Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Avast - 000000cb.@, Trojan alerts


  • This topic is locked This topic is locked
13 replies to this topic

#1 EvanOz

EvanOz

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 12 October 2012 - 10:10 AM

Hey guys. I'm getting malware and trojan horse notifications from Avast every four minutes. The names are 00000004.@ , 000000cb@ , 80000000.@ , and 80000032.@ .

I had clicked an ad mistakenly a few days ago and this has been happening ever since.

Please help!!


.
DDS (Ver_2011-08-26.01) - NTFSx86
Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.5.1
Run by Evan at 15:26:20 on 2012-10-10
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3326.1348 [GMT -5:00]
.
AV: avast! Antivirus *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\Common Files\logishrd\LVMVFM\UMVPFSrv.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\IntelDH\CCU\AlertService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
C:\Program Files\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\Common Files\Intel\IntelDH\NMS\NMSCore\NMSCore.exe
C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\PnkBstrA.exe
C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\qualitymanager.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\NETGEAR\WNA1100\WifiSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Google\Update\1.3.21.123\GoogleCrashHandler.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\ico.exe
C:\Windows\System32\Pmxmiced.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\Support\IntelHCTAgent.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files\CyberLink\PowerDVD11\PDVD11Serv.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVDtray.exe
C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe
C:\Program Files\HP\HP Photosmart 7510 series\Bin\ScanToPCActivationApp.exe
C:\Program Files\Air Mouse\Air Mouse\Air Mouse.exe
C:\Program Files\JetMailMonitor\JetMM.exe
C:\Program Files\NETGEAR\WNA1100\WNA1100.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Logitech Touch Mouse Server\iTouch-Server-Win.exe
C:\Program Files\XPSMiniViewGadget\XPSMiniViewGadget.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Windows\system32\RunDll32.exe
C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\HP\HP Photosmart 7510 series\Bin\HPNetworkCommunicator.exe
C:\Program Files\HP\HP Photosmart 7510 series\bin\HPNetworkCommunicator.exe
C:\Program Files\Air Mouse\Air Mouse\Mobile Mouse Service.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_4_402_287.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
mWinlogon: Userinit=c:\windows\system32\userinit.exe
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\microsoft office\office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\oracle\javafx 2.1 runtime\bin\ssv.dll
BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\2.0.301.7164\swg.dll
BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - c:\progra~1\microsoft office\office14\URLREDIR.DLL
BHO: CBrowserHelperObject Object: {ca6319c0-31b7-401e-a518-a07c3db8f777} - c:\program files\dell\bae\BAE.dll
BHO: Java™ Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\oracle\javafx 2.1 runtime\bin\jp2ssv.dll
BHO: Google Gears Helper: {e0fefe40-fbf9-42ae-ba58-794ca7e3fb53} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
TB: &Google: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\googletoolbar1.dll
TB: {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - No File
TB: {DE9C389F-3316-41A7-809B-AA305ED9D922} - No File
TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - c:\program files\alwil software\avast5\aswWebRepIE.dll
{555d4d79-4bd2-4094-a395-cfc534424a05}
uRun: [Aim] "c:\program files\aim\aim.exe" /d locale=en-US /HIDEBL
