A virus and trojan?

aaroncaz
aaroncaz Posts: 5,242 Forumite
Part of the Furniture
in Techie Stuff
Avast seems to have found something last night, 2 things actually :


js.agent DHS


win32 RQA(tri)


After googling I think the 2nd one is the worse? Avast did a scan then a bootscan and sent them to the chest? I am running a malwarebyte scan now but it says my free trial has expired , but is doing a threat scan?
Any advice please.
«13456733

Comments

  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    edited 16 January 2015 at 8:34AM
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 16/01/2015
    Scan Time: 06:18:10
    Logfile: malware.txt
    Administrator: Yes
    Version: 2.00.4.1028
    Malware Database: v2015.01.16.03
    Rootkit Database: v2015.01.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Aaroncaz
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 415057
    Time Elapsed: 59 min, 40 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Module
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    edited 16 January 2015 at 9:01AM
    Can't seem to post a log from this newer version of malware, it did find some items which I have quarantined.


    Just done another malware scan says no threats found?
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Ok laptop and Sony Xperia z1 phone now seem to have ads in Russian! How can the phone be infected as well? Did scan in phone it's ok am now doing system restore on laptop it's taking a while us windows 8.1. Can someone help please.
  • AlecEiffel
    AlecEiffel Posts: 874 Forumite
    If everything is affected inc a phone your router could be high jacked, sending all connections to dodgy addresses. You could try a simple reset via the push a biro into the reset button process, reconnect via the default settings on the bottom of the router, then reset admin pw and wireless key to new complex passwords.
  • tavernman
    tavernman Posts: 575 Forumite
    aaroncaz wrote: »
    Can't seem to post a log from this newer version of malware, it did find some items which I have quarantined.


    Just done another malware scan says no threats found?
    Click on the history button on the dashboard , then double click on the scan log
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    Thanks the history log doesn't show anything, any details.


    I also did a hard reset on xperia z1 and its still the same, when you open the app store its mostly in Russian.
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    this is the log


    Malwarebytes Anti-Malware
    www.malwarebytes.org
    Scan Date: 16/01/2015
    Scan Time: 06:18:10
    Logfile: mal44.txt
    Administrator: Yes
    Version: 2.00.4.1028
    Malware Database: v2015.01.16.03
    Rootkit Database: v2015.01.14.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: Aaroncaz
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 415057
    Time Elapsed: 59 min, 40 sec
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Warn
    PUM: Enabled
    Processes: 0
    (No malicious items detected)
    Modules: 0
    (No malicious items detected)
    Registry Keys: 0
    (No malicious items detected)
    Registry Values: 0
    (No malicious items detected)
    Registry Data: 0
    (No malicious items detected)
    Folders: 2
    PUP.Optional.Searchya.A, C:\Users\Aaroncaz\AppData\Roaming\Searchya, Quarantined, [6aa9b642781177bfa92288e031d2b14f],
    PUP.Optional.Searchya.A, C:\Users\Aaroncaz\AppData\Roaming\Searchya\UpdateProc, Quarantined, [6aa9b642781177bfa92288e031d2b14f],




    it doesn't show anything
  • tavernman
    tavernman Posts: 575 Forumite
    Try adwarecleaner and JRT then malwarebytes again

    https://toolslib.net/downloads/viewdownload/1-adwcleaner/

    http://www.bleepingcomputer.com/download/junkware-removal-tool/
  • aaroncaz
    aaroncaz Posts: 5,242 Forumite
    Part of the Furniture
    My other laptop is the same, how can this be? Is it a multi virus? If I get rid on this laptop will it go on the other and smartphone?
  • tavernman
    tavernman Posts: 575 Forumite
    aaroncaz wrote: »
    My other laptop is the same, how can this be? Is it a multi virus? If I get rid on this laptop will it go on the other and smartphone?

    It could be your router then, what router do you have ?
    AlecEiffel wrote: »
    If everything is affected inc a phone your router could be high jacked, sending all connections to dodgy addresses. You could try a simple reset via the push a biro into the reset button process, reconnect via the default settings on the bottom of the router, then reset admin pw and wireless key to new complex passwords.
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.3K Banking & Borrowing
  • 252.9K Reduce Debt & Boost Income
  • 453.2K Spending & Discounts
  • 243.3K Work, Benefits & Business
  • 597.9K Mortgages, Homes & Bills
  • 176.6K Life & Family
  • 256.4K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture