Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Persistent w32/Zbot.G infection following pc restore


  • This topic is locked This topic is locked
3 replies to this topic

#1 Priston

Priston

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 15 April 2011 - 04:12 AM

I have just restored my computer following multiple virus infection which made the computer unuseable. I performed the restore using a disk image from a hidden partitionon the computer as advised by the manufacturer (Dell) as I do not have the Windows CD. The procedure is described at http://support.euro.dell.com/support/topics/global.aspx/support/kcs/document?c=uk&cs=ukdhs1&l=en&s=dhs&docid=DSN_181316&isLegacy=true. Note I have not restored any user files to the PC.

The restoration appears to have cleared the great majority of infections. However, I get persistent notifications of Win32/Zbot.G infection from AVG resident Shield. The Vault contains some quarantined files from the D: partition which are infectied

I am running Windows XP SP3 together with the latest versions of AVG, Spybot-S&D and Zone-Alarm.

I attach the DDS and GMER output.

I would be v grateful for your help in getting my PC back to a useable condition.


DDS.TEXT FILE BELOW

.
DDS (Ver_11-03-05.01) - NTFSx86
Run by Richard at 8:44:56.35 on 15/04/2011
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.3070.2201 [GMT 1:00]
.
AV: AVG Anti-Virus Free Edition 2011 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
FW: ZoneAlarm Firewall *Enabled*
.
============== Running Processes ===============
.
C:\PROGRA~1\AVG\AVG10\avgchsvx.exe
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
svchost.exe
C:\Program Files\Norton Ghost\Agent\GhostTray.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Dell Support\DSAgnt.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgemcx.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Richard\Desktop\dds.scr
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://uk.yahoo.com/
uSearch Page = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
uSearch Bar = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
uDefault_Page_URL = www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0061005
uInternet Connection Wizard,ShellNext = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=0061005
mSearchAssistant = hxxp://www.google.co.uk/hws/sb/dell-usuk/en/side.html?channel=uk
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: DriveLetterAccess: {5ca3d70e-1895-11cf-8e15-001234567890} - c:\windows\system32\dla\DLASHX_W.DLL
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\micros~3\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\bae\BAE.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
EB: Real.com: {fe54fa40-d68c-11d2-98fa-00c0f0318afe} - c:\windows\system32\Shdocvw.dll
uRun: [DellSupport] "c:\program files\dell support\DSAgnt.exe" /startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [SunJavaUpdateSched] c:\program files\java\jre1.5.0_06\bin\jusched.exe
mRun: [SigmatelSysTrayApp] stsystra.exe
mRun: [IAAnotif] c:\program files\intel\intel matrix storage manager\Iaanotif.exe
mRun: [DMXLauncher] c:\program files\dell\media experience\DMXLauncher.exe
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [Norton Ghost 10.0] "c:\program files\norton ghost\agent\GhostTray.exe"
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [<NO NAME>]
mRun: [RealTray] c:\program files\real\realplayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [DLA] c:\windows\system32\dla\DLACTRLW.EXE
mRun: [Corel Photo Downloader] c:\program files\corel\corel photo album 6\MediaDetect.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [MSKDetectorExe] c:\program files\mcafee\spamkiller\MSKDetct.exe /uninstall
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\micros~3\office14\ONBttnIE.dll/105
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0_06\bin\ssv.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - {FE54FA40-D68C-11d2-98FA-00C0F0318AFE} - c:\windows\system32\Shdocvw.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office14\GROOVEEX.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-1-19 32464]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656]
R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-2-10 296400]
R1 vsdatant;vsdatant;c:\windows\system32\vsdatant.sys [2011-4-14 532224]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-2-15 7421280]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 269520]
R2 ccEvtMgr;Symantec Event Manager;c:\program files\common files\symantec shared\ccEvtMgr.exe [2004-12-13 198256]
