So a day or two ago I was just casually browsing Youtube and I was re- directed to a website that had something to do with “rmicrodefender,” a title I’ve never seen before. Avast caught whatever this program was in the act and stopped the re- direct and I did a few scans afterwards. One with Malwarebytes and one with Avast. None of the scans found anything other than some hard drive errors (Avast) and I thought it was just some kind of fluke. I ignored it and told myself if it happened again I’d post something here.
Were you running Skype when this occurred? Their (along with several others, including Youtube and MSN) ad network has been compromised and is opening browser windows to a similar address. See here.
Don’t take this as saying don’t keep trying to figure out if your computer’s clean, that’s always a good practice.
[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
[*]Double click on zoek.exe to run the tool . Please wait while the tool does not start…
[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:
[*]Save notepad to your Desktop and attach here zoek-results.log Note: It will also create a log in the C:\ directory named “zoek-results.log”
.
.
Edit:
Btw, Posted OTL log doesn’t show traces of malware. If zoek does not detect any PUP ( like some Adware variant or Toolbar ) we shall need addition insight in what OTL says it’s OK.
I use adblock for Youtube, but I do always have Skype open on my PC. Perhaps this is my issue because according to magna I don’t show signs of Malware.
I have the log attached to this post. Not 100% sure on how replies work on this forum.
Anyhow, the post above on this thread mentions something about an ad compromise. I haven’t opened Skype today, and I haven’t been re- directed. This is curious.
Zoek also doesn’t shows any traces of PUP. While we’re here, let’s allow zoek’s routine action to scan your computer.
This not only go further check the system but it will do more specific actions that will contribute to the better work of the system itself or even solving the problem.
=> Re-run zoek as you did before but this time use the following script:
EmptyCLSID;
AutoClean;
Click on RunScript button and wait until a logreport will open and this shall be after the system reboot.
Then tell me how’s the things now?
Also, feel free to read AxisKiller advice, it’s valid.
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
I wonder if there is a connection between the two, as Axis said.
Also, feel free to read AxisKiller advice, it's valid.