Lavasoft Support Forums Malware???

[Sly_Toad]

Hello... I'm having a little problem since monday. I don't know if my pc is infected or not. I presume it's not infected because the only problem I have is with one URL.
I'm using Firefox 27.0.1 and everytime I want to access www.lavasoftsupport.com for the first time, avast block's the connection and the web page is redirected to hxxp://url4short.info/c29e7461
I try to access www.lavasoftsupport.com again and voilá, it's working again. My Firefox deletes user history everytime it's close, so everytime I want to access lavasoftsupport.com for the first time, Avast blocks the connection, redirect's me to that url4short.info crap. And then, if access lavasoft again, it's working again. I've attached and image showing what avast is blocking. It's in Portuguese, because I'm portuguese.

I've reinstalled firefox, avast, run malwarebytes and avast, superantispyware, etc etc etc... my pc is clean... And the problem is only specific to www.lavasoftsupport.com and url's that have www.lavasoftsupport.com in them.

Also, I have another problem, this time related to Avast Online Security Add-on on Firefox. Since the v27.0.1 of FF came out, the Settings button (or definitions button... I don't know what's called in the english version) doesn't seem to work. I click on the avast icon on FF, I try to modify the settings, but it doesn't open the chrome\\ webpage anymore.

[Cast]

It could be possible to have something redirecting you to that other link, I tried both links you gave other than the url4short one as I have no idea where it leads and it opened the support forum for lavasoft just fine.

[Sly_Toad]

So, how do I solve this. I've already removed every add-on in FF, and this still happens. I've installed Chrome, it still happens... Has my pc been Hijacked?

[Pondus]

follow the logs guide at top in viruses and worms forum section.... attach OTL diagnostic log, then a malware expert will take a look

[mchain]

Hello... I'm having a little problem since monday. I don't know if my pc is infected or not. I presume it's not infected because the only problem I have is with one URL.
I'm using Firefox 27.0.1 and everytime I want to access www.lavasoftsupport.com for the first time, avast block's the connection and the web page is redirected to http://url4short.info/c29e7461
I try to access www.lavasoftsupport.com again and voilá, it's working again. My Firefox deletes user history everytime it's close, so everytime I want to access lavasoftsupport.com for the first time, Avast blocks the connection, redirect's me to that url4short.info crap. And then, if access lavasoft again, it's working again. I've attached and image showing what avast is blocking. It's in Portuguese, because I'm portuguese.

I've reinstalled firefox, avast, run malwarebytes and avast, superantispyware, etc etc etc... my pc is clean... And the problem is only specific to www.lavasoftsupport.com and url's that have www.lavasoftsupport.com in them.

Also, I have another problem, this time related to Avast Online Security Add-on on Firefox. Since the v27.0.1 of FF came out, the Settings button (or definitions button... I don't know what's called in the english version) doesn't seem to work. I click on the avast icon on FF, I try to modify the settings, but it doesn't open the chrome\\ webpage anymore.

Threat alert ceases because you've got the option set in FF to delete all cookies as well as user history?  Once you've tried the first time, the second attempt always gets you there?

Got the same alert from clicking your redirect link here, so please modify that link as thus:  hxxp://url4short.info/c29e7461  to prevent any issues with other users clicking the live link as it is set now.

[Pondus]

bad WOT reputation.   https://www.mywot.com/en/scorecard/url4short.info

[Sly_Toad]

No. Threat alert prevents me from accessing the site www.lavasoftsupport.com on the first attempt, because I get redirected to the url4short crap. After this I can access the lavasoftsupport.com site whenever I want if I don't close firefox. I have my firefox to delete all cookies and user history upon exiting. If I restart Firefox and try to access lavasoftsupport.com, I get redirected again on the first attempt.

This doesn't happen with other sites. Also, I've taken the liberty of performing the steps posted here: http://malwaretips.com/blogs/remove-browser-redirect-virus/

but they failed to help me. As I said, my pc is clean according to the results.

[Sly_Toad]

Actually it's affecting every browser in my pc. Chrome, IE, FF, Opera, etc etc etc... all of them are redirected. To be honest, I thought it could be google redirect virus, but it only seems to affect www.lavasoftsupport.com.
I've also installed a lot of freeware cleaners and antivirus, but none of them detect any infection. I also had spybot Immunize a long while ago, so I don't know if it has anything to do with this.

Googling for answers, theres seems to be at least one more felow with the same problem... so, i don't know what to do. Even OTL files are clean. (yes I can tell)

[Pondus]

Even OTL files are clean. (yes I can tell)

why not let Essexboy see it?

[Sly_Toad]

Yeah, I'll update them. Right now I'm running ad-aware in compatability mode to see if it detect's anything. I'll run a new OTL after that.

[Sly_Toad]

Ok, i'm having trouble running OTL. It doesn't create and Extras.txt file.

Also, i've noticed something weird. If I write www.lavasoftsupport.com directly or I click it for exemple in one of my posts, I go directly to the site. No problems.
But if I google "lavasoft forums" and click on the first one on the list, I get redirected.

I must ask someone to verify if this also happens to them. Can someone google lavasoft forum and click on the first site on the list to see if it redirects? If so, the problem is not on my computer. This must be done after cleaning history and cookies and restarting Firefox, or Chrome, or IE...

[Pondus]

Ok, i'm having trouble running OTL. It doesn't create and Extras.txt file.

it is only created at first run, that log is not important and usually not needed, as the name say just extra computer tech info

[Sly_Toad]

Ok, running OTL again.

Can you please verify what i asked? Close a clear your browser history and cookies (i know it's a pain), google lavasoft forum, and enter the first on the list. If I write on the url thingy on firefox, I don't get redirected. I only get redirected if i google it.

[Cast]

Cleaned my browsing history/cookies, googled lavasoft support forum and clicked the first link and no redirection so must be something on your end.

[Sly_Toad]

Hi and thanks for the answer.

I made an investigation of my own. I reinstalled windows last night and tested again with AVG installed this time around. I was not redirected. I reinstalled windows once again, and installed avast and got redirected. I was starting to think that the problem could be my router or maybe google itself.
 Then, a few hours ago I asked a friend of mine who works at a computer shop for his laptop which had Panda installed and tested again. Nothing happened. Then I installed Avast Portuguese Version and tested again, and voilá, it got redirected.

Keep in mind this was on a DIFFERENT LAPTOP, and connected to a DIFFERENT ISP (usb stick of another ISP). Then he connected to his WIFI, and still got redirected.. Then we tested on another pc connected to a Public Wifi connection, and it was still redirected

As I said all along, I know my pc is not infected. So something is happening here. Also, I'm using Windows 7 Home Premium and he his using Windows XP Sp3 and Windows Vista. All of them are Genuine, as they came pre-installed in the machines.

So what to do now?

Update:
Tested with Avira, Comodo and ZoneAlarm... working fine. Only avast is popping up security warnings and showing me the url4short thing. Also the lavasoftsupport page seems to be opening fine for half a second before redirection. Sometimes it shows the full page, and avast pops-up and it gets redirected.