Looks like this pc is joining the crowd with having C:\windows\system32\svchost.exe calling http://simplesitescan.net/4242/TrimModule_142668815552908.dll and generically identified as a “URL:Mal” infection. Any assistance you can provide would be greatly appreciated.
Attached are the FRST.txt and Addition.txt files from running the Farbar Recovery Scan Tool
First, move the FRST64.exe program from the Downloads folder to your desktop. (Come back if you don’t know how to do this.)
Open notepad by pressing the Windows Key + R Key, typing in Notepad in the Run dialog and then pressing Enter. Please copy the contents of the quote box below. To do this highlight the contents of the box and right click on it and select copy. Paste this into the open notepad. Save it to your desktop as fixlist.txt
Start CreateRestorePoint: EmptyTemp: CMD: bitsadmin /reset /allusers End
NOTE. It’s important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST64 by right clicking on the FRST64.exe file, selecting “Run as Administrator…”. The User Account Control may open up; if it does, select Yes to continue to let FRST open and load.
The tool will check for an updated version of itself every time it loads; please allow it to do this and the program will either inform you it is downloading an updated copy (and to wait until it is safe to continue) or show nothing (meaning there is no update found) and you can continue on. Press the Fix button just once and wait. The tool will create a restore point, process the script and ask for a restart of your system.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply. Also, tell me how your system is running now.