Hi
For the past few days, I have been getting continual Avast Webshield pop ups warning of a blocked “harmful webpage or file”.
This happens as soon as I connect to the internet and before I even open my browser. There are usually 8 to 12 popups.
The popups are similar to these (Same domain names, and file types, slightly different file names):
URL:http://anythicago.com/4141/RelayTurbo_142668814314552.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://simplesitescan.net/4141/LighterInit_142669556111830.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://alwaysisobar.com/4141/CutterGeneration_142669028208336.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://bestdriverstar.net/4141/CutterSystem_142669222915982.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
URL:http://opticguardzip.net/4141/CutterSystem_142669222919983.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
I have used the following malware removers without success:
*Malwarebytes Antimalware
*Spybot S&D
*Iobit Malware Fighter
*Adwcleaner 4
Attached are my malwarebytes scan log from today, FRST and FRST addition text files and the aswMBR.exe scan log file.
Eddy
June 6, 2015, 4:51pm
2
You already made 2 mistakes.
1]
You have used Spybot, since is nowadays has a huge lack of detection.
2]
You have used software from thiefs (IObit).
https://forums.malwarebytes.org/index.php?/topic/29681-iobit-steals-malwarebytes-intellectual-property/
Didn’t realise that IObit stole intellectual property or that Spybot was so ineffective.
My decision to use these programs stemmed from reviews and ratings on download.cnet.com .
However, I still require assistance with these URL:MAL infections.
Looking at the similar domain names and large amount of recent threads on this forum; this problem seems to be quite widespread.
Let me know if this stops it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint:
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt , in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
This seems to have resolved the problem. There are no more Avast popups when I connect to the internet.
Thanks for the assistance.
The completion log is attached.
I followed the instructions.
Problem seems resolved.
Thanks for the brilliant support.