Just recently I have started receiving messages from Kaspersky indicating they have blocked a malicious URL from loading. The message reads: C:\\Windows\Explorer.Exe (PID:5084): Loading Object http:/...?worker.php?action=get%5Fscript%5Fhash...containing malicious URL hXXp://18.104.22.168/scripts/worker.php?action=get %5F scrips %5hash&ver=1.1 Shortly afterwards, Windows Explorer shuts down and they restarts. This cycle repeats itself continuously. I have conducted full scans using Kaspersky, Malewyrebytes, and Super-Antispyware, none of which detected anything. A recent scan using Combofix did find and delete a dll called devil and the problem was remedied until the computer was rebooted at which point the issues returned. Your help would be greatly appreciated.