BleepingComputer.com: Help wiht Malware Removal - ooj.exe, Wndws Security Cntr

Jump to content

Forum Guidelines

Posted Image Read the following topic before creating a new topic in this forum. It contains instructions on the what we would like you to post, which will enable us to help you more quickly.

Preparation Guide For Use Before Using Malware Removal Tools and Requesting Help


Posted Image Unfortunately, with the amount of logs we receive per day, the average response time is 5 days. I want to assure you, though, that your topic will be looked at and responded to. So please be patient.


Posted Image DO NOT RUN ComboFix unless requested to.


Posted Image Only members of the Malware Response Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log.


Posted Image When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc.


Posted Image Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

Help wiht Malware Removal - ooj.exe, Wndws Security Cntr Don't know how to remove

#31 User is offline   maranatha 

  • Whats That !
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 1,211
  • Joined: 30-December 07
  • Gender:Male
  • Location:Seattle Washington

Posted 05 September 2011 - 03:21 AM

Hi

Please do the following.

Please Run the ESET Online Scanner and post the ScanLog..
  • You will need to use Internet Explorer to complete this scan.
  • You will need to temporarily Disable your current Anti-virus program.
  • Click on the ESET on line scanner button.
  • Check the “YES, I accept the Terms of Use” box. And click “Start”
    If your Pop=up blocker comes up, please allow the Add-ON
  • Be sure the option to Remove found threats is Checked and click Start.
  • When you have completed that scan, a scanlog ought to have been created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please post that log.


Also let me know how things are running

maranatha
Windows XP Home SP3
Windows7 Professional


I'm going in the wrong direction to be in a hurry!


Posted Image


My help is always free, But I do accept donations.
Donate Here

#32 User is offline   msqto 

  • Member
  • PipPip
  • Find Topics
  • Group: Members
  • Posts: 18
  • Joined: 16-July 11

Posted 06 September 2011 - 10:02 AM

Thanks, Marantha. The system seems to be behaving ok at the moment,although the pop-ups have come and gone in the past. I also haven't reinstalled AVG yet. Do you recommend reinstalling it? It seems from some of the logs that some AVG files were infected. Below is the ESET log.

C:\Qoobox\Quarantine\C\Program Files\Bonjour\mDNSResponder.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Canon\CAL\CALMAIN.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Common Files\LightScribe\LSSrvc.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Common Files\Pure Networks Shared\Platform\nmsrvc.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\iPod\bin\iPodService.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Java\jre6\bin\jqs.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\M-Audio\Conectiv\MAUSBCVInst.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\M-Audio MA_CMIDI\MA_CMIDI_Inst.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Maxtor\Sync\SyncServices.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Western Digital\WD SmartWare\Front Parlor\WDSmartWareBackgroundService.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\assembly\GAC_MSIL\desktop.ini.vir Win32/Sirefef.CH trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\c_06482.nl_.vir Win32/Sirefef.CR trojan cleaned by deleting - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\nvsvc32.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\wuauclt.exe.vir Win32/Patched.HN trojan cleaned - quarantined
C:\Qoobox\Quarantine\C\WINDOWS\system32\Drivers\avgtdix.sys.vir Win32/Sirefef.CO trojan cleaned by deleting - quarantined
C:\WINDOWS\SoftwareDistribution\Download\85ef43cf285b550a459dd3afbad2f0b8\update\update.exe Win32/Patched.HN trojan cleaned - quarantined

#33 User is offline   maranatha 

  • Whats That !
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 1,211
  • Joined: 30-December 07
  • Gender:Male
  • Location:Seattle Washington

Posted 06 September 2011 - 09:25 PM

Hi

Quote

I also haven't reinstalled AVG yet. Do you recommend reinstalling it?

Yes please reinstall AVG, Make sure it's updated and run a full system scan.
Let it quarantine/delete anything it may find.

Use you machine for a day or two and make sure everything is working.

Let me know and if all is well we'll clean up all the tools we have used.

Thanks
maranatha

This post has been edited by maranatha: 06 September 2011 - 09:27 PM

Windows XP Home SP3
Windows7 Professional


I'm going in the wrong direction to be in a hurry!


Posted Image


My help is always free, But I do accept donations.
Donate Here

#34 User is offline   maranatha 

  • Whats That !
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 1,211
  • Joined: 30-December 07
  • Gender:Male
  • Location:Seattle Washington

Posted 18 September 2011 - 02:09 AM

Hi
If you still require help. please respond to this thread or it will be closed in 48 hours.

Thanks
maranatha
Windows XP Home SP3
Windows7 Professional


I'm going in the wrong direction to be in a hurry!


Posted Image


My help is always free, But I do accept donations.
Donate Here

#35 User is offline   maranatha 

  • Whats That !
  • PipPipPipPipPipPip
  • Find Topics
  • Group: Malware Response Team
  • Posts: 1,211
  • Joined: 30-December 07
  • Gender:Male
  • Location:Seattle Washington

Posted 25 September 2011 - 10:47 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
Windows XP Home SP3
Windows7 Professional


I'm going in the wrong direction to be in a hurry!


Posted Image


My help is always free, But I do accept donations.
Donate Here

Share this topic:


  • 3 Pages +
  • 1
  • 2
  • 3
  • You cannot start a new topic
  • This topic is locked

1 User(s) are reading this topic
0 members, 1 guests, 0 anonymous users