« previous next »
Pages: [1]   Go Down

Author Topic: blackfight.info/3333/LinkMaker_142264181225646.dll - Blocked  (Read 1978 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
blackfight.info/3333/LinkMaker_142264181225646.dll - Blocked
« on: April 26, 2015, 07:21:17 PM »
Keep getting the following warning about a blocked action from "C:\Windows\System32\svchost.exe" from accessing "http://blackfight.info/3333/LinkMaker_142264181225646.dll"

I've also run the programs suggested on https://forum.avast.com/index.php?topic=53253.0 and will attach the logs.

Can't seem to attach the MBR.dat
« Last Edit: April 26, 2015, 07:22:57 PM by martin254 »
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: blackfight.info/3333/LinkMaker_142264181225646.dll - Blocked
« Reply #1 on: April 26, 2015, 08:33:43 PM »
Let me know if this stops it

CAUTION :  This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:
 
Quote
CreateRestorePoint:
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
2015-04-16 10:50 - 2015-04-16 10:50 - 00000000 ____D () C:\ProgramData\94cbdf1c000072b2
2015-04-16 10:37 - 2015-04-16 10:38 - 00000000 ____D () C:\Users\Cheyne\AppData\Roaming\{4F74BF37-10A1-4D75-8C85-B50B2618592C}
2015-04-14 16:21 - 2015-04-15 21:22 - 00000000 ____D () C:\ProgramData\{ed4e2f36-4f00-d3f1-ed4e-e2f364f0bcd9}
2015-04-14 16:19 - 2015-04-26 13:59 - 00000000 ____D () C:\Program Files (x86)\bestadblocker
2015-04-14 16:19 - 2015-04-16 13:29 - 00000000 ____D () C:\Program Files (x86)\Cookie Killer for Facebook
2015-04-14 16:18 - 2015-04-16 11:27 - 00000000 ____D () C:\Program Files (x86)\SaiLePluus
2015-04-14 16:18 - 2015-04-15 21:22 - 00000000 ____D () C:\ProgramData\{af5f5a98-72ef-d25b-af5f-f5a9872e6a61}
2015-04-14 16:18 - 2015-04-14 16:18 - 00000000 ____D () C:\ProgramData\10990512489216433785
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
EmptyTemp:
CMD: bitsadmin /reset /allusers

 
Save this as fixlist.txt, in the same location as FRST.exe

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S0].txt as well.
Logged

REDACTED

  • Guest
Re: blackfight.info/3333/LinkMaker_142264181225646.dll - Blocked
« Reply #2 on: April 26, 2015, 09:50:51 PM »
Thank you for all the help so far.

Code: [Select]
# AdwCleaner v4.202 - Logfile created 26/04/2015 at 21:46:55
# Updated 23/04/2015 by Xplode
# Database : 2015-04-23.2 [Server]
# Operating system : Windows 8.1 Pro  (x64)
# Username : Cheyne - ATARI
# Running from : C:\Users\Cheyne\Downloads\adwcleaner_4.202.exe
# Option : Cleaning

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\f97c3b9d-82a7-759b-9797-91c6f55662bc
Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17416


-\\ Mozilla Firefox v37.0.2 (x86 sv-SE)

[xx4n8wkh.default\prefs.js] - Line Deleted : user_pref("extensions.eA8Dl78UjXESeSis.scode", "(function(){try{if(window.self.location.href.indexOf(\"qdr6pjC5qHaGpjw7pjs9qHkFpn\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]
[xx4n8wkh.default\prefs.js] - Line Deleted : user_pref("extensions.egSK5jwzJ1FYp4u6.scode", "(function(){try{if(window.self.location.href.indexOf(\"qdr6pjC5qHaGpjw7pjs9qHkFpn\")>-1){return;}}catch(e){}try{var d=[[\"trianglecash.com\",\"acebook\"[...]

*************************

AdwCleaner[R0].txt - [1889 bytes] - [26/04/2015 21:46:02]
AdwCleaner[S0].txt - [1741 bytes] - [26/04/2015 21:46:55]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1800  bytes] ##########
As it stands at the moment the warning has not come back after these actions have been taken.
But, as always, can't be sure until some time has passed.
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: blackfight.info/3333/LinkMaker_142264181225646.dll - Blocked
« Reply #3 on: April 26, 2015, 10:21:42 PM »
Let me know when you are happy and I will tidy up
Logged
Pages: [1]   Go Up
« previous next »