Hello,
avast informs me about 4-6 blocked attempts of sites as blackfight.info - they would try to get access on my svchost.exe, and that it’s been blocked… how can I get rid of this?
My system: Windows7 32bit SP1
No solution is given by running SpywareTerminator…
Thanks for help!!!
instructions https://forum.avast.com/index.php?topic=53253.0
attach Malwarebytes and Farbar Recovery Scan Tool logs
Here’s the MBAM-log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 19.01.2015
Scan Time: 21:24:47
Logfile: malwareReport_eng.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2015.01.19.12
Rootkit Database: v2015.01.14.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: ME_Laptop
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 339727
Time Elapsed: 15 min, 38 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, 1516, Delete-on-Reboot, [9bb6cc2bc7c293a35704863f768bde22]
Modules: 0
(No malicious items detected)
Registry Keys: 6
PUP.Optional.WindowsProtectManger.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WindowsMangerProtect, Quarantined, [9bb6cc2bc7c293a35704863f768bde22],
PUP.Optional.ISearch.A, HKLM\SOFTWARE\omiga-plusSoftware, Quarantined, [d67ba6512b5e72c46e406c7ace36be42],
PUP.Optional.WPM.A, HKLM\SOFTWARE\supWindowsMangerProtect, Quarantined, [351cf007bccdac8a3c69985610f40df3],
PUP.Optional.WindowsMangerProtect.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\WindowsMangerProtect, Quarantined, [7cd5aa4dafda6ccae7d6c8b60ff41ee2],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2174106178-2655761591-1062322847-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE\1I1T1Q1S, Quarantined, [f55c2fc875145cda00b14a6e54af0ff1],
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2174106178-2655761591-1062322847-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE, Quarantined, [a1b02bcc4c3dde588142fbd3c341c23e],
Registry Values: 1
PUP.Optional.InstallCore.A, HKU\S-1-5-21-2174106178-2655761591-1062322847-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\INSTALLCORE|tb, 0Z1B1L2Z1S, Quarantined, [a1b02bcc4c3dde588142fbd3c341c23e]
Registry Data: 1
PUP.Optional.OmigaPlus.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\IEXPLORE.EXE\SHELL\OPEN\COMMAND, C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1418647717&from=cor&uid=SAMSUNGXHM250JI_S0TVJD0Q558826, Good: (iexplore.exe), Bad: (C:\Program Files\Internet Explorer\iexplore.exe http://isearch.omiga-plus.com/?type=sc&ts=1418647717&from=cor&uid=SAMSUNGXHM250JI_S0TVJD0Q558826),Replaced,[cc85ac4b008967cfb4fc316c31d4ec14]
Folders: 3
Rogue.Multiple, C:\ProgramData\412301046, Quarantined, [262b25d2dbae2c0a2e2feb40966d07f9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect, Delete-on-Reboot, [77da3abd3158df57a30c460c42c120e0],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update, Quarantined, [77da3abd3158df57a30c460c42c120e0],
Files: 3
PUP.Optional.WindowsProtectManger.A, C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe, Delete-on-Reboot, [9bb6cc2bc7c293a35704863f768bde22],
Rogue.Multiple, C:\ProgramData\412301046\BIT17BF.tmp, Quarantined, [262b25d2dbae2c0a2e2feb40966d07f9],
PUP.Optional.WPM.A, C:\ProgramData\WindowsMangerProtect\update\conf, Quarantined, [77da3abd3158df57a30c460c42c120e0],
Physical Sectors: 0
(No malicious items detected)
(end)
When downloading the Farber tool, Avast gives me a warning that it’d be dangerous software… ignore?
Thank!!! 
When downloading the Farber tool, Avast gives me a warning that it'd be dangerous software... ignore?Yes ..... and attach log, not copy and paste
Thank you!
Next?
Click “Fix”?
Hmm something different … Let me know if this stops it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint: EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
Done!
Thanks again for further instructions 
Has that now stopped the alerts ?
YES INDEED!!!
Is the problem finally solved now?
And shout I leave (and keep running with autostart) MBAM, or uninstall it?
THANK YOU FOR YOUR HELP (and patience with me)!!! ;D
Subject to no further problems
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean 
A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:
Remove tools
Download and run Delfix
https://dl.dropboxusercontent.com/u/73555776/delfix.JPG
: Keep Java Updated :
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)
If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version
https://dl.dropboxusercontent.com/u/73555776/javara.JPG
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
CryptoPrevent install this programme to lock down and prevent crypto ransome ware
https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG
Update and run weekly to keep your system clean
Click on the link above to be taken to Unchecky.com
click the very large Download button.
click Save
Click Open folder
Right click on the Unchecky_setup and choose to Run as Administrator
Once open click the Install button.
Then click on Finish
Unchecky is now installed and will help you keep unwanted check boxes unchecked, this is a fire and forget programme 
It is critical to have both a firewall and anti virus to protect your system and to keep them updated.
To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe 
I am having the same issue with blackfight.info, epictory and another www being blocked by Avast. Attached are the logs from Malwarebytes and FRST.
@ rszatny I will need the main FRST log you have attached the additions
Is that better? I hope I attached the right ones this time. Thank you!
Could you let me know if this stops it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint: CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ProxyEnable: [.DEFAULT] => Internet Explorer proxy is enabled. ProxyServer: [.DEFAULT] => http=127.0.0.1:52022;https=127.0.0.1:52022 SearchScopes: HKLM -> DefaultScope value is missing. EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
Hey Guys,
Also getting the blackfight.info blockage… See attached I hope I did it right!
you should start your own topic where you attach logs
helping multiple users in same topic will create chaos…