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
uRun: [cdloader] "c:\users\evan\appdata\roaming\mjusbsp\cdloader2.exe" MAGICJACK
uRun: [Facebook Update] "c:\users\evan\appdata\local\facebook\update\FacebookUpdate.exe" /c /nocrashserver
uRun: [AnyDVD] c:\program files\slysoft\anydvd\AnyDVDtray.exe
uRun: [TomTomHOME.exe] "c:\program files\tomtom home 2\TomTomHOMERunner.exe"
uRun: [HP Photosmart 7510 series (NET)] "c:\program files\hp\hp photosmart 7510 series\bin\ScanToPCActivationApp.exe" -deviceID "CN26K350HX05PX:NW" -scfn "HP Photosmart 7510 series (NET)" -AutoStart 1
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [PMX Daemon] ICO.EXE
mRun: [Bluetooth HCI Monitor] RunDll32 HCIMNTR.DLL,RunCheckHCIMode
mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\AppleSyncNotifier.exe
mRun: [NMSSupport] "c:\program files\common files\intel\inteldh\nms\support\IntelHCTAgent.exe" /startup
mRun: [PWRISOVM.EXE] c:\program files\poweriso\PWRISOVM.EXE
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [LogitechQuickCamRibbon] "c:\program files\logitech\logitech webcam software\LWS.exe" /hide
mRun: [BCSSync] "c:\program files\microsoft office\office14\BCSSync.exe" /DelayServices
mRun: [PMBVolumeWatcher] c:\program files\sony\pmb\PMBVolumeWatcher.exe
mRun: [RemoteControl11] c:\program files\cyberlink\powerdvd11\PDVD11Serv.exe
mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
mRun: [avast] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [<NO NAME>]
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
StartupFolder: c:\users\evan\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech touch mouse server\iTouch-Server-Win.exe
StartupFolder: c:\users\evan\appdata\roaming\micros~1\windows\startm~1\programs\startup\magicdisc.lnk - c:\program files\magicdisc\MagicDisc.exe
StartupFolder: c:\users\evan\appdata\roaming\micros~1\windows\startm~1\programs\startup\monito~1.lnk - c:\windows\system32\RunDll32.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\airmou~1.lnk - c:\program files\air mouse\air mouse\Air Mouse.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\jetmailmonitor.lnk - c:\program files\jetmailmonitor\JetMM.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgear wna1100 smart wizard.lnk - c:\program files\netgear\wna1100\WNA1100.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~1\microsoft office\office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\progra~1\microsoft office\office14\ONBttnIE.dll/105
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre7\bin\jp2iexp.dll
IE: {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - {0B4350D1-055F-47A3-B112-5F2F2B0D6F08} - c:\program files\google\google gears\internet explorer\0.5.36.0\gears.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader5.cab
DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader3.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} - hxxp://upload.facebook.com/controls/FacebookPhotoUploader4_5.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94} : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94}\2456165787D27657563747 : DhcpNameServer = 205.152.132.23 205.152.37.23 192.168.33.1
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94}\354756C6C616D27657563747 : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94}\4586563756021407162747D656E6473702355736B6 : DhcpNameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94}\831623732693 : DhcpNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{41A0C525-63E5-4B32-B403-33FD24726D94}\E4544574541425 : DhcpNameServer = 192.168.1.1
TCP: Interfaces\{CE8FFEB8-9570-4213-93D2-3069ACC83677} : DhcpNameServer = 209.18.47.61 209.18.47.62
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL
Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - c:\program files\logitech\desktop messenger\8876480\program\GAPlugProtocol-8876480.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - c:\program files\windows live\photo gallery\AlbumDownloadProtocolHandler.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\microsoft office\office14\GROOVEEX.DLL
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\evan\appdata\roaming\mozilla\firefox\profiles\clfe495r.default\
FF - prefs.js: browser.search.selectedEngine - YouTube Video Search
FF - prefs.js: browser.startup.homepage - google.com/ig?aig=0&reason=1
FF - plugin: c:\progra~1\microsoft office\office14\NPAUTHZ.DLL
FF - plugin: c:\progra~1\microsoft office\office14\NPSPWRAP.DLL
FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\google\picasa3\npPicasa3.dll
FF - plugin: c:\program files\google\update\1.3.21.123\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnu.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npdnupdater2.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npwachk.dll
FF - plugin: c:\program files\oracle\javafx 2.1 runtime\bin\plugin2\npjp2.dll
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - plugin: c:\users\evan\appdata\local\facebook\photouploader\1.0.0.2003\npFacebookPhotoUploader.dll
FF - plugin: c:\users\evan\appdata\local\facebook\video\skype\npFacebookVideoCalling.dll
FF - plugin: c:\users\evan\appdata\roaming\facebook\npfbplugin_1_0_3.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_4_402_287.dll
FF - plugin: c:\windows\system32\npDeployJava1.dll
FF - plugin: c:\windows\system32\npmproxy.dll
.
---- FIREFOX POLICIES ----
FF - user.js: network.protocol-handler.warn-external.dnupdate - false
============= SERVICES / DRIVERS ===============
.
R0 SCMNdisP;General NDIS Protocol Driver;c:\windows\system32\drivers\SCMNdisP.sys [2010-7-19 21728]
R1 archlp;archlp;c:\windows\system32\drivers\ArcHlp.sys [2009-2-19 89728]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-6-18 729752]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-9-17 355632]
R1 jswpslwf;JumpStart Wireless Filter Driver;c:\windows\system32\drivers\jswpslwf.sys [2010-7-19 20384]
R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-13 48128]
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312};Power Control [2011/09/14 14:49:43];c:\program files\cyberlink\powerdvd11\common\navfilter\000.fcl [2011-11-16 77296]
R2 AdobeARMservice;Adobe Acrobat Update Service;c:\program files\common files\adobe\arm\1.0\armsvc.exe [2012-7-27 63960]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-9-17 21256]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-9-17 58680]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2012-8-28 44808]
R2 CLHNServiceForPowerDVD;CLHNServiceForPowerDVD;c:\program files\cyberlink\powerdvd11\kernel\dmp\CLHNServiceForPowerDVD.exe [2011-9-14 83240]
R2 CyberLink PowerDVD 11.0 Monitor Service;CyberLink PowerDVD 11.0 Monitor Service;c:\program files\cyberlink\powerdvd11\common\mediaserver\CLMSMonitorService.exe [2011-9-14 75048]
R2 CyberLink PowerDVD 11.0 Service;CyberLink PowerDVD 11.0 Service;c:\program files\cyberlink\powerdvd11\common\mediaserver\CLMSServerForPDVD11.exe [2011-9-14 292136]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2007-2-12 208896]
R2 NMSCore;Intel® NMSCore;c:\program files\common files\intel\inteldh\nms\nmscore\NMSCore.exe [2007-6-27 317656]
R2 nmsunidr;UniDriver for NMS;c:\windows\system32\drivers\nmsunidr.sys [2007-2-18 5376]
R2 ntk_PowerDVD;ntk_PowerDVD;c:\program files\cyberlink\powerdvd11\kernel\dmp\ntk_PowerDVD.sys [2011-9-14 71664]
R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia updatus\daemonu.exe [2011-8-13 2214504]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files\sony\pmb\PMBDeviceInfoProvider.exe [2010-11-27 398176]
