svchost.exe popups - another one

[REDACTED]

I'm glad I found this forum, and more glad that I'm not the only one struggling with this.

I keep getting the "threat has been detected" message like this:

URL: htXp://anythicago.com/3333/LibraryFunc_142277749447700.dll
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe

I read through the forums and tried some of the suggested fixes/actions:

I ran rkill, spybot, hitman, and avast with nothing being detected.

I ran FRST64 (logs attached) and adwcleaner, which removed a few things.

then I uninstalled Chrome (after I unsynced account)

I ran zoek with the script: autoclean; emptyalltemp; inconfig /flushdns; b  (attached)

I'd appreciate any help.

thanks guys!!

[TwinHeadedEagle]

Hello,

Do you have FRST reports?

Please follow this topic and attach required reports

https://forum.avast.com/index.php?topic=53253.0

[REDACTED]

original post had a FRST log, here's an updated one after I did the zoek and uninstalled chrome.

thanks!!

[REDACTED]

Also the logs from AdwClean

[TwinHeadedEagle]

Fix with Farbar Recovery Scan Tool

This fix was created for this user for use on that particular machine.
Running it on another one may cause damage and render the system unstable.

Download attached fixlist.txt file and save it to the Desktop:

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

• Right-click on icon and select Run as Administrator to start the tool.
  (XP users click run after receipt of Windows Security Warning - Open File).
  
• Press the Fix button just once and wait.
  
• If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
• When finished FRST will generate a log on the Desktop, called Fixlog.txt.
  

Please attach it to your reply.

[REDACTED]

Attached - Fixlog.txt

thanks for the help!! I just ran it,  I think it's too soon to know for sure, but I'm confident. thanks again.

[TwinHeadedEagle]

Okay, let me know in a couple of hours.

[REDACTED]

Seems to be good to go.

thanks!!

I really appreciate the help.

[TwinHeadedEagle]

Cheers


• The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.