Avast WEBforum
Other => Viruses and worms => Topic started by: searz on January 23, 2013, 12:39:28 AM
-
Hi there,
I keep getting a pop-up on avast while browsing Chrome that says something along the lines of "malicious URL detected."
I've attached the logs to the post, the Malware Bytes scan came out with no threat, any help is greatly appreciated!
Note: I'm not very savvy with computers so simple instructions would be great, thanks!
Update: The messages gave stopped popping up, however I still want to make sure I'm clean, thanks.
-
malware removers are notified, check back tomorrow. ;)
-
Great! Thank you very much.
-
Hi,
> Please go to systemroot ( C:\ ) partitions and attach AdwCleaner[S1].txt logreport.
> Also, on desktop you shuld have Extras.Txt logreport from OTL. Please attach it here too.
---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----
(http://imageshack.us/a/img841/7292/thisisujrt.gif) Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/) to your desktop.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ---- ----
Re-run OTL.exe.
- Copy and paste the following text written inside of the quote box into the Custom Scans/Fixes box.
:Otl
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
IE - HKLM\..\SearchScopes\%EasyLifeSearch_IESearchEngineGuid%: "URL" = http://search.easylifeapp.com/?q={searchTerms}
IE - HKU\S-1-5-21-2519709015-738426140-1624564586-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.easylifeapp.com/
IE - HKU\S-1-5-21-2519709015-738426140-1624564586-1000\..\SearchScopes\%EasyLifeSearch_IESearchEngineGuid%: "URL" = http://search.easylifeapp.com/?q={searchTerms}
O33 - MountPoints2\{6ace6e47-3685-11e2-90c0-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{6ace6e47-3685-11e2-90c0-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Install.exe -- [2011/03/23 10:44:19 | 002,098,520 | R--- | M] (Logitech(c))
:files
dir C:\Users\Shane\AppData\Local\Deployment /c
dir C:\Program Files (x86)\EasyLife /c
:commands
[CREATERESTOREPOINT]
[emptytemp]
- Then click the Run Fix button at the top.
- Let the program run unhindered; it will reboot the system when it is done and open notepad with logreport. Attach here that logreport.
ps: If notepad don't pop-up, then try to find fixreport in C:\_OTL folder. I need to see that report.
***************
How's your computer running now? Any new avast warnings?
-
Hi there, I really appreciate you taking the time to help me out!
Unfortunately I could not find the OTL extras notepad on my desktop, where would the file be located?
I've attached the new OTL report, and the ADW (S1) along with the Junkware removal one. Fortunately I haven't gotten a warning since yesterday so hopefully that's a good sign!
-
I could not find the OTL extras notepad on my desktop
It does not matter... :)
Fortunately I haven't gotten a warning since yesterday so hopefully that's a good sign!
Aha ... :)
We will remove used tools. If later you get a certain malware problems, down&run fresh OTL.exe and aswMBR.exe tools and attach their reports here.
> Re-run OTL and click on CleanUp! button.
ps: follow this step, it is important to do it.
You will be asked to reboot the machine to finish the cleanup process, choose Yes.
After the reboot all the tools we used should be gone.
Note: Some more recently created tools may not yet be removed by OTL. Feel free to manually delete any tools it leaves behind.