Shows threat has been detected at well known sites and can't go to google search

[wiguy4000]

no alerts like I said above after I go back to a restore point I am ok until about a week and seems just after avast definition update all it starts over again with reports of hulu being bad and not being able to get to google search site. Hopefully it will never reoccur but said that before and then it starts all over again. Does not avast look for ad ware and malware and stop it coming onto the computer. As i said before never knew a protection software to update definitions as much as it does one to three a day it seems. So am I finished running fixes for now? Thank you for all your help I will post here or re-post a new topic if it happens all over again. besides avast do you recommend a ad ware or malware cleaner I should have running along with avast?

[essexboy]

This does seem a tad weird.  If you are happy I will leave my tools for about a week or so. If it should re-appear again let me know here with a fresh OTL log.  I will stay subscribed so that I will know when you post

[wiguy4000]

ok will do I will reply here if it happens again. Again thanks for all you time and help!

[wiguy4000]

Ok started doing it again last things I updated was the application Freemaker Video Downloader and Real Player yesterday and now to day I get "threat has been detected" when I try to go to google search. Now what do you want me to do to help diagnose what the problem is?

[essexboy]

Freemaker Video Downloader probably the culprit .. Something bundled with it

Could you run a fresh OTL scan please selecting all users

[wiguy4000]

attached are the otl and extra report I got after running OTL

[essexboy]

Could you give me a screenshot of the popup please

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:OTL
FF - prefs.js..extensions.netassistant.keyword.url: "http://click.w3i.com/?Programid=132&Elementname=Keyword&Applicationid={65C7FCBB-491A-4F68-AF85-789F27321D15}&Version=3.6.5&Vintage=20120521&Defaultbrowserid=15&Productid=2326&Vendorid=5750&Offerid=6894&searchterm="
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No CLSID value found.
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.

:Commands
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[wiguy4000]

when you ask for a screen shot of the pop up do you mean the avast popup I get when I go to google?

[wiguy4000]

if it is the avast pop up you want to see I am attaching it as a jpg

[essexboy]

Could you run this

Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete



Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that

[wiguy4000]

I have not run the OTL fix scan yet do you want me to run that first then ADWCleaner or forget the OTL fix scan and just run ADWcleaner only?

[essexboy]

OTL then AdwCleaner please

[wiguy4000]

I ran OTL fix an after the reboot it asked to run again and produced the attached log named 02142013_125551.log. I then ran the OTL scan and it produced the two attached logs OTL.Txt and Extras.Txt.
At that point I opened Firefox and tried to go to Google just to see if I could but still got the Avast error pop up.
I then ran delete on ADWCleaner and got the attached log named AdwCleaner[S2].txt

After it did its thing I tried to go to Google again and it worked. A big thank you for all your help.
I am thinking back on things and I have also been attaching a particular jump/flash drive that is also been attached on another computer running XP Pro. And a Macintosh G-3 running OS 10.4.11. Neither of the other computers have had this problem in that I can not go to Google with any of their installed web browsers. But I am not sure if this computer is being contaminated from the jump/flash drive. Is there a way for me to run AWDcleaner and or OTL on it to clean it of any malicious software? Incidentally this computer running Xp home and the one running XP Pro both have about the same software running on them in that I have the same versions of Freemake Video Downloader the application you suspected added the problem software. Why might the XP Home system have this recurring problem and not the XP Pro computer if they have about the same application software and same versions? And again I am wondering why does Avast not stop the malicious software from being copied to this computer?
Was it awdcleaner that fixed my problem and should I run the delete button every so many days? Does it need to be updated to the most current version each time or does it have a way to update its definitions?
Again thank you for all your help!

[essexboy]

Thanks it showed me another miscreant to add to my list

Is all well now ?

[wiguy4000]

yes all is well now but should I run adwcleaner as a preventative every few days? And can I run it on the above mentioned jump drive?