Derchy.com?

I had a bit of suspicious activity on my pc a few days back with avast spamming warnings and me having to close mysterious processes and clean things related to t them from my registries and etc I went ahead and ran a boot scan which found a handful of things. I now have a rather suspicious situation however occasionally my web pages well go to “redirect” and then to some yellowpages link instead of what I clicked and I at seemingly random times receive the malicious url warning I have a pic of to post.

http://img695.imageshack.us/img695/5214/urlmal.jpg

I am intensely worried I am under attack from a sneaky virus that avast didn’t detect and would appreciate any help.

Redirects?
Please download aswMBR from here http://public.avast.com/~gmerek/aswMBR.htm
Download it
Run it
Scan
and post the log please.

Regards
Philip

Check the information on the first post of this thread under Virus/Worms for you to check your machine for malware: http://forum.avast.com/index.php?topic=53253.0.

Follow the directions of obtaining an MBAM log (make sure you update MBAM first) and the OTS logs (save them as ANSI). Post the MBAM log and the OTS log as an attachment (Additional Options > Attach > Post).

I am going to refer you to our Certified Malware expert, named Essexboy. He will also review your logs and give you further instructions, however he comes on the forum late UK time. He will respond to you in this thread, so remember to check this thread daily.

Please do not make any further changes to your machine after you have provided the logs.

IMPORTANT: If you are on a home network, disconnect the affected machine from the network. Do not share a USB/flash drive with this affected machine. Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine to check email, sync your phone, etc. if possible.

Let me know if you have any questions. Thank you.

Edit: Essexboy has been notified.

I ran the program suggested in the first response it finished surprisingly fast and the log is very small so I hope that doesnt mean it had an issue. It is now attached to this post.

I was incredibly surprised at this but while avast and the first poster’s suggested program detected nothing Malware Byte’s found an astonishing 32 or so. Many of which were root kits which I recall as being particularly nasty <I’ll be looking that up as I don’t recall why> Regardless I recognized some of them as having come from questscan.exe which I had thought I had eradicated prior to this scan. I have attached the log.

Looks like Malware killed TDSS,aswmbr log looks clean.Wait for essexboy.

They were the TDL droppers but were not able to activate - Could you run and post the OTS log please so that I can remove the remnants

Yes i knew about droppers(the .exe files),but what about the .tmp files?He’s not infected by tdl since drivers are cleans etc.Just didn’t know about the temp files ;D

I’m not sure what an OTS log is

Old timer scanner (OTS) log. ;D

You need to run this OTS scan…then attach the log to your next post. See the link above in the quote on how to download OTS and perform OTS. Essexboy needs this log to remove the malware from your machine.

Let me know if you have any questions. Thank you.