Guys i keep getting this pop up from avast of a svchost.exe malware.
It says the location is C:\Windows\System32\svchost.exe
and the URL written is “hxxp://opticized.net/?e=pfvd&cht=2&dcu=1&cpatch=2&dcs=1&pf=1&clsb=1&unp=Azm9CdOLv7DVDyxECyFPg7x9Ae0KBfUKAe4MBG0VWznLDe4PBNq9geFI&publisher=20336&dd=4&country=PK&ind=2241941357018374917&exid=1414873202564349729&ssd=2234832947112201667&hid=1960636956843771243&osid=602&channel=0&sfx=1&ne=1&prs=4&pnum=2&jc=1&category_name=%GoSaveKeys_CategoryName%&install_date=20131102”
It pops up every two minutes or so…
PLEASE HELP! It’s the first time a virus has breached my computer.
Running windows 8 on an HP laptop.
Here are the logs. I also attached an image grab of the avast notification pop up details page.
I downloaded malwarebytes anti malware and it picked up some 180 detections which all were quarantined and pc rebooted. But the pop up i mentioned in the above post still comes up every few minutes. I’ve been using laptop virus free for years so this is the first occurrence, now realising how i suck at this tech stuff
Could you let me know what problems remain after this
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
FF Extension: No Name - C:\Program Files (x86)\VideoPlayerV3\VideoPlayerV3beta68\ff [Not Found]
2014-11-04 03:01 - 2014-11-04 03:01 - 00003192 _____ () C:\Windows\System32\Tasks\{A2FB87BB-BB70-423A-AC8A-DEAC25BA1A3D}
2014-11-02 02:47 - 2014-11-06 12:25 - 00000000 ____D () C:\ProgramData\ecbaef90-5696-41e1-a1c3-3e8112ce2840
Task: {42123375-12A1-4ED1-9611-6C12F62ECCF5} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
EmptyTemp:
CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.
So i have attached both the logs you requested. I hope i have done it correctly.
My pc just rebooted so i will have to use the laptop for a day atleast and if any notifications or warnings arise again i will most certainly let you know. Thanksss a lot for all this help