system
June 28, 2015, 12:02pm
1
I’ve been having an issue over the last few days as avast is repeatedly alerting me that they have blocked an infection via svchost.exe as URL:MAL and the website URL changes each time. I have tried a full system scan with various programs such as avast, malwarebytes and emsisoft but all return with no results and i dont know what else to try.
Thanks in advance for any help,
-Tom
Hello,
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here .
[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[ ]In the main box please paste in the following script:
createsrpoint;
autoclean;
emptyalltemp;
ipconfig /flushdns;b
[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
system
June 28, 2015, 1:06pm
3
Doing the scan now and have been given this warning, what should i do?
http://gyazo.com/7b3a47cc9ca9f04e38018d7314cc1fa3
Is it related to the program you told me to download or it part of a virus etc?
Thanks,
-Tom
Please disable all security program prior to run Zoek.
system
June 28, 2015, 2:43pm
5
Even avast? As that is the only think stoping the virus downloading things onto my computer.
Pondus
June 28, 2015, 6:59pm
8
Paitient is next … TwinHeadedEagle will reply when online, he is not here 24/7
system
June 28, 2015, 9:40pm
9
ok sorry im just stressed out.
How is the situation now?
Sorry, I had some connection problem, I wanted to smash my computer.
system
June 29, 2015, 2:49pm
11
What do the results of the ZOEK scan say? And the problem is still happening if thats what your asking.
Btw dont worry about delays, your the one helping me.
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Make sure that Addition option is checked.
[*]Press Scan button and wait.
[*]The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt .
Please include their content into your next reply.
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Fix with Farbar Recovery Scan Tool
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[B] This fix was created for this user for use on that particular machine.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
Running it on another one may cause damage and render the system unstable.
https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/icon_exclaim.gif
[/B]
Download attached fixlist.txt file and save it to the Desktop:
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Press the Fix button just once and wait.
[*]If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
[*]When finished FRST will generate a log on the Desktop, called Fixlog.txt .
Please attach it to your reply.
system
June 29, 2015, 4:34pm
15
Thanks for your help, should it be fixed now? And if so do you know the route of the problem?
Yes, it should be fixed now. I don’t know how infection started.
system
June 29, 2015, 4:44pm
17
Dont mean to bug you, but what did you do to fix it?
I shut down some tasks, nothing more.
system
June 29, 2015, 4:56pm
19
Well thank you so much for your help, i didnt know what to do before finding this forum.