Malicious Website Protection pop up all the time. Possible infection. Cant remove. System 32 issue

V

Valkral

New Member
Thread author
Mar 14, 2016
4
I am having an issue which is causing computer slow downs, pop ups and all sorts the main information is as follows:
- Constant pop ups from malware bytes blocking websites, most notably :\Windows\System32\svchost.exe and (x86)\Google\Chrome\Application\chrome.exe

I have tried various scans from malware bytes, bitdefender, avast, AVG, TDSSKiller. All to no avail. I wasn't using any of these antivirus software in conjunction with one another.
 

Attachments

  • FRST.txt
    143.5 KB · Views: 3
  • Addition.txt
    89.5 KB · Views: 3
V

Valkral

New Member
Thread author
Mar 14, 2016
4
These are the pop ups i am getting.

Malwarebytes Anti-Malware
www.malwarebytes.org


Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63501, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63501, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63502, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63503, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63504, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63554, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63555, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:15, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Domain, 204.13.194.231, ad.directrev.com, 63556, Outbound, C:\Program Files (x86)\Google\Chrome\Application\chrome.exe,
Detection, 14/03/2016 17:27, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:27, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Outbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:27, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:28, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:29, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:30, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:30, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:31, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:31, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:32, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:32, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:33, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:33, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:38, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Detection, 14/03/2016 17:38, SYSTEM, PETER-PC, Protection, Malicious Website Protection, IP, 116.202.32.13, 60305, Inbound, C:\Windows\System32\svchost.exe,
Protection, 14/03/2016 17:40, SYSTEM, PETER-PC, Protection, Malware Protection, Starting,
Protection, 14/03/2016 17:40, SYSTEM, PETER-PC, Protection, Malware Protection, Started,
Protection, 14/03/2016 17:40, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Starting,
Protection, 14/03/2016 17:40, SYSTEM, PETER-PC, Protection, Malicious Website Protection, Started,
 
V

Valkral

New Member
Thread author
Mar 14, 2016
4
Hello, thank you for the quick reply. I haven't checked my extensions but I only have 5 and they are all reputable ones. Hoverzoom, search by image(the Google official one), Adblock, silver bird, and Skype. I have had these for a long while.
 
V

Valkral

New Member
Thread author
Mar 14, 2016
4
Hello again, I have been at work so couldn't reply sooner. I have just uninstalled it completely and reinstalled it. No difference.
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
FRST.gif
Scan with Farbar Recovery Scan Tool

Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
  • Right-click on
    FRST.gif
    icon and select
    RunAsAdmin.jpg
    Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition.txt option is checked.

    2873ryc.png

  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please attach report into your next reply.
 
  • Like
Reactions: Deleted Member 333v73x

Similar threads

DKNC
Malware Bytes "Malicious Website Blocked" Message every few seconds!
Replies
3
Views
2,641
Windows Malware Removal Help & Support
TwinHeadedEagle
TwinHeadedEagle
L
    • Like
Assembly quick tutorial
Replies
2
Views
2,802
Malware Analysis Archive
LabZero
L
viktik
    • Like
Guide | How To How to use Sysinternals Process Explorer
Replies
0
Views
10,784
Guides - Privacy & Security Tips
viktik
viktik

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top