Removal request - alwaysisobar.com / http://anythicago.com and so forth

Like others, i’m getting constant alerts warning about attacks from alwaysisobar.com, http://anythicago.com and others.
I’m computer literate, but only on a basic level.

Help would be much appreciated. Thanks.

Hello,

Please follow this topic and attach required reports

https://forum.avast.com/index.php?topic=53253.0

Here are the logs. There are fourth because I first tried using MAM yesterday before contacting you.

I am now downloading Farbar.

Thanks.

Here are the two logs from the Farbar Scan.

Here is the log from the aswMBR.exe

I’m now going to download MCShield as I have been using an external hard drive and I don’t know if that’s been infected.

Here is the log from the MCShield scan.

Is that everything or do i need to follow " If you cannot Boot the computer" ?

No idea how to reboot the computer. I have a 64bit system as far as I know.

Is that everything or do i need to follow [b]" If you cannot Boot the computer"[/b] ?
Do you have a problem with that .... if not, no need to do it
[b]No idea how to reboot the computer.[/b] I have a 64bit system as far as I know.
It means restart the computer ;) ..... i guess you know how to do that ..... or?

:smiley: I actually knew that. Honest :wink:

Hello,

https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[
]In the main box please paste in the following script:

createsrpoint;
chrdefaults;
bitsadmin /allusers /reset;b
autoclean;
emptyalltemp;
ipconfig /flushdns;b

[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

Here’s the results of the Zoek scan.

I haven’t switched either Avast or Defender back on yet. Should I?

Switching avast off was for downloading and running the Zoek scan - You should be able to restart avast now. You should keep Windows Defender disabled in windows 8.1 as it incorporates a full AV, it isn’t the Windows Defender of old.

OK, thanks.

How is your PC behaving now?

At the moment, OK! I’ve had one or two new alerts, but not the constant 12-16 ones I was getting.

I will see how it runs tomorrow, late here, and get back to you.

Thanks for the help so far.

Keep me updated.

No further alerts so far.

Should I keep MAM and MCShield installed along with Avast? Will they be in conflict with eacth other?

And should I keep Windows Defender turned off?

Thanks.

Yes, you can keep all program. If you have Avast, then Windows Defender should be off.

The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

OK, just done.

All your work is much appreciated.