Hello, I -have a client computer that has the same infection it seems as the others having the same issue with Avast and these URL’s. I have scanned with Malwarebytes AM, and Malwarebytes Anti rootkit, as well as the Avast scan an this keeps happening. Attached are the FRST.txt, Addition.txt, and Zoek logs. Can someone please help with this?
Most of the guys in removal team are located in europe, It is midnight here in europe now so you may not recive a reply before tomorrow
That’s fine, this has been going on for about a week now.
I see one online so you may be lucky
Download the attached file and save it to the desktop of the infected machine.
Rename it tcpip.reg and double click on it to merge the file. You must do this as an Administrator or the merge will not happen.
Reboot the system and report back the new status. Thanks.
I applied the update yesterday afternoon. When the person came in this morning and logged into the computer, it seems that there was a network block to the httxp://anythingihcago…dll
Can I get some additional help on this please?
I am not sure I understand the question; you are blocked from a malware site and you want it unblocked? Or ?
Opps; not enough coffee this morning!
Please run the following and tell me if this stops the messages:
Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
Start CreateRestorePoint: EmptyTemp: CMD: bitsadmin /reset /allusers End
NOTE. It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST by right clicking on the FRST exe file, selecting “Run as Administrator…”. The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.
The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.
Here is the fixlog.
Good; thank you for the log. How is the system running now?
Looks to be running great, thanks for the help.
Great! Let’s remove the tools and you’re on your way! 8)
Clean up of Malware Removal Tools
Now that we are through using these tools, let’s clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.
- Download Delfix from here to your desktop and double click it to start the program
- Ensure Remove disinfection tools is ticked
Also tick: - Activate UAC
- Create registry backup
- Purge system restore
- Reset system settings
- Ensure Remove disinfection tools is ticked
http://i1351.photobucket.com/albums/p785/dbreeze2/just%20stuff/DelFixSelectall_zps0f04cec4.png
- Click Run
- The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
You can delete any log files left on your desktop as these are no longer needed.
- The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.