« previous next »
Pages: [1]   Go Down

Author Topic: please help avast detect URL:Mal each time firefox open/refreshed  (Read 2852 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
please help avast detect URL:Mal each time firefox open/refreshed
« on: August 01, 2014, 07:04:41 PM »
Hello,
I wanted to ask help for my computer, the avast notification pops up each time I open web page with firefox, I've run MBAM and FRST, all three logs are attached.
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: please help avast detect URL:Mal each time firefox open/refreshed
« Reply #1 on: August 01, 2014, 07:22:02 PM »
Let me know if this stops it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
HKU\S-1-5-21-3982561841-2972177315-1658118066-1000\...\MountPoints2: {a011f6f7-bdde-11e3-bf94-180373962d62} - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL I:\start.exe
AppInit_DLLs: C:\PROGRA~1\SupTab\SEARCH~1.DLL => C:\PROGRA~1\SupTab\SEARCH~1.DLL File Not Found
SearchScopes: HKLM - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchingissme.info/?unqvl=23&l=1&q={searchTerms}
SearchScopes: HKCU - DefaultScope {35FF86EE-A5EA-4675-B96D-9AF7E36E15D8} URL = http://rts.dsrlte.com/?q={searchTerms}&r=30
SearchScopes: HKCU - {35FF86EE-A5EA-4675-B96D-9AF7E36E15D8} URL = http://rts.dsrlte.com/?q={searchTerms}&r=30
SearchScopes: HKCU - {4AC7CA16-24AA-4995-A395-CFB66B583E2E} URL = http://www.mysearchresults.com/search?c=2402&t=15&q={searchTerms}
SearchScopes: HKCU - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.searchingissme.info/?unqvl=23&l=1&q={searchTerms}
BHO: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files\SupTab\SupTab.dll No File
Toolbar: HKCU - No Name - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} -  No File
FF user.js: detected! => C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\user.js
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\babylon.xml
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\BrowserDefender.xml
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\buenosearch.xml
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\delta.xml
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\searchplugins\WebSearch.xml
FF Extension: Save now - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\Extensions\5069bbf873a4f@5069bbf873a88.com.xpi [2012-10-01]
FF Extension: Default Tab - C:\Users\Dell\AppData\Roaming\Mozilla\Firefox\Profiles\f8md0coc.default\Extensions\addon@defaulttab.com.xpi [2013-08-15]
S2 Update lookinglink; "C:\Program Files\lookinglink\updatelookinglink.exe" [X]
S2 Update Surftastic; "C:\Program Files\Surftastic\updateSurftastic.exe" [X]
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S1 {47351c22-0d6c-4658-a617-795d251145e2}Gw; system32\drivers\{47351c22-0d6c-4658-a617-795d251145e2}Gw.sys [X]
C:\Users\Dell\AppData\Roaming\DefaultTab
C:\Program Files\YourFileDownloader Updater
Task: {B2C217B7-693B-4EFF-962C-BAAF427A97AF} - System32\Tasks\YourFile DownloaderUpdate => C:\Program Files\YourFileDownloader Updater\YourFileUpdater.exe <==== ATTENTION
Task: {B43BCDCC-81B1-4048-B77B-2C94CA00A22C} - System32\Tasks\DTReg => C:\Users\Dell\AppData\Roaming\DefaultTab\DefaultTab\DTReg.exe <==== ATTENTION
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Logged

REDACTED

  • Guest
Re: please help avast detect URL:Mal each time firefox open/refreshed
« Reply #2 on: August 02, 2014, 06:45:40 AM »
I've scanned my computer with adwcleaner before getting the reply actually, I don't know whether it'll work the same or not. I will run another scan with adwcleaner now, but i attach the last log with it.
Logged

REDACTED

  • Guest
Re: please help avast detect URL:Mal each time firefox open/refreshed
« Reply #3 on: August 02, 2014, 08:18:15 AM »
here's the latest log from AdwCleaner..
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: please help avast detect URL:Mal each time firefox open/refreshed
« Reply #4 on: August 02, 2014, 11:55:02 AM »
AswMBR showed one more to remove, how is the computer behaving now ?

CCAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
C:\Users\Dell\Downloads\Sotware
CMD: bitsadmin /reset /allusers
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
REBOOT:

 
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
Logged
Pages: [1]   Go Up
« previous next »