R2 ccSetMgr;Symantec Settings Manager;c:\program files\common files\symantec shared\ccSetMgr.exe [2004-12-13 165488]
R2 vsmon;TrueVector Internet Monitor;c:\windows\system32\zonelabs\vsmon.exe -service --> c:\windows\system32\zonelabs\vsmon.exe -service [?]
R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-3-30 134480]
R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144]
R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216]
S3 ccPwdSvc;Symantec Password Validation;c:\program files\common files\symantec shared\ccPwdSvc.exe [2004-12-13 79472]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2010-3-25 30969208]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 Symantec Core LC;Symantec Core LC;c:\program files\common files\symantec shared\ccpd-lc\symlcsvc.exe [2006-10-4 822424]
.
=============== Created Last 30 ================
.
2011-04-15 00:03:51 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2
2011-04-14 23:49:36 954368 ------w- c:\windows\system32\dllcache\mfc40.dll
2011-04-14 23:49:35 953856 ------w- c:\windows\system32\dllcache\mfc40u.dll
2011-04-14 23:49:17 617472 ------w- c:\windows\system32\dllcache\comctl32.dll
2011-04-14 23:46:43 40960 ------w- c:\windows\system32\dllcache\ndproxy.sys
2011-04-14 23:34:39 45568 ------w- c:\windows\system32\dllcache\wab.exe
2011-04-14 23:32:07 -------- d-----w- c:\docume~1\alluse~1\applic~1\UAB
2011-04-14 23:32:03 -------- d-----w- c:\docume~1\richard\locals~1\applic~1\PC_Drivers_Headquarters
2011-04-14 23:31:55 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Drivers HeadQuarters
2011-04-14 23:30:57 -------- d-----w- c:\program files\PC Drivers HeadQuarters
2011-04-14 23:10:41 274288 ----a-w- c:\windows\system32\mucltui.dll
2011-04-14 23:10:41 215920 ----a-w- c:\windows\system32\muweb.dll
2011-04-14 23:10:41 16736 ----a-w- c:\windows\system32\mucltui.dll.mui
2011-04-14 23:04:05 -------- d-----w- c:\documents and settings\all users\Microsoft
2011-04-14 23:02:05 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2011-04-14 23:01:34 -------- d-----w- c:\program files\Microsoft Analysis Services
2011-04-14 23:01:31 -------- d-----w- c:\windows\SHELLNEW
2011-04-14 23:01:20 -------- d-----w- c:\docume~1\richard\locals~1\applic~1\Microsoft Help
2011-04-14 22:55:05 -------- d-----w- c:\docume~1\richard\applic~1\ElevatedDiagnostics
2011-04-14 22:17:47 26368 ----a-w- c:\windows\system32\dllcache\usbstor.sys
2011-04-14 22:14:03 474112 ------w- c:\windows\system32\dllcache\shlwapi.dll
2011-04-14 21:54:16 -------- d-----w- c:\windows\system32\scripting
2011-04-14 21:54:16 -------- d-----w- c:\windows\l2schemas
2011-04-14 21:54:15 -------- d-----w- c:\windows\system32\en
2011-04-14 21:54:15 -------- d-----w- c:\windows\system32\bits
2011-04-14 21:50:37 -------- d-----w- c:\windows\network diagnostic
2011-04-14 21:48:31 -------- d-----w- c:\windows\EHome
2011-04-14 21:45:51 95424 ------w- c:\windows\system32\drivers\slnthal.sys
2011-04-14 21:42:54 73216 ------w- c:\windows\system32\drivers\atintuxx.sys
2011-04-14 21:31:08 -------- d-sh--w- c:\documents and settings\richard\PrivacIE
2011-04-14 21:28:57 -------- d-sh--w- c:\documents and settings\richard\IETldCache
2011-04-14 21:20:20 -------- d-----w- c:\program files\MSXML 4.0
2011-04-14 21:18:54 -------- d-----w- c:\windows\ie8updates
2011-04-14 21:18:42 743424 ------w- c:\windows\system32\dllcache\iedvtool.dll
2011-04-14 21:18:42 602112 ------w- c:\windows\system32\dllcache\msfeeds.dll
2011-04-14 21:18:42 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll
2011-04-14 21:18:42 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll
2011-04-14 21:18:42 1991680 ------w- c:\windows\system32\dllcache\iertutil.dll
2011-04-14 21:18:42 12800 ------w- c:\windows\system32\dllcache\xpshims.dll
2011-04-14 21:18:42 11080704 ------w- c:\windows\system32\dllcache\ieframe.dll
2011-04-14 21:18:01 -------- dc-h--w- c:\windows\ie8
2011-04-14 20:47:58 -------- d-----w- c:\windows\ServicePackFiles
2011-04-14 18:47:59 -------- d-----w- c:\program files\Spybot - Search & Destroy
2011-04-14 18:47:59 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2011-04-14 18:47:00 272128 ------w- c:\windows\system32\drivers\bthport.sys
2011-04-14 18:47:00 272128 ------w- c:\windows\system32\dllcache\bthport.sys
2011-04-14 18:45:24 357888 ------w- c:\windows\system32\dllcache\srv.sys
2011-04-14 18:44:25 455936 ------w- c:\windows\system32\dllcache\mrxsmb.sys
2011-04-14 18:41:25 471552 ------w- c:\windows\system32\dllcache\aclayers.dll
2011-04-14 18:41:02 744448 ------w- c:\windows\system32\dllcache\helpsvc.exe
2011-04-14 18:34:46 153088 ------w- c:\windows\system32\dllcache\triedit.dll
