I have multiple threat blocks alerts from some bad websites, please help

Guys:
My avast flashes like 18 different threat blocks in my computer , it came from svchost.exe process. I read the forum, and understand i need to attach the FRST log. But I have difficulty to generate one, could anybody help me with this, thank you so much.

Yuan

Follow instructions here https://forum.avast.com/index.php?topic=53253.0
attach Malwarebytes and Farbar Recovery Scan Tool logs

Any problems, then ask

Dear Sir:
I have attached FRST log and MBAM log, thank you so much for the help.

We also need addition.txt from Farbar.

So sorry I didn’t read the post carefully. I reattached FRST and Addition logs.

it is midnight here in europe now and most of the malware expert have logged off, so you may not recive a reply before tomorrow

no problem, I can wait till tomorrow. Thank you for helping me:)

One of the things I notice is that you are running 360 and avast.
You will need to make a choice which one to keep and which one to remove.
http://blog.kaspersky.com/multiple-antivirus-programs-bad-idea/

I am not in the list of malware removers on this webboard, but this is a fixlist that I have put together.
If you want to wait for one of the listed malware removers, that is fine ofcourse.

Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2015-05-01 20:22 - 2015-05-01 20:22 - 00000000 _____ () C:\autoexec.bat
2015-05-01 08:50 - 2015-05-01 08:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-04-08 10:25 - 2015-04-08 10:25 - 00022744 _____ () C:\WINDOWS\system32\emptyregdb.dat
2015-04-08 10:15 - 2015-01-06 00:17 - 00000000 __SHD () C:\WINDOWS\SysWOW64\AI_RecycleBin
FF Plugin-x32: @alipay.com/NPComBrg701,version=1.0.2011.701 -> C:\WINDOWS\system32\itruscert\NPComBrg701.dll No File
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
ICBCChromeExtension (HKLM-x32\...\{FAE970AE-A8FB-4AE4-91E7-8FD84ABAE007}) (Version: 1.0.2.0 - ICBC) <==== ATTENTION
Task: {A50E983E-543F-4D65-AC3F-05269D324EC7} - \360SuperKiller\360SuperKiller No Task File <==== ATTENTION
Task: {B1263FDB-90C4-4CC5-A374-AC6BA96808CD} - \TidyNetwork Update No Task File <==== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
CMD: ipconfig /flushdns
CMD: ipconfig /release
CMD: ipconfig /renew
CMD: netsh winsock reset catalog
CMD: bitsadmin /reset /allusers
End

Dear Eddy and Pondus:
I will remove 360. I just ran the aswMBR, here is the log requested in the post.

The aswmbr log looks fine, no problems found.
That is already good news. :smiley:

Thats great! Thank you guys! You are life savers :smiley: