Avast pops up these warnings every 5 min, please help.
URL: hxxp://getusaaall.info/?e=pcho& unp=Azm9CdOLv7DVDyxECyFPg7x9Ae0KBfUKAe4MBG0VWznLDe4PBNq9geFI&publisher=1912&dd=3&…
In C://Windows/System32/svchost.exe
and
URL: hxxp://getmuzicas.info/?e=pcho&unp=Azm9CdOLv7DVDyxECyFPg7x9Ae0KBfUKAe4MBG0VWznLDe4PBNq9geFI&publisher=1912&dd=3&…
In C://Windows/System32/svchost.exe
All log files are in the attachements.
Hi this is very hard to remove from 8.1 as we cannot locate the loading point
Clear Cache/Temp Files
Download TFC by OldTimer to your desktop
[*] Please double-click TFC.exe to run it. (Note: If you are running on Vista, 7 or 8 right-click on the file and choose Run As Administrator).
[*]It will close all programs when run, so make sure you have saved all your work before you begin.
[*]Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
[*]Once it’s finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
THEN
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CMD: ipconfig /release CMD: netsh int ip reset CMD: ipconfig /renew CMD: DEL %TEMP%\*.* /F /S /Q CMD: RD /S /Q %TEMP% REBOOT:
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
Here’s the log and thanks for the fast reply.
Are the alerts still appearing ?
Avast is unfortunately still showing me these warnings. 
Do you have a restore point from the day prior to Avast alerting ?
No, i havent a restore point.
We are having problems with this and windows 8.1 as we have not yet been able to locate the load point
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
Here’s the log.
After a few min. avast showed me the alert again.
I will now try some tools that I have not yet used on this beast but I give no guarantees
Download the latest version of TDSSKiller from here and save it to your Desktop.
[*]Doubleclick on TDSSKiller.exe to run the application
https://dl.dropbox.com/u/73555776/tdss%20start.JPG
[*]Then click on Change parameters.
https://dl.dropbox.com/u/73555776/tdss%20Change%20param.JPG
[*]Check the boxes beside Verify Driver Digital Signature, Detect TDLFS file system and Use KSN to scan objects , then click OK.
[*]Click the Start Scan button.
[*]If a suspicious object is detected, the default action will be Skip, click on Continue.
https://dl.dropbox.com/u/73555776/tdss%20threat.JPG
[*]If malicious objects are found, they will show in the Scan results and offer three (3) options.
[*]Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
[*]Get the report by selecting Reports
https://dl.dropbox.com/u/73555776/tdss%20report.JPG
[*]Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Please copy and paste its contents on your next reply.
I scan my system but the software didnt find any suspicious objects. This malware is damn good in hiding.
Could you add those two addresses to your host file as 127.0.0.0
We are currently running the same malware on an 8.1 virtual machine at the moment trying to track it down
OK I may have found a possible solution
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CMD: ipconfig /release CMD: netsh int ip reset CMD: ipconfig /renew CMD: DEL %TEMP%\*.* /F /S /Q CMD: RD /S /Q %TEMP% Folder: C:\Users\Stealthy\AppData\\Local Settings\Temp Folder: c:\WINDOWS\Prefetch REBOOT:
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
The warnings are still here.
Log is in the attachments.
Could you download and run Kaspersky pure trial from here http://www.kaspersky.co.uk/free-trials/pure
This is similar to AVP but is win 8.1 compatible
It will offer to remove Avast skip that and set the Avast shields to off for one hour
Once Kaspersky has installed you will see this screen
https://dl.dropboxusercontent.com/u/73555776/kas1.JPG
Select scan and allow it to update
https://dl.dropboxusercontent.com/u/73555776/report.JPG
Once the scan has completed and it has removed any threats select report on the top right
Click detailed report and post that here.
It appears that this may well kill it, but I will need the report to determine what it is so that I can then remove it manually
Kaspersky didnt found anything. Should i uninstall it and check
whether avast pops up alerts again?
Yes please whilst I check out what it found. Uninstall Kaspersky via control panel
At the moment it looks great! 50min are over and i still haven’t an alert. I hope the problem is solved but i let you know if it appears again. Thanks a lot for your amazing support! 
Is it even possible that the infection is over now? It’s a bit weird because kaspersky didnt delete any files…
I know that is the problem, it did not delete any files but as a matter of course it resets some basic settings (which ones are unknown)
Could you monitor and let me know if all is well tomorrow
I run my PC today for over 3 hours and no alert appeared. It looks like the problem is solved! thx