A few suspicious web site attemp

they (like reduled.info/3333/ReactorSys_142257170520951.dll, and similar for blackled.info) are blocked by avast but dunno how to solve totally

aswMBR.exe crashed and I can’t get the log from it :-[

very appreciate if anyone could help, thanks a lot

Start with removing Chrome completely.
Unless you installed a developer version yourself, malware has changed it.
This mean that anything can be installed without you knowing it.

Uninstall Chrome

Unless you did this yourself, malware has changed your Chrome version into the Development Build. Among other things this allows malware to install any extension it wants. We need to resolve this.

  1. If you have bookmarks, let’s save them by exporting them - Export Bookmarks
  2. Then I need you to go Google Sync and sign into your account
  3. Scroll down until you see the “Stop and Clear” button and click on the button. At the prompt click on “Ok”
  4. Now we need to uninstall chrome via control panel.
    Note: When asked about user data or settings you must remove this also so please check the box.
  5. We will re-install on completion

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: ShellIconOverlayIdentifiers: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File ShellIconOverlayIdentifiers-x32: [KAVOverlayIcon] -> {014F27E2-6D75-4E42-A0E9-2A2C68498AFA} => No File CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION 2015-04-09 20:18 - 2015-04-09 20:18 - 00000000 ____D () C:\ProgramData\{77ebd638-94af-9879-77eb-bd63894a58e2} 2015-04-09 20:02 - 2015-04-09 20:03 - 00000000 ____D () C:\ProgramData\331833178660016186 Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: {A28525C8-F8E3-4044-982F-2DCFB5200104} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-06-22] (Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Users\PeTer\AppData\Roaming\TaobaoProtect\ C:\Program Files (x86)\Google\Chrome C:\Users\PeTer\AppData\Local\Google\Chrome Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that