Hi! Avasti keeps detecting this as a virus:
URL: http://redirector.gvt1.com/crx/blobs/QwAAAHF3InbmK-
wFIemaY3I3BCOrQhs58MSM0PACaKZwzi…
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
Would you be able to advise me? Thank you!!
Hi! Avasti keeps detecting this as a virus:
URL: http://redirector.gvt1.com/crx/blobs/QwAAAHF3InbmK-
wFIemaY3I3BCOrQhs58MSM0PACaKZwzi…
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
Would you be able to advise me? Thank you!!
Hi, attached are all the logs as requested.
Thanks for helping!
logs continued
logs continued
logs continued
thanks so much!!
Let me know if this stops it
CAUTION : This fix is only valid for this specific machine, using it on another may break your computer
Open notepad and copy/paste the text in the quotebox below into it:
CreateRestorePoint: SearchScopes: HKU\S-1-5-21-1275140972-3221524313-362126370-1000 -> {70D46D94-BF1E-45ED-B567-48701376298E} URL = hxxp://127.0.0.1:4664/search&s=Pkg2M_7jUVliclyV0osjf4lQJuk?q={searchTerms} BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> No File BHO: No Name -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> No File Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File S3 AVG Security Toolbar Service; C:\Program Files\AVG\AVG10\Toolbar\ToolbarBroker.exe [1025352 2011-09-01] () 2015-12-12 21:14 - 2014-11-17 19:28 - 00000000 ____D C:\ProgramData\AVG 2015-12-12 21:14 - 2010-11-26 11:14 - 00000000 ____D C:\ProgramData\MFAData 2015-12-12 21:04 - 2010-06-14 13:52 - 00000000 ____D C:\Program Files\AVG Task: {1A1C4706-BB85-4D4A-82DF-C2DDD8FF7339} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION Task: {2B750266-0A48-4FB4-A807-6025A1E751FC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION Task: {43484007-F67C-4A4F-A048-22EA397773E9} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION Task: {46C83267-5453-4C30-9A7E-AFE20DC0964B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION Task: {6DAFCDC7-A990-4D48-9CF6-EC3B84DDCC8D} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION Task: {776B7AA5-0E16-4330-9C62-0BF61DB7047A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION Task: {80F0E3BA-6085-4F37-B29E-3BC572AD0227} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION Task: {8CFA9875-F0E1-45E3-92D0-AA7731CE412D} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION Task: {B6CA2999-7B54-43D3-B5DD-777123912043} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION Task: {BBE472F3-76BA-4074-A1A2-821B97C4CD2C} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION Task: {C0E8778A-0C30-431C-B6F6-8B7F0D0ABE97} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers
Save this as fixlist.txt, in the same location as FRST.exe
https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG
Run FRST and press Fix
On completion a log will be generated please post that
THEN
Please download AdwCleaner by Xplode onto your desktop.
[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.
in the midst of using adwcleaner, but FRST log attached