So for the past week i been noticing every once in awhile avast will pop up with the threat detected message. There are 2 different ones that pop up one says.. epictory.com/4343/genmaker_142669175167714.dll infection: url:mal process C:\windows\system32\svchost.eve And i forgot what the other one says but both are svchost process..I tried everything i can think of.. ran Avast scan Malwarebytes superantispyware spybot roguekiller esetpowerlikscleaner emsisoftemergencykit ccleaner auslogics slimcleaner They did find some stuff but the pop ups still continue, i ran them in normal mode and then a second time in safe mode. And then even a third time i ran malwarebytes, avast and superantispyware. Still the problem continues. I was basically going to just reformat and reinstall windows now but was wondering if there is anything else i can try first or what causes this virus?
Hello ptkut, Please run a scan for me to help me find it: Scan with Farbar Recovery Scan Tool Please download Farbar Recovery Scan Tool x64 and save it to your Desktop. Right-click on icon and select Run as Administrator to start the tool. (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. Make sure that Addition option is checked. Press Scan button and wait. The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt. Please attach both logs to your next reply. 2oG
don't hurry, post it when you can... I have to go out of town tonight and may not be back til tomorrow late. see you then. 2oG
I gave up and formatted and reloaded windows. Nothing I tried worked. I'm really angry at Malwarebytes not correcting this problem. I paid for it and wasted my money.
Before i ran this farbar i ran combofix and hijackthis. That was 3-4 hours ago and i haven't had the pop up yet since. But let's see what farbar says.
combofix can fix a few things by just running but you really need to be trained on it or you can make a boat anchor out of your computer, Hijackthis is outdated and useless on newer computers. I'll go over your logs when I get home tonight.... see you later... don't run any more cleaning programs! 2oG
Well, hopefully combofix picked it up.. To be sure let's run a fix with Zoek and a rerun of FRST: Scan with ZOEK Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one) Please also download the attached scriptfile, named zoekscript.txt. Disable your AntiVirus and AntiSpyware programs, so they do not interfere with the running of Zoek.exe. You can find instructions how to disable your security applications here. Now, on your Desktop, drag and drop zoekscript.txt on Zoek.exe as shown below: Please approve any UAC prompt to allow this action to proceed. Answer Yes to the following prompt to allow the zoek script to run: This action causes Zoek.exe to start automatically. Please be patient while Zoek is scanning. When the tool finishes, the zoek-results.log is opened in Notepad. The log is also found on the systemdrive, normally C:\ If a reboot is needed, the log is opened after the reboot. Please attach the zoek-results.log to your reply. Scan with Farbar Recovery Scan Tool Please download Farbar Recovery Scan Tool x64 and save it to your Desktop. Right-click on icon and select Run as Administrator to start the tool. (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer. Make sure that Addition option is checked. Press Scan button and wait. The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt. Please attach both logs to your next reply. 2oG