anythicago & bestdriver.com and more... malware

I know this is a re-post but since it’s system specific I’m making a post. I’m having the same issue as everyone else with it continually popping up. Any help would be much appreciated! Also while I’m here my firewall on avast stopped working as well. I’m assuming this is VPN related? I’m using a paid VPN service but still.

Logs Attached

Hello

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

The FRST is attached in the original post, I’m trying to attach the addition log now and it is telling me that the file is too large. It’s only 91.1KB though.

And it attached to the above reply sorry

You’re missing FRST.txt report.

It is attached to the original post, I’m looking at it now lol. I’ll attach it again here, thanks!

Hi Mikael21 :slight_smile:

Are you using the Avast! Firewall ?

Repair Avast! after argus has fixed your problem :

  1. Start - Control Panel - Add/Remove Programs - Avast! - Change.
  2. Repair.
  3. Follow the instructions.
  4. Reboot.

Greetz, Red.

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
autoclean;
emptyalltemp;
bitsadmin /reset /allusers;b
ipconfig /flushdns;b

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Alright here is that log

How’s your computer behaving now?

I apologize I forgot to check back last night. I just rebooted and so far we’re good to go. It always happened at boot without fail and I have nothing so far! Firewall is back working again too.

I appreciate the help!

The following will implement some post-cleanup procedures:

Download DelFix by Xplode and save it to your desktop.

[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:

[]Remove disinfection tools
[
]Purge system restore
[*]Reset system settings

[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

Here’s that log if you needed it

Same issue(s). Mine changes from optiguardzip to anythicago to others.

I’ve attached my FRST and addition logs.

Thanks for helping out,

Lee

@quietkey2003

Start your own topic and attach both reports. Thanks.