I had a bit of suspicious activity on my pc a few days back with avast spamming warnings and me having to close mysterious processes and clean things related to t them from my registries and etc I went ahead and ran a boot scan which found a handful of things. I now have a rather suspicious situation however occasionally my web pages well go to “redirect” and then to some yellowpages link instead of what I clicked and I at seemingly random times receive the malicious url warning I have a pic of to post.
Follow the directions of obtaining an MBAM log (make sure you update MBAM first) and the OTS logs (save them as ANSI). Post the MBAM log and the OTS log as an attachment (Additional Options > Attach > Post).
I am going to refer you to our Certified Malware expert, named Essexboy. He will also review your logs and give you further instructions, however he comes on the forum late UK time. He will respond to you in this thread, so remember to check this thread daily.
Please do not make any further changes to your machine after you have provided the logs.
IMPORTANT: If you are on a home network, disconnect the affected machine from the network. Do not share a USB/flash drive with this affected machine. Do not use this machine unless Essexboy instructs you do to malware removal instructions; use a different machine to check email, sync your phone, etc. if possible.
I ran the program suggested in the first response it finished surprisingly fast and the log is very small so I hope that doesnt mean it had an issue. It is now attached to this post.
I was incredibly surprised at this but while avast and the first poster’s suggested program detected nothing Malware Byte’s found an astonishing 32 or so. Many of which were root kits which I recall as being particularly nasty <I’ll be looking that up as I don’t recall why> Regardless I recognized some of them as having come from questscan.exe which I had thought I had eradicated prior to this scan. I have attached the log.
Yes i knew about droppers(the .exe files),but what about the .tmp files?He’s not infected by tdl since drivers are cleans etc.Just didn’t know about the temp files ;D
You need to run this OTS scan…then attach the log to your next post. See the link above in the quote on how to download OTS and perform OTS. Essexboy needs this log to remove the malware from your machine.