has this qualification: sql3.true-secure.com,176.9.255.136,Criminals, (where Criminals only denotes that macode is active and up).
sql3.true-secure dot com
status: Site blacklisted, malware not identified
web trust: Site blacklisted.
On excessive header info, read: http://blog.detectify.com/post/34559130700/do-you-dare-to-show-your-php-easter-egg
System Details:
Running on: Apache/2.2.22
System info: (Ubuntu)
Powered by: PHP/5.3.10-1ubuntu3.9
or more precise:
htxp://sql3.true-secure.com [200] HTTPServer[Ubuntu Linux][Apache/2.2.22 (Ubuntu)],
Apache[2.2.22],
IP[176.9.255.136],
PHP[5.3.10-1ubuntu3.9],
X-Powered-By[PHP/5.3.10-1ubuntu3.9]
polonus
Ok so if its dead i guess i dont need to worry but is there a way to remove it or stop the alert pop up ?
ehm … essexboy is working on it 
Hi Skubbs,
You may have encountered it when it was still up and active.
While waiting for essexboy’s instructions (and follow these to the dot!),
you may read this for additional insight:
http://www.im-infected.com/trojan/js-scriptpe-inf.html
polonus
Is this confined to Chrome only ? Or does it also occur in IE
seems to be only crome
OK initially run Chrome in incognito mode and let me know if that stops the alerts http://www.coolgeex.com/start-google-chrome-in-incognito-mode/
the pop ups stop in incognito mode also on IE i dont get pop ups but the avast symbol in the toolbar has a number that keeps changing what that about just out of interest as its wasnt there a second ago
Could you now reset chrome as per the details here https://support.google.com/chrome/answer/3296214?hl=en-GB then try chrome normally and see if the alerts disappear
Yep that got rid of the alert pop ups
OK you have lost all the chrome extensions I am afraid
Take it for a test drive and let me know of any problems
that seems to have fixed the alerts not had one after i reset crome. Is the avast extension suppost to say companies tried to track or is that thing as the alert pop ups ?
Chrome extensions, watch out, came under fire recently 180.000 Chrome users being duped: http://barracudalabs.com/2014/02/more-spam-chrome-extensions-impacting-180k-users-that-google-should-remove/ article author = Jason Ding
polonus
The numbers you are referring to are I believe part of the AOS plugin whit blocks tracking of your web browsing
Is the computer still behaving ?