| Other > Viruses and worms |
| Avast Warning for almost all websites |
| (1/4) > >> |
| jackdup:
It appears I have an infection of some type. I followed the instructions in the sticky above by essexboy and ran malware antibytes and was going to run OTL however am not sure where to get the scan.txt you are supposed to put in the custom box in OTL. The problem I was having was that Avast would come up with a warning about the website no matter what website I was going to. The object was a big long series of numbers and characters. The next line was URL:MAL I don't recall what the next line said but the process on the bottom line was either iexplore or svchost. My tabs on top also did not show, so if you opened a second tab it never showed on the top of IE I didn't actually think the tabs were opening but when you clicked on the x in the top right corner to close the page it asked if I wanted to close all tabs or just the current tab so it was obviously opening the tabs, just not displaying them or giving you anyway to select them. I had also gone into the control panel and security and found that the Windows Firewall was turned off and it would not allow me to turn it back on. After running Malware antibytes the firewall is now on again and my tabs are working but booting takes forever so assume there is still something not right. I am not sure how these infections get on the computer with Avast running all the time. Any help/suggestions would be appreciated. Thank you |
| essexboy:
If you could just run OTL without any custom scans and ensure that all users is selected. Then attach the logs here and I will have a look |
| jackdup:
Here are the two logs. Just now the menu bar in IE just turned black so you can't read File Edit etc. |
| essexboy:
Several of your drivers are stalling on start which is a tad suspicious Run OTL [*]Under the Custom Scans/Fixes box at the bottom, paste in the following --- Quote ---:OTL DRV - (SYMIDSCO) -- C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\idsdefs\20050901.036\symidsco.sys File not found O3 - HKU\S-1-5-21-1922141765-1701184110-4109938974-1007\..\Toolbar\WebBrowser: (no name) - {C4069E3A-68F1-403E-B40E-20066696354B} - No CLSID value found. O3 - HKU\S-1-5-21-1922141765-1701184110-4109938974-1007\..\Toolbar\WebBrowser: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - No CLSID value found. [2010/10/10 10:46:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\HP_Administrator\My Documents\Ovi :Files ipconfig /flushdns /c :Commands [purity] [resethosts] [emptytemp] [EMPTYFLASH] [CREATERESTOREPOINT] [Reboot] --- End quote --- [*]Then click the Run Fix button at the top [*]Let the program run unhindered, reboot the PC when it is done [*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply. [/list] THEN Download ComboFix from one of these locations: Link 1 Link 2 * IMPORTANT !!! Save ComboFix.exe to your Desktop [*]Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools [*]Double click on ComboFix.exe & follow the prompts. [*]As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware. [*]Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.[/list] **Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message: Click on Yes, to continue scanning for malware. When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply. |
| jackdup:
>>>Several of your drivers are stalling on start which is a tad suspicious <<< I guess that may account for the slow booting? Just now as I reopened this webpage I got the AVAST warning again showing the URL:MAL infection, Process svchost which seemed to have disappeared after running Malware Antibytes. Here is the log OTL produced after the scan as well as the logs after running it again. I didn't get an extras log this time. I'll run Combofix now. Do I need to diable the firewall as well or just AVAST? Thank you |
| Navigation |
| Message Index |
| Next page |