Reduled.info, Epcitory.com, blackfight.info Infections appearing all the time

[REDACTED]

Hello 

I have this warning messages all the time for: Reduled.info, Epcitory.com, blackfight.info and other 3 more I think.

I already run Adwcleaner and Malwarebytes but the messages keep coming.  Find attached the log files required.

Note: aswmbr crashes a couple of times before I can actually get the log file
Note 2: My father used an USB drive on my PC but I don't have it right now so I can't post the MCShiled log file.

Thanks in advance

[essexboy]

Could you let me know if this stops it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 

CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
BHO: No Name -> {5b48e9af-a609-4fef-af5d-07f7f8f6faa7} ->  No File
BHO: No Name -> {7796fa75-1872-470d-85f7-ba37a9542cef} ->  No File
BHO-x32: No Name -> {5b48e9af-a609-4fef-af5d-07f7f8f6faa7} ->  No File
BHO-x32: No Name -> {7796fa75-1872-470d-85f7-ba37a9542cef} ->  No File
BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} ->  No File
BHO-x32: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
Toolbar: HKLM - No Name - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://www.mystartsearch.com/?type=hp&ts=1423201592&from=wpc&uid=KINGSTONXSVP200S3120GXXXXXXXXXXXXXXXXX_50026B72251083EB"
2015-02-06 21:39 - 2015-02-06 22:12 - 00000000 ____D () C:\ProgramData\{05cf0301-b78e-e9e9-05cf-f0301b780c06}
2015-02-06 21:27 - 2015-02-06 21:27 - 00000000 ____D () C:\Users\JCMV\AppData\Local\@ByELDI
2015-02-06 13:11 - 2015-02-06 13:11 - 00000000 ____D () C:\Users\JCMV\AppData\OICE_15_974FA576_32C1D314_1A9B
2015-02-06 11:04 - 2015-02-06 11:04 - 00003156 _____ () C:\Windows\System32\Tasks\{AFA20382-C0DA-4403-B936-B88D5827BA3A}
2015-02-06 02:18 - 2015-02-06 02:18 - 00003136 _____ () C:\Windows\System32\Tasks\{21C35419-7840-4267-B81B-676D14BCCCB2}
2015-02-06 00:41 - 2015-02-06 01:09 - 00000000 ____D () C:\ProgramData\{51aefb43-ac09-8d33-51ae-efb43ac0ed0e}
2015-02-04 16:36 - 2015-02-04 16:36 - 00000000 ____D () C:\Users\JCMV\AppData\OICE_15_974FA576_32C1D314_37C4
2015-03-02 12:30 - 2013-08-04 12:34 - 00000000 ____D () C:\Users\JCMV\AppData\Local\SoulseekQt
2015-02-09 09:06 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Globalization
C:\Users\JCMV\AppData\Local\Temp\3dA9b26E0C\temp\putfu.xyz
C:\Users\JCMV\AppData\Local\Temp\F23397CC57d
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

• Close all open programs and internet browsers.
• Double click on AdwCleaner.exe to run the tool.
  
• Click on Scan.
  
• After the scan is complete click on "Clean"
• Confirm each time with Ok.
  
• Your computer will be rebooted automatically. A text file will open after the restart.
• Please post the content of that logfile with your next answer.
• You can find the logfile at C:\AdwCleaner[S0].txt as well.
  

[REDACTED]

 I just follow the steps you give me (FRSST fix) and now Windows cannot start. It gets stuck right before the 'Initializing Windows': black screen with mouse arrow. Then, it restart this over and over again.

[essexboy]

Does it pause at the black screen or does it restart automatically ?

[REDACTED]

It pauses for like 1:30 min at the black screen (with the mouse arrow) and then it restarts.

[essexboy]

Nothing removed was to do with start up just browser element.. 

OK lets sort this out

Download the following three programmes to your desktop :
 
 
1.  Rufus 
 
For 64bit systems  
2. Windows 7 64bit RC I will PM the link for this
3. Farbar Recovery Scan Tool x64 
 
Insert the USB stick Then run Rufus
 
Select the ISO file on the desktop via the ISO icon. 
 
Press Start Burn

Then copy FRST to the same USB   
 
   
 
 
 
Insert the USB into the sick computer and start the computer.  First ensuring that the system is set to boot from USB 
Note: If you are not sure how to do that follow the instructions Here
 
Windows 7 and Vista screenshots 

When you reboot you will  see this.
 Click repair my computer  
 
 
Select your operating system  
 
 
Select Command prompt 
 
 
At the command prompt type the following  :
 
notepad and press Enter. 
The notepad opens. Under File menu select Open. 
Select "Computer" and find your flash drive letter and close the notepad. 
In the command window type e:\frst64.exe  or  e:\frst.exe dependant on system
 and press Enter 
Note: Replace letter e with the drive letter of your flash drive. 
The tool will start to run. 
When the tool opens click Yes to disclaimer. 

Press Scan button. 
It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.
 

[REDACTED]

At the prompt screen, my keyboard (Microsoft Ergonomic 4000) wasn't recognized and I couldn't type anything

[REDACTED]

I solved the keyboard problem, here it is FRST log file:

[essexboy]

OK I think I have found the problem.  For some reason one of the Avast drivers was running from the temporary folder, when I emptied the temps the driver was removed.  You will need to repair Avast

Download the attached fixlist.txt to the same location as FRST
Start FRST and press fix
On completion try a normal boot

 

[REDACTED]

Didn't work, same black screen after the windows logo.

Find attached the FRST log file

[essexboy]

OK this one will stop all Avast drivers and services

Download the attached fixlist.txt to the same location as FRST
Start FRST and press fix
On completion try a normal boot

[REDACTED]

Same result.

[essexboy]

Where does it stop now in safe mode ?

[REDACTED]

Once i did the 'Fix it' step, I selected: Restart from the recovery disc menu. Then, I let it reboot normally, not in safe mode.

[REDACTED]

I skipped the 'Press any key to boot from USB' and picked 'Start in safe mode'. Same results: black screen with the mouse pointer.