R2 QualityManager;Intel® Quality Manager;c:\program files\intel\inteldh\intel media server\media server\bin\QualityManager.exe [2007-6-27 272600]
R2 TomTomHOMEService;TomTomHOMEService;c:\program files\tomtom home 2\TomTomHOMEService.exe [2012-1-22 92592]
R2 UMVPFSrv;UMVPFSrv;c:\program files\common files\logishrd\lvmvfm\UMVPFSrv.exe [2011-4-1 428640]
R2 WSWNA1100;WSWNA1100;c:\program files\netgear\wna1100\WifiSvc.exe [2010-7-19 278528]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\drivers\athur.sys [2010-7-19 1484800]
R3 pmxmouse;pmxmouse;c:\windows\system32\drivers\pmxmouse.sys [2008-1-3 18432]
R3 pmxusblf;pmxusblf;c:\windows\system32\drivers\pmxusblf.sys [2008-1-3 19008]
R3 VST_DPV;VST_DPV;c:\windows\system32\drivers\VSTDPV3.SYS [2009-7-13 980992]
R3 VSTHWBS2;VSTHWBS2;c:\windows\system32\drivers\VSTBS23.SYS [2009-7-13 266752]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\drivers\wdcsam.sys [2008-5-6 11520]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c913af75874670;Google Update Service (gupdate1c913af75874670);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
S2 MCLServiceATL;Intel® Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2007-6-27 157912]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-13 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-1 250808]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-13 229888]
S3 DHTRACE;Intel® DHTrace Controller;c:\program files\common files\intel\inteldh\bin\DHTraceController.exe [2007-6-27 39640]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2008-9-10 133104]
S3 jswpsapi;JumpStart Wi-Fi Protected Setup;c:\program files\netgear\wna1100\jswpsapi.exe [2010-7-19 954368]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\microsoft office\office14\GROOVE.EXE [2011-6-12 31125880]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-24 114144]
S3 osppsvc;Office Software Protection Platform;c:\program files\common files\microsoft shared\officesoftwareprotectionplatform\OSPPSVC.EXE [2010-1-9 4640000]
S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-12 52224]
S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2010-5-20 1343400]
S3 ZMHHPAudioSrv;ZOOM H Series High Performance Audio Driver Service;c:\windows\system32\drivers\zmhhpau.sys [2010-4-16 32000]
.
=============== Created Last 30 ================
.
2012-10-10 16:25:41 -------- d-----w- c:\users\evan\appdata\local\{9B53A053-8FAD-480C-BD2F-0BB7E4A17718}
2012-10-10 09:47:59 56200 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{386023cf-aeb9-4874-8679-39578cc5f166}\offreg.dll
2012-10-09 16:29:25 -------- d-----w- c:\users\evan\appdata\local\{8280558F-BDD5-4E97-A95E-4E5B7A292E96}
2012-10-09 09:31:03 6980552 ----a-w- c:\programdata\microsoft\windows defender\definition updates\{386023cf-aeb9-4874-8679-39578cc5f166}\mpengine.dll
2012-10-08 21:28:36 -------- d-----w- c:\users\evan\appdata\local\{61C5F4F6-260A-4F47-806C-4285BE1CC145}
2012-10-08 16:23:31 -------- d-----w- c:\users\evan\appdata\local\{566B0DA7-0F71-4D03-BBC6-6873545A8662}
2012-10-07 21:16:35 -------- d-----w- c:\users\evan\appdata\local\{46D06B5C-14A0-4F5B-BF9C-B24F4754F9CB}
2012-10-05 19:44:54 -------- d-----w- c:\users\evan\appdata\local\{2C817934-BD23-4E1C-BF64-37BB981DD620}
2012-10-04 18:35:40 -------- d-----w- c:\users\evan\appdata\local\{33342993-CA20-4ADC-9BC3-6CF98129F9AC}
2012-10-04 15:22:38 -------- d-----w- c:\users\evan\appdata\local\{21F6ECFE-E2B6-440E-BD48-F7AA7CEFBFC8}
2012-10-03 21:00:57 -------- d-----w- c:\users\evan\appdata\local\{D950A217-179F-4624-8D71-563B0C2F4354}
2012-10-02 15:21:04 -------- d-----w- c:\users\evan\appdata\local\{742F944D-CBA2-4619-A20D-86DD0ADAABC9}
2012-10-01 19:32:31 -------- d-----w- c:\users\evan\appdata\local\{BBD8C397-6A93-4B17-BB8F-AE4BDD2E10C8}
