Author Topic: solved malicious url since installing avast 6  (Read 30941 times)

0 Members and 1 Guest are viewing this topic.

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #30 on: May 03, 2011, 06:10:47 PM »
seems to be going quicker than its ever done before so may need your help soon

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #31 on: May 03, 2011, 06:38:16 PM »
have started doing that but it takes about 3 hours will you stii be around then .it is still saying malicious url

Please specify: what is saying malicious url? Avast?
Can you give a screenshot of the error message?
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #32 on: May 03, 2011, 06:44:29 PM »
Use this MS-tool to fix the Hosts-file: TOOL
Download the file to disk and then run it

then

Download RogueKiller to your desktop
 
  • Quit all running programs
  • For Vista/Seven, right click -> run as administrator, for XP simply run RogueKiller.exe
  • When prompted, type 1 and validate
  • The RKreport.txt shall be generated next to the executable.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.exe  

Please post the contents of the RKreport.txt in your next Reply.

then

Download OTS to your Desktop and double-click on it to run it
  • Make sure you close all other programs and don't use the PC while the scan runs.
  • Select All Users
  • Under additional scans select the following

Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT

  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Please attach the log in your next post.
« Last Edit: May 03, 2011, 06:54:50 PM by Zyndstoff (aka Steven Gail) »
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #33 on: May 03, 2011, 06:48:37 PM »
Don't worry Diane,
If he isn't available,there are many others on here who will pitch in and help.
As long as Zyndstoff is doing such a good job, you don't need any one else.  :)

BTW: thanks, Bob...  :)
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #34 on: May 03, 2011, 07:06:38 PM »
i am panicing now because that sounds really complicated.how can i not use my pc when i need to follow your instructions and paste things.the 2 malicious url are called Longtrip-todayz.com and ikckclckl1i1i.com

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #35 on: May 03, 2011, 07:10:23 PM »
i am panicing now because that sounds really complicated.how can i not use my pc when i need to follow your instructions and paste things.the 2 malicious url are called Longtrip-todayz.com and ikckclckl1i1i.com

Don't panic.

It's all easy, and you can do it. Don't worry.

When you start the OTS scan, then don't use the PC until the scan is done. Just leave him alone, scanning.

Just go step by step through the above instructions.

All the posting is done after the above instructions have been completed. Okay?  ;)
« Last Edit: May 03, 2011, 07:12:01 PM by Zyndstoff (aka Steven Gail) »
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #36 on: May 03, 2011, 07:18:01 PM »
scan completed no threat found to i come out of avast before i run the ots scan

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #37 on: May 03, 2011, 07:19:22 PM »
scan completed no threat found to i come out of avast before i run the ots scan

Pardon me?

What do you mean "to I come out of Avast" ?
« Last Edit: May 03, 2011, 07:21:36 PM by Zyndstoff (aka Steven Gail) »
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #38 on: May 03, 2011, 07:20:55 PM »
do i log out of the avast forum before i do the ots scan the scan that was completed with no threat was the avast full scan

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #39 on: May 03, 2011, 07:22:57 PM »
Okay, we'll do this step by step.

Easy things first.

Download the HostsXpert 3.7 - Hosts File Manager

Unzip it in any folder you like and run it.
What does it show in the right window side?

Click "Editing", "copy to clipboard" and paste in your next post.
« Last Edit: May 03, 2011, 07:26:48 PM by Zyndstoff (aka Steven Gail) »
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #40 on: May 03, 2011, 07:30:50 PM »
# Copyright © 1993-1999 Microsoft Corp.

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.

# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a "#" symbol.

# For example:

# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #41 on: May 03, 2011, 07:33:49 PM »
Okay, that file is clean.

Now:

Download OTS to your Desktop and double-click on it to run it
  • Select All Users
  • Under additional scans select the following

Reg - Disabled MS Config Items
Reg - Drivers32
Reg - NetSvcs
Reg - SafeBoot Minimal
Reg - Shell Spawning
Evnt - EventViewer Logs (Last 10 Errors)
File - Lop Check

  • Under the Custom Scan box paste this in

netsvcs
%SYSTEMDRIVE%\*.exe
/md5start
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
/md5stop
%systemroot%\*. /mp /s
hklm\software\clients\startmenuinternet|command /rs
hklm\software\clients\startmenuinternet|command /64 /rs
CREATERESTOREPOINT


  • Now close all other programs running (including browser). You will have to log off the forum and log back in when the scan is done. Shouldn't take too long.
  • Now click the Run Scan button on the toolbar. Make sure not to use the PC while the program is running or it will freeze.
  • When the scan is complete Notepad will open with the report file loaded in it.
  • Please attach the log in your next post.
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #42 on: May 03, 2011, 07:40:00 PM »
cant get it to download how do i download it

Offline diane blanx

  • Jr. Member
  • **
  • Posts: 60
Re: malicious url since installing avast 6
« Reply #43 on: May 03, 2011, 07:44:03 PM »
have you left me ???

Offline Zyndstoff (aka Steven Gail)

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2610
  • I can resist anything except temptation.
    • tex62
Re: malicious url since installing avast 6
« Reply #44 on: May 03, 2011, 07:44:21 PM »
Just click on the blue OTS in the post above...
7 x64 SP1, FF 8a Aurora, TB6, 6.0.1203 Free
Free MBAM Clear