[Crustyoldbloke]

Hello reader

Yesterday I received an email supposedly from DHL (I was expecting one), but thought it looked a little strange. I scanned it with Avast and the message was "no threat found", but I decided to delete it anyway. The email it came with, I tracked back to Alicante in Spain.

Since then, my Avast keeps warning me that it has blocked a threat (have a look at the screen capture attached), but a boot scan and MBAM scan both prove negative. HJT log is clean and the threat keeps changing its location and file name.

Is this a real threat? Has anyone seen this before?

Thanks

Phil

Attached Thumbnails

• 

[Advertisements]

Hi Phil!

VirusTotal does show that URL as malicious. Report here: https://www.virustot...sis/1332796990/

It's a pretty generic warning, so I don't think the infection has got far. Try clearing your temp files with TFC, and schedule a boot-time scan with Avast.

Post an OTL log here when done.

[admin]

Hi Phil!

VirusTotal does show that URL as malicious. Report here: https://www.virustot...sis/1332796990/

It's a pretty generic warning, so I don't think the infection has got far. Try clearing your temp files with TFC, and schedule a boot-time scan with Avast.

Post an OTL log here when done.

[Crustyoldbloke]

Hi BB

Too late! The error messages started to build up, with warnings about the file infection that just kept moving, and I couldn't find any of the files, then some applications stopped functioning and finally I was unable to boot. I did use an OTL log and it was clean. Boot time scan was clean, MBAM was clean, Kasperskey online scan was clean - weird stuff!

In fairness, the PC was 12 years old (well the case was) and had undergone 3 upgrades, the last one about 3 to 4 years ago (IDE drives are rare these days). I decided to join the 21st century and invest in a new PC with Windows7, 4 GB RAM, 3.3Ghz core i3 cpu and decent graphics.

I managed to transfer important data to my new PC by using an IDE to USB cable, and I am trying to get all of the software to function correctly. I have 3 problems right now:

• Excel (send page by email function is missing)
• Free PDF XP (error messages even after re-install)
• Photoshop CS3 (won't activate with my key, tells me its been used - I'd upgrade if it was less expensive).

Thanks for replying to me, I trust you and your family are well.

Regards

[admin]

Sorry about that. You could have pulled rank and sent me a PM.

Some nasty stuff going around right now. I don't actively remove malware much anymore, but I'd guess it's the TDSS infection that runs from a hidden partition.

Excel, have you configured an email client yet?

Try CutePDF instead of PDF XP.

CS3 you have to deactivate on your old computer first. A catch-22. Looks like you may get another chance to clean the old one.

[admin]

A couple people have mentioned to me that you just need to call Adobe, and they'll fix your CS3 issue over the phone.

[Crustyoldbloke]

I thought I replied to this 9 hours ago, but no sign of my post ... this is what I replied.

Cute PDF is working well thank you.

I am going to try installing OUTLOOK and perhaps even use it as my email client.

I can't deactivate Photoshop since the original HDD will not boot, so I hope the trans-Atlantic phone call is cheaper than the re-registry fee.

Thanks for your help.

Regards