2012-10-01 01:36:55 -------- d-----w- c:\users\evan\appdata\local\{571C178C-61C5-4A6D-B93E-CE9E415DD78D}
2012-09-30 03:42:52 -------- d-----w- c:\users\evan\appdata\local\{81B1AEA1-4763-44B9-9EF8-5EE90B0FAAAB}
2012-09-28 19:41:41 -------- d-----w- c:\users\evan\appdata\local\{732F15C2-76ED-464D-B624-CBC1970034C1}
2012-09-28 19:41:04 -------- d-----w- c:\users\evan\appdata\local\{B5DBEECF-E9CD-4E46-8202-8EDB74B2A222}
2012-09-27 14:58:25 -------- d-----w- c:\users\evan\appdata\local\{1631F5E9-DC30-4CCC-BFC4-95B952F42891}
2012-09-26 11:06:42 -------- d-----w- c:\users\evan\appdata\local\{0C365A53-61C6-4D0C-A195-69655EC42893}
2012-09-26 03:51:13 -------- d-----w- c:\users\evan\appdata\local\{89228102-A659-4E6A-8C98-67B030445879}
2012-09-26 03:45:01 -------- d-----w- c:\users\evan\appdata\local\{36AD25DA-67E8-4DD2-80F7-7B64B18641CB}
2012-09-24 20:57:39 -------- d-----w- c:\users\evan\appdata\local\{8FD233F4-D32E-4CE4-BB3D-83F91EE07A8F}
2012-09-20 15:50:35 -------- d-----w- c:\users\evan\appdata\local\{39626C55-8A66-40A7-B2FD-3AAF1D4C7FD1}
2012-09-19 19:12:51 -------- d-----w- c:\users\evan\appdata\local\{A9FF4304-7C0D-43A6-B23B-154AC067D9ED}
2012-09-17 22:07:45 -------- d-----w- c:\users\evan\appdata\local\{4AE8E775-DCBB-464F-A32C-D5B6FF277EFC}
2012-09-17 21:33:40 -------- d-----w- c:\users\evan\appdata\local\{BF1A521C-8D33-4B55-8778-A13E1D0550BB}
2012-09-17 17:53:24 -------- d-----w- c:\users\evan\appdata\local\{468F8228-1B2F-4F46-96D2-22E6AE4A39DB}
2012-09-17 17:29:32 26840 ----a-w- c:\windows\system32\drivers\GEARAspiWDM.sys
2012-09-17 17:28:13 -------- d-----w- c:\program files\iPod
2012-09-17 17:28:12 -------- d-----w- c:\programdata\188F1432-103A-4ffb-80F1-36B633C5C9E1
2012-09-17 01:20:11 -------- d-----w- c:\users\evan\appdata\local\{63D5304D-CDA7-4B29-8DC1-01FFA0739014}
2012-09-16 23:55:49 712048 ----a-w- c:\windows\system32\drivers\ndis.sys
2012-09-16 23:55:48 33280 ----a-w- c:\windows\system32\drivers\rndismpx.sys
2012-09-16 23:55:48 33280 ----a-w- c:\windows\system32\drivers\RNDISMP.sys
2012-09-16 23:55:48 240496 ----a-w- c:\windows\system32\drivers\netio.sys
2012-09-16 23:55:48 187760 ----a-w- c:\windows\system32\drivers\FWPKCLNT.SYS
2012-09-16 23:55:48 1292144 ----a-w- c:\windows\system32\drivers\tcpip.sys
2012-09-16 23:55:47 490496 ----a-w- c:\windows\system32\d3d10level9.dll
2012-09-11 01:34:06 -------- d-----w- c:\users\evan\appdata\local\{1AD94E77-0230-4196-B250-4B1ADCAC0496}
2012-09-10 23:11:57 -------- d-----w- c:\users\evan\appdata\local\{9391E033-5E70-4CF6-8D42-DD459C36B783}
.
==================== Find3M ====================
.
2012-10-08 21:48:23 73656 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2012-10-08 21:48:23 696760 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2012-08-24 06:59:17 1800704 ----a-w- c:\windows\system32\jscript9.dll
2012-08-24 06:51:27 1129472 ----a-w- c:\windows\system32\wininet.dll
2012-08-24 06:51:02 1427968 ----a-w- c:\windows\system32\inetcpl.cpl
2012-08-24 06:47:26 142848 ----a-w- c:\windows\system32\ieUnatt.exe
2012-08-24 06:47:12 420864 ----a-w- c:\windows\system32\vbscript.dll
2012-08-24 06:43:58 2382848 ----a-w- c:\windows\system32\mshtml.tlb
2012-08-21 18:01:22 106928 ----a-w- c:\windows\system32\GEARAspi.dll
2012-08-21 09:13:15 729752 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2012-08-21 09:13:14 58680 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2012-08-21 09:13:14 44784 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2012-08-21 09:12:33 41224 ----a-w- c:\windows\avastSS.scr
2012-07-18 17:47:53 2345984 ----a-w- c:\windows\system32\win32k.sys
.
============= FINISH: 15:27:48.60 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 12 October 2012 - 01:24 PM

