from anythicago.com Infection re sychost.exe

[REDACTED]

Just got another alert from Avast. Same as always.

URL: htxp://anythicago.com/4343/SystemPower_142668884225336.dll

Infection: URL:Mal

Process: C:\Windows\System32\svchost.exe

I would be grateful of some further help.
Thank you so much!

[TwinHeadedEagle]

Monitoring...

[REDACTED]

I am online TwinHeadedEagle...

[TwinHeadedEagle]

Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

[REDACTED]

Thanks for your help!

Here are the two Furbar texts attached

[TwinHeadedEagle]

Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

• Right-click on icon and select Run as Administrator to start the tool.
  
• Wait patiently until the main console will appear, it may take a minute or two.
• In the main box please paste in the following script:

Code: [Select]

createsrpoint;
autoclean;
emptyalltemp;
chrdefaults;
bitsadmin /reset /allusers;b
ipconfig /flushdns;b

• Make sure that Scan All Users option is checked.
  
• Push Run Script and wait patiently. The scan may take a couple of minutes.
  
• When the scan completes, a zoek-results logfile should open in notepad.
  
• If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

[REDACTED]

Please find attached the  zoek-results logfile

I hope I did this right and unplugged the internet while Avast was disabled
or was it not necessary ?

[REDACTED]

   TwinHeadedEagle,
it looks like the many Avast notices re  many different malware urls
no longer appear since the last application you recommended.

Also I can now make easier use of the mouse-wheel
while monitoring the pages from top to bottom and bottom  to the top.

Hopefully that solved the problem and I am thankful to you and your skills.
Thank you!

[TwinHeadedEagle]

Cheers


• The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.

[REDACTED]

TwinHeadedEagle,

Here's part of cleaning-up file and done with.

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\zoek_backup
Deleted : C:\Users\ar\Desktop\mbar
Deleted : C:\zoek-results.log
Deleted : C:\Users\ar\Desktop\Addition.txt
Deleted : C:\Users\ar\Desktop\FRST.exe
Deleted : C:\Users\ar\Desktop\FRST.txt
Deleted : C:\Users\ar\Desktop\FRST64.exe
Deleted : C:\Users\ar\Desktop\zoek.exe
Deleted : C:\Users\ar\Downloads\TFC.exe

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #207 [Windows Update | 06/09/2015 09:40:02]
Deleted : RP #208 [Windows Update | 06/10/2015 20:05:56]
Deleted : RP #209 [zoek.exe restore point | 06/11/2015 22:09:24]

New restore point created !

########## - EOF - ##########

Again thank you and thank you for your skills !