Hello,
unfortunately I get a lot of avast URL:MAL warnings regarding anythicago.com bestdriverstar.net and others. The infected file seems to be svchost.exe.
I ran a Windows Defender and avast scan (both found no infected file) and AdwCleaner without success, so now I’m asking for help.
Farbar Recovery Scan Tool logs are attached, please let me know if you need anything else.
Your help is very much appreciated!
Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the Code box below. To do this highlight the contents of the box and right click on it and select copy (or you can just click on the (select) next to Code Box). Paste this into the open notepad. Save it to your desktop as fixlist.txt
Start
CreateRestorePoint:
C:\Users\user\AppData\Local\Temp\jna7710489129981191493.dll
Task: {42605E80-5405-4A53-93D1-0EE6607B89C7} - System32\Tasks\{632E722B-B547-4026-8842-00743234B909} => E:\Welcome.exe
Task: {C5544004-DA3C-49DA-925D-A37FDEA6B977} - System32\Tasks\{A80437A7-BE84-44B7-B510-47992F54DC42} => pcalua.exe -a C:\Users\user\Downloads\PCLEUSB2x32.exe -d C:\Users\user\Downloads
Task: {EB02381F-D652-4B1C-894A-712498C62C51} - \Microsoft\Windows\MUI\LPRemove No Task File <==== ATTENTION
EmptyTemp:
CMD: bitsadmin /reset /allusers
End
NOTE. It’s important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST by right clicking on the FRST.exe file, selecting “Run as Administrator…”. The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.
The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.
http://i1351.photobucket.com/albums/p785/dbreeze2/just%20stuff/Press%20the%20FIX%20button_zpsdd5zi3mt.png
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. Also, tell me how your system is running now.
I followed your instructions and haven’t had any problems so far, so I think the problem has been solved. Thank you very very much for your time, your effort and for sharing your knowledge!!!