A few days ago I started to get a redirection when using google to other unwanted sites. I ran malwarebytes and it found a malware, fake.trojanms, I removed it. However, I still got the redirections. I downloaded avast and it has been finding threats. The threats are C:windows/assembly/temp/U/80000032 and they have been going to the chest. Please help!! I am using Windows 7.
@jenos1
Ok, you have active malware. You need to follow the instructions below:
Step#1
[*]In the start menu, Right Click Computer → Properties → System Protection
[*]Click Create → [enter your title here] → Create
[*]You should be prompted that this was successful.
[*]Click Close - > Ok
Step#2
Re-Run aswMBR
[*]Click Scan
On completion of the scan
[*]Click the Fix Button
[*]Save the log as before and post in your next reply
[*] Reboot your PC
Step#3
Download ComboFixfrom here and save it to your Desktop.
If you are unsure how ComboFix works please read this guide carefully. note: ComboFix must be downloaded to your Desktop.
Temporarily disable your AntiVirus program.
If you are unsure how to do this please read this Instruction.
Run ComboFix. Click on I Agree!
ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
When the tool is finished, it will produce a log report for you. (typical location: C:[b]ComboFix.txt[/b] )
Post log reports ( ComboFix.txt) back to topic.
Ok so I ran aswMBR, and when I hit fix it automatically rebooted the computer and I did not get to save the log. I ran it again and before hitting fix, I hit save and is my attachment, then I hit fix and it rebooted again automatically. What do I do? Also, when temporarily disabling windows firewall I am not allowed and recieve error code 0x80070424 when preparing to run Combofix. What does this mean?
The infections is nasty. We may expect that glitch from tools in removal progress.
You just re-run aswMBR and attach fresh log to see what is done.
You get this error when you try to disable windows firewwall?
error code 0x80070424
It could have been damaged by the malware.
Please skip that step ( disabling windows firewall ) and just run Combofix with disabled AntiVirus.
The important thing is to Combofix finish running and scanning system and set Combofix.txt log.
I have the quarntine folder put as a rar file, however the forum says I am not allowed to write personal messages when I go to do that. Can I email you the download link? My system is running much better. Here is the new aswMBR log.