2011-04-14 18:34:39 3558912 ------w- c:\windows\system32\dllcache\moviemk.exe
2011-04-14 18:33:40 1238528 ----a-w- c:\windows\system32\zpeng25.dll
2011-04-14 18:33:40 -------- d-----w- c:\windows\system32\ZoneLabs
2011-04-14 18:28:40 -------- d-----w- c:\program files\Zone Labs
2011-04-14 18:28:34 -------- d-----w- c:\windows\Internet Logs
2011-04-14 18:27:27 203136 ------w- c:\windows\system32\dllcache\rmcast.sys
2011-04-14 18:27:18 331776 ------w- c:\windows\system32\dllcache\msadce.dll
2011-04-14 18:27:04 293376 ------w- c:\windows\system32\browserchoice.exe
2011-04-14 18:23:58 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys
2011-04-14 18:21:23 2066432 ------w- c:\windows\system32\dllcache\mstscax.dll
2011-04-14 18:21:23 -------- d-sh--w- c:\documents and settings\richard\UserData
2011-04-14 18:21:05 337408 ------w- c:\windows\system32\dllcache\netapi32.dll
2011-04-14 18:21:01 1172480 ------w- c:\windows\system32\dllcache\msxml3.dll
2011-04-14 18:19:19 5120 ----a-w- c:\windows\system32\xpsp4res.dll
2011-04-14 18:19:18 218112 ------w- c:\windows\system32\dllcache\wordpad.exe
2011-04-14 18:10:45 -------- d--h--w- C:\$AVG
2011-04-14 18:00:09 -------- d-----w- c:\windows\system32\PreInstall
2011-04-14 17:38:36 -------- d-----w- c:\docume~1\richard\applic~1\AVG10
2011-04-14 17:37:46 -------- d--h--w- c:\docume~1\alluse~1\applic~1\Common Files
2011-04-14 17:37:02 -------- d-----w- c:\windows\system32\drivers\AVG
2011-04-14 17:37:02 -------- d-----w- c:\docume~1\alluse~1\applic~1\AVG10
2011-04-14 17:36:45 -------- d-----w- c:\program files\AVG
2011-04-14 17:24:48 -------- d-----w- c:\docume~1\alluse~1\applic~1\MFAData
2011-04-14 17:20:13 -------- d-----w- c:\docume~1\richard\locals~1\applic~1\Help
2011-04-14 17:19:44 -------- d-----w- c:\windows\system32\SoftwareDistribution
2011-04-14 17:12:41 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys
2011-04-14 17:12:40 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys
2011-04-14 17:12:38 10368 ----a-w- c:\windows\system32\drivers\hidusb.sys
2011-03-30 16:17:22 134480 ----a-w- c:\windows\system32\drivers\AVGIDSDriver.sys
.
==================== Find3M ====================
.
2011-03-07 05:33:50 692736 ----a-w- c:\windows\system32\inetcomm.dll
2011-03-04 06:37:06 420864 ----a-w- c:\windows\system32\vbscript.dll
2011-03-03 13:21:11 1857920 ----a-w- c:\windows\system32\win32k.sys
2011-02-22 23:06:29 916480 ----a-w- c:\windows\system32\wininet.dll
2011-02-22 23:06:29 43520 ----a-w- c:\windows\system32\licmgr10.dll
2011-02-22 23:06:29 1469440 ------w- c:\windows\system32\inetcpl.cpl
2011-02-22 11:41:59 385024 ----a-w- c:\windows\system32\html.iec
2011-02-15 12:56:39 290432 ----a-w- c:\windows\system32\atmfd.dll
2011-02-11 13:25:52 229888 ----a-w- c:\windows\system32\fxscover.exe
2011-02-09 13:53:52 270848 ----a-w- c:\windows\system32\sbe.dll
2011-02-09 13:53:52 186880 ----a-w- c:\windows\system32\encdec.dll
2011-02-08 13:33:55 978944 ----a-w- c:\windows\system32\mfc42.dll
2011-02-08 13:33:55 974848 ----a-w- c:\windows\system32\mfc42u.dll
2011-02-02 07:58:35 2067456 ----a-w- c:\windows\system32\mstscax.dll
2011-01-27 11:57:06 677888 ----a-w- c:\windows\system32\mstsc.exe
.
============= FINISH: 8:45:40.75 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:32 PM

Posted 23 April 2011 - 07:27 PM

Hi,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already. Click the Watch This Topic button at the top on the right.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

Once I receive a reply then I will return with your first instructions.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#3 Priston

Priston
  • Topic Starter

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:01:32 PM

Posted 24 April 2011 - 02:34 AM

Thank you very much m0le.

However, I have now been without any infection reported by AVG for about a week, so I suggest you do not take any action. If symptoms reoccur I will seek help again.

Thank you very much for coming back to me on this. Bleeping Computer helped me out a few years ago, and I was very impressed with the help received. I very much appreciate the work you guys put in to help others - it restores one faith in human nature given there are other people who spejnd their time writing viruses!

Many Thanks

Richard

#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:12:32 PM

Posted 24 April 2011 - 07:17 AM

Thanks for letting me know :thumbup2:

I'm glad you like the site, I think the team here is a special one too

-----------------------------------------------

This topic has been closed.

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users