Just like a lot of people here, I’m also getting the dreaded 14 or so messages that svchost.exe connects to a site to download malware.
The urls are random, but it tries to download a .dll
Example: “http://reddienet/4141/TrimModule_142669093016272dll” (real dots replace so no url is generated for safety reasons :))
I’ve tried everything in my power to remove it, but no succes…
I’ve ran the Farbar recovery scanner like requested in other posts and attached the logs to this post.
I really hope some of you guys can help me. If you need further information, do ask
Thanks in advance!
My apologies, I’ve updated the opening post.
(aswmbt.exe found something called “Minitoolbox.exe”, but it’s an application in the Farbar malware suite, is this a false positive?)
[*]If a suspicious object is detected, the default action will be Skip, click on Continue.
[*]If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
If Cure is not available, please choose Skip instead.
[*]Do not choose Delete unless instructed!
A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version][Date][Time]_log.txt. Please include the contents of that file in your next post.
I will keep an eye on the message. I’ll keep you informed. If the message hasn’t shown itself after Saturday I’ll post it here.
Just for curiosity, what was the process that you killed with the fix? I’ve read it but couldn’t figure it out…
Just a question. Is it safe to use my pc for moneybusiness and other secure things?
I’ve read about the TDL4 botnet that was (Partially) present in my system. (Am I right?)
Or is a clean reinstall the best way to be safe?