system
June 15, 2015, 11:53pm
1
I’m glad I found this forum, and more glad that I’m not the only one struggling with this.
I keep getting the “threat has been detected” message like this:
URL: htXp://anythicago.com/3333/LibraryFunc_142277749447700.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
I read through the forums and tried some of the suggested fixes/actions:
I ran rkill, spybot, hitman, and avast with nothing being detected.
I ran FRST64 (logs attached) and adwcleaner, which removed a few things.
then I uninstalled Chrome (after I unsynced account)
I ran zoek with the script: autoclean; emptyalltemp; inconfig /flushdns; b (attached)
I’d appreciate any help.
thanks guys!!
Hello,
Do you have FRST reports?
Please follow this topic and attach required reports
https://forum.avast.com/index.php?topic=53253.0
system
June 16, 2015, 12:11am
3
original post had a FRST log, here’s an updated one after I did the zoek and uninstalled chrome.
thanks!!
system
June 16, 2015, 12:33am
4
Also the logs from AdwClean
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt .
Please attach it to your reply.
system
June 16, 2015, 10:34am
6
Attached - Fixlog.txt
thanks for the help!! I just ran it, I think it’s too soon to know for sure, but I’m confident. thanks again.
Okay, let me know in a couple of hours.
system
June 17, 2015, 10:13am
8
Seems to be good to go.
thanks!!
I really appreciate the help.
Cheers
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.