Malicious URL http://specrtop.org/a/

[ndmd]

I also try to go to window update from start menu. The same message appears.

[polonus]

Site was registered one month ago with a specific reason -> https://www.virustotal.com/en/domain/specrtop.org/information/
A Wscript infesting site -> https://www.virustotal.com/en/domain/specrtop.org/information/

polonus

[essexboy]

OK I do have a tool that should fix that

Download and Install Combofix
 
Download ComboFix from one of the following locations:
Link 1
Link 2
 
VERY IMPORTANT !!! Save ComboFix.exe to your Desktop
 
* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

• Double click on ComboFix.exe & follow the prompts.
  
• Accept the disclaimer and allow to update if it asks

• When finished, it shall produce a log for you.
• Please include the C:\ComboFix.txt in your next reply.[/b]
  

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3.  If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

[ndmd]

Even though I've already disabled avast and other antimalware, I'm getting message showing 'real time scanner are still active'.

Actually I've already uninstalled AVG as well.

[ndmd]

I'm still at that point. Not sure if I can press Ok and dont know how to stop that scan.

[ndmd]

I didn't press OK and I just restarted my computer from that point now.

I'll be awaiting your further instructions.

Thanks.

[garima1588]

even i am getting the same message again and again

URL:   http://specrtop.org/a/
Process:   C:\Windows\System32\wscript.exe
Infection:   URL:Mal
 and i have done all possible scanning to delete this virus. kindly please help me to remove this from my laptop. it is very annoying that with avast antivirus installed on my system, i have got this Malware in my system.
please help

[polonus]

Look for the downloaded file that is flagged: apexnew-bold.exe
see: https://www.virustotal.com/en/file/c87fb40fd6f090c9e023b1a883a8d1f1c934d5e9f58f7092df441a91b476371c/analysis/1367278465/
= FBI Moneypak virus

Damian

[garima1588]

i am asking how to remove this malware??

[polonus]

Hi garima1588,

That is why you have the help of a qualified removal expert here. I am just throwing in some additional info,

polonus

[garima1588]

then assist me how to remove

URL:   http://specrtop.org/a/
Process:   C:\Windows\System32\wscript.exe
Infection:   URL:Mal

[magna86]

My apologize to essexboy for intrusion ...

@ garima1588

then assist me how to remove

Open new topic and attach log reports.
How and what to run...please read this:
http://forum.avast.com/index.php?topic=53253.0

[essexboy]

@ndmd

Run combofix again please, if it still complains then press OK but do not allow Avast to quarantine or stop anything from running

[ndmd]

I could run the scan without any warning message this time.

The log file is attached.

[essexboy]

Is the control panel now available ?


Download AdwCleaner from here to your desktop
Run AdwCleaner and select Delete



Once done it will ask to reboot, allow this
On reboot a log will be produced please attach that