blablablaoldtraff.in pop up every 2 minutes

Hello everyone, greetings from Québec city!, I have opened a file that came with a video, I thought it was a codec but it was in fact a virus…

Every 1 or 2 minutes, my avast pop out an alert about the object: http://blablablaoldtraff.in/index.php

Infection: URL:Mal

from the processus C:\Windows:\explorer.exe but I’ve seen “it” run under some other processus.

Which kind of log do you want me to send you guy’s

Thank you for the help, really appreciated

ps: Malwarebyte is actually scanning but last time it crashed before the end¬¬.
pss: Malwarebte is still running…

Hello,

https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

Thank you sir, you seems pretty active ! :slight_smile: I’ve seen the other post on the same “virus” …

Here are my logs sir!

Best regards

malware byte crash after 1h30 of scanning…~~ probably right before the end…any tips on that?

edit : It is the second time barely after a full scanning - boom - crash.

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
autoclean;
emptyalltemp;
bitsadmin /reset /allusers;b
ipconfig /flushdns;b

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Edited* here are is the files #1

Very good. We will run one more Zoek fix:

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Fix with ZOEK

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif

https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]

Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
chrdefaults;
autoclean;
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences;f

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

sorry about that, I missed read the message here it is again

Please ATTACH the logs, not copy/paste them.

How is your PC behaving now?

No more alert, my malware byte detects more than 5000 objets but crash before the end.

It’s the third time I’m trying it… but my first today after all the scans and the fix you sent me…

I’ll give you some news in a couple of minutes or in an hour if my scan still crash! Thanks again

Before running a new scan I suggest this:

  • Reboot
  • Run CCleaner (remove files and fix the registry)
  • Reboot