Hello, since you once helped me very nicely I’m returning back to you.

Avast alerted me about this a while ago and I wasn’t visiting anything unusual so… I guess I’m infected? I instantly scanned the pc with MLWBytes and then OTL so I’m attaching all logs and also screenshot of the alert. If I’m indeed infected then I really hope you will be able to help me… Thank you in advance.

If I'm indeed infected then I really hope [b]you[/b] will be able to help me... Thank you in advance.
Who is you?

Malware experts are notified, it may take some hours before they are online

you all of you here the admins and experts, whoever decides and has time to help me…
thank you.

Hi reketrebn, run this fix and then check is this fix the thing:

Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.

[*]Click on the Scan button.
[*]After the scan has finished click on the Clean button.

Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.

[*]After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
[*]Post logfile will also be saved in the C:\AdwCleaner folder.

.

If AdwCleaner didn’t fix the problem, could you reset Firefox and Chrome browsers back on defaults?

https://support.google.com/chrome/answer/3296214?hl=en
https://support.mozilla.org/en-US/kb/reset-firefox-easily-fix-most-problems

Any luck?

well, I did run it and it deleted another bunch of thigs… but I’m not sure still? Because when I checked the internet before about this virus I only found about some BAO type and how it’s dangerous and should be removed expertly and manually and wanted to charge me a lot for it.
I’m attaching the log so look for yourself but did my previous logs show any virus infection?

Did you reset your browsers as I told you? Let’s go to re-check.

Please download zoek by smeenk (
http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png
) from here or here and save it to your Desktop.
Unpack the archive…

[*]Close any open browsers
[*] Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.

[*]Double click on zoek.exe to run the tool .
Please wait while the tool does not start…

[*]Copy the text present inside the code box below and paste it into the large window in the zoek tool:

QuickScan
Uninstall-list;

[*] Click on
http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png
button.
Please wait until a logreport will open (this can be after reboot)

[*]Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named “zoek-results.log

I did now all above, reset the browsers and run zoek. here is the log.
It doesn’t alert me anymore about anything but does it mean I am not infected anymore? Or was I in the first place? Thank you anyway for your help.

… it just alerted me again. is it possible that it’s coming from a page I’m visiting and not my computer? because I’ve been on this page before too when it alerted me last time. But it never happened to me before in there and I’ve been visiting it for years now…

And what just happened now freaked me out really quite a lot. So Avast prompted me to update some of my software, so i pressed Opera update and then mozilla. But the updater suddenly turned off and couldn’t be turned on no matter what, i tried another function of cleaning the browsers and it also wouldn’t work. then suddenly all the shields of avast turned off, my pc got a black screen, disconnected from the internet, firewall turned off and then restarted itself all together.

Hi reketrebn, do not panic.

Could you please re-run zoek tools just as you before but this time use this script for running:

StandardSearch;

And when zoek finish his scan, post me fresh created zoek logreport.

okay okay… here you go.

Hi,

Now run this zoek script:

%systemroot%\system32\sc.exe;i
CHRDefaults;
C:\Windows\SysNative\tasks\VaudiXUpdaterTask{96ADD4C9-E3D4-409B-9853-5F98DED0556E};f
C:\ProgramData\Premium\VaudiX;fs
AutoClean;
Reboot;

Allow zoek to run. When zoek aks you to reboot the system, allow that…
Post here fresh created zoek log after the reboot.

I did now all above, reset the browsers and run zoek. here is the log.

Did you shure you have reset the chrome browser as well? As logs doesn’t tell me that you did …

If above zoek script doesn’t fix your problem, you’ll need to to that (reset browsers) as some plugin/extensions make avast! to triggers the alerts.
I think that zoek will fix this for you but if doesn’t you’ll need to obey to these instructions:
https://support.google.com/chrome/answer/3296214?hl=en

here it is, and i did reset the chrome… but now after the restart i can see maybe it didn’t reset how it should and now it looks to be done properly.

Ok, now run this zoek script and tell me is the problem solved?

logbmehmiacemkimbpcbjgaikobdndah;chr
EmptyAllTemp;

well here’s the log report. avast is not alerting me about anything anymore so I hope it’s gone?
even the pc is running faster now and better so I hope it’s a good sign too.
thank you very much! I knew I’d get help here and I’m always grateful!
is there anything else I should do or not do?

:wink:

The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
[i]
http://www.mcshield.net/personal/magna86/Images/checkmark.png
Remove disinfection tools

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Create registry backup

http://www.mcshield.net/personal/magna86/Images/checkmark.png
Purge System Restore [/i]
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:[b]DelFix.txt[/b])

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.