Blackfight/reduled/epitory virus, same here

I have no idea how I got this virus, I dont usually stray far from my usual sites when browsing. I spent 4 hours yesterday trying to remove this, the pop ups from avast are maddening and things are getting screwing in my browser. After I scanned with avast, superantispyware and a bunch of other recommended programs, as well as following manual removal instructions online, I got nothing. I ran malwarebytes and it sound 2 things, I removed them and things were fine for the remainder of the day. I turned on my computer this morning and BAM, back to normal. I dont have a boot disk and would rather not do a system wipe. If someone can give me some step-by-step instructions in removal, I will do my best to give you as much information as possible. Cheers :slight_smile:

Attach your basic diagnostic logs. (MBAM, FRST and aswMBR)
Instructions: https://forum.avast.com/index.php?topic=53253.0

Hi, this is easy to remove if you know where to look :slight_smile:

Run this FRST fix and if the problem continues please post an FRST scan

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

Hi guys, thanks for the speedy response :slight_smile: I have attached logs from both MBAM and FRST. I should just add, though - i ran MBAM an hour or so ago, and it came up with nothing, Then I ran it again just now and it found something. Goddamnit. Let me know if theres anything else you need!

Good job, now you’ve to wait a bit…

No worries, I appreciate the help :slight_smile:

Although, i should add - since performing the FRST fix, the pop ups have stopped, HOWEVER the exact same thing happened to me yesterday after running MBAM and I thought my system was clean, but it was back again when I booted this morning so… Im dubious as to whether the problem is truly fixed or not…

OK that is the main bad boy gone now, could you run an FRST scan now so that I can see what remains

Great :slight_smile: I wasnt sure which file you needed so i ttached two, im sure one of them will be right ^^

You appear to have bits of Lavasoft antivirus remaining :slight_smile:

Once this has completed can you let me know what problems remain

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: 2015-03-31 23:41 - 2015-03-31 23:41 - 00000000 __SHD () C:\Users\Janine\AppData\Local\EmieUserList 2015-03-31 23:41 - 2015-03-31 23:41 - 00000000 __SHD () C:\Users\Janine\AppData\Local\EmieSiteList 2015-03-31 23:41 - 2015-03-31 23:41 - 00000000 __SHD () C:\Users\Janine\AppData\Local\EmieBrowserModeList Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

Please find the log attached :slight_smile: Do i need to do anything else?

As for remaining issues - im not getting any more pop ups, which is good, but that also happened yesterday and this morning it started again. Also, i dont know if this is related, but twice today I had issues with things stopping working and needing to reboot - before i started posting here, my browser stopped working, then my task bar, and i got a message saying microsoft windows stopped working and i had to manually reboot. Then, just now, when trying to copy something from a hard drive to the desk top, my windows explorer stopped working and i had to restart too. Thats not happened before.

OK open an elevated command prompt

Go Start > All Programs > Accessories
Right click Command Prompt
In the black box that opens type the followed command and then enter :

sfc /scannow

On completion reboot

Are you still getting the non responsive programmes

i will try that now. Its not something happening in lots of different places - its happened repeatedly with my hard drive issue though. Im not sure if its a virus issue or my hard drive, though, its been temperamental since I bought it and it could just be that:

I cant watch videos directly from the hard drive, the connection between it and the PC is too slow and the video stutters. So i have been gradually moving things over to the PC to store on a new hard drive. I have been trying to move a video from the hard drive to the pc, and the “copying” window crashes before it calculates how long it will take to transfer. Cancelling the transfer just freezes the box, and ending the program via the task manager causes me to lose my taskbar and entire desktop. Which is why I will not need to reboot to do as you instructed, since this window is currently the only thing left on screen.

This has never happened before, but I dont know if it is just the hard drive being difficult or not. The overall navigation of files and folders on the pc seem slower than usual too, though.

Sounds like a hard drive problem

Are you able to run a chkdsk