Yesterday while cleaning out some email I opened a file that said I had 4 voicemail in Whatsapp (Iphone App)waiting so I tried to open it and that’s when everything started getting sent to Virus chest.
Almost all of them are from Original Location C:\Users\XXXX\AppData\Local (xqogfrsp.exe , uppumqvqf,exe , tactjrae.exe…over 30 in last 24 hours) and 4 or 5 are Win32:Malware-gen (c:\windows\SoftwareDistribution\DataStore\logs tmp.edb
I had removed some toolbars through avast and uninstalled an old HP printer and did a complete scan it said some files could not be scanned seemed like they were dell data safe local backups. Problem is now I keep getting pop ups of suspicious files in different locations. Process c:windows\SysWow\Svchost.exe.
Anyway I do not know what to do next and would appreciate any advice for next step
Okay new to this so I just finished the AdwCleaner and here is the log the directions say to post I am moving on the Malewarebytes’ Anti-Maleware next. Don’t know if I am supposed to complete all steps and then send to you or if I am sending after each step. Anyway I pray this works out for me.
Hi
I’ve just used ADWCleaner to remove “Do Searches” which somehow got downloaded when trying to download the free version of AVAST! So, hopefully ADWCleaner doesn’t have problems with it too?? Anyone know?
I’m also not sure, after searching for info, whether the free version of Avast provides protection against attack/invasion etc of Internet searches and email? I have outlook loaded on my PC. Can someone tell me if this does or not?
Please download ComboFix by sUBsfrom here and save it to your Desktop. If you are unsure how ComboFix works please read this guide carefully. note: ComboFix must be downloaded to your Desktop.
Temporarily disable your AntiVirus program. If you are unsure how to do this please read this or this Instruction.
Instructions how to disable avast:
[*]Right-click on the avast! icon in the lower right corner of the screen and choose Open Avast! User Interface.
[*]In the window that opens on the top right corner, click Settings.
[*]In a new window that opens, choose the option Troubleshooting, Uncheck Enable avast! self-defense, and click OK.
[*]=> Again, right-click on the avast! icon in the lower right corner of the screen and select avast! shield controls .
[*]In the menu that appears, choose Disable Permanently. When you are prompted to turn off security, click Yes.
Note: Do not forget to turn on this option after the cleaning.
Run ComboFix. Click on I Agree!
ComboFix will check if there is a newer version of ComboFix available.
Click Yes if prompted to download.
ComboFix will display DISCLAIMER OF WARRANTY ON SOFTWARE.
Click Yes to allow ComboFix to continue.
If Recovery Console is not installed, ComboFix will offer download & installation.
Click Yes to allow ComboFix to install Recovery Console.
Note:Do not mouse-click Combofix’s window while it is running.
If you see a message like “Illegal operation attempted on a registry key that has been marked for deletion” just restart computer once more.
When the tool is finished, it will produce a log report for you. (typical location: C:[b]ComboFix.txt[/b] )
Attach log reports ( ComboFix.txt) back to topic.
Avast has been very quite. However my questions are this: I still have all of those file in my virus chest and all the logs associated with the files I still have, but on some of the downloads ran was it just to produce logs ? On the aswMBR run it just said to save log but it also had option to FixMBR that the directions never say to choose just save and send the log was that okay ? Also, do ?I leave all the downloaded software on ? If not how do I rremove it along with the 50+ item in the virus chest?
On the aswMBR run it just said to save log but it also had option to FixMBR that the directions never say to choose just save and send the log was that okay ?
the removal expert first have to see the log (OTL / aswMBR) before he can give next advice. ;)
and he will remove all tools used when finish
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.
[*]Double-click to run it. When the tool opens click Yes to disclaimer.
[*]Under Optional Scan ensure “List BCD” and “Driver MD5” are ticked.
[*]Press Scan button.
[*]It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
[*]The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
Ok not sure why I am having problems but trying to download and keep getting pop-ups that said this type of software not usually installed on bothe the 32bit and 64 bit (I think I am the 64bit) version.
This is installing social media blocker ? I might need a little more help here…I don’t know if it is me or the software. I used your link for both 64 and 32. First it installs a setup.exe for Premium installer Tried 64 first and got a computer message saying this type of file not usually downloaded so I backed up and tried the 32 bit got same message. Before this message it asks about installing social media blocker, etc…(had choice of Accept or Skip all) I accepted first because I thought that was the directions to do. I tried to stop it after I got a block message from Avast on that and tried again, but thought I better check in first to see if I am missing something.