Oddly, after restarting the notifications have gone away. Don't know if the problem has disappeared...or is just working differently..

#3 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 12 October 2012 - 02:27 PM

Hello and welcome. Please follow these guidelines while we work on your PC:
  • Malware removal is a sometimes lengthy and tedious process. Please stick with the thread until I’ve given you the “All clear.” Absence of symptoms does not mean your machine is clean!
  • Please do not run any scans or install/uninstall any applications without being directed to do so.
  • Please note that the forum is very busy and if I don't hear from you within five days this thread will be closed.
Posted Image Download TDSSKiller.zip and extract TDSSKiller.exe to your desktop
  • Execute TDSSKiller.exe by doubleclicking on it.
  • when the window opens, click on Change Parameters
  • under ”Additional options”, put a check mark in the box next to “Detect TDLFS File System”
  • click OK
  • Press Start Scan
  • If Malicious objects are found then ensure Cure is selected. Important - If there is no option to "Cure" it is critical that you select "Skip"
  • Then click Continue > Reboot now
  • Once complete, a log will be produced in c:\. It will be named for example, TDSSKiller.2.7.1.0_19.01.2012_17.24.26_log.txt
  • Post that log, please.
Posted Image Download Combofix from either of the links below, and save it to your desktop.

Link 1
Link 2

**Note: It is important that it is saved directly to your desktop**

--------------------------------------------------------------------
IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link
--------------------------------------------------------------------

Double click on ComboFix.exe & follow the prompts.
  • If you have trouble, stop and post back. Do not try to repeatedly run comboFix!
  • When finished, it will produce a report for you.
.
Note: If after running ComboFix you receive a message stating, "Illegal Operation Attempted on a registry key that has been marked for deletion" rebooting your computer will resolve the problem.

Please include the following in your next post:
  • TDSSKiller log
  • ComboFix log

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#4 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 12 October 2012 - 03:13 PM

When I ran TDSSKiller, no threats were found and I was not given an option to Cure or restart. Simply to exit.

Here are the logs.

Thanks!

Attached Files



#5 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 12 October 2012 - 04:25 PM

Please do this next:

Posted Image You have this program installed, Malwarebytes' Anti-Malware (MBAM). Please update it and run a scan.

Open MBAM
  • Click the Update tab
  • Click Check for Updates
  • If an update is found, it will download and install the latest version.
  • The program will close to update and reopen.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Uncheck any entries from C:\System Volume Information, C:\_OTL\MovedFiles or C:\Qoobox
  • Make sure that everything else is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.

Please include the following in your next post:
  • MBAM log

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#6 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 13 October 2012 - 12:15 PM

Malwarebytes Anti-Malware 1.65.0.1400
www.malwarebytes.org

Database version: v2012.10.13.02

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 9.0.8112.16421
Evan :: EVAN-HOME [administrator]

10/13/2012 12:25:06 AM
mbam-log-2012-10-13 (00-25-06).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 647577
Time elapsed: 2 hour(s), 29 minute(s), 46 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 1
C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3474545190-478377701-745825005-1001\$14ebfd99c34861c97e7d283289efdee6\U\00000008.@.vir (Trojan.Dropper.BCMiner) -> No action taken.

(end)


Thanks

#7 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 13 October 2012 - 05:13 PM

How is your computer running now? Please do this next:

Posted Image Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version Java components and update.
  • Go to Start > Control Panel > Programs > Uninstall a program, and remove all older versions of Java.
  • Click (highlight) any item with Java Runtime Environment (JRE or J2SE or Java™ 6) in the name and select "uninstall".
  • Click the Remove or Change/Remove button.
  • Repeat as many times as necessary to remove each Java version.
  • Reboot your computer once all Java components are removed.
  • Go to this page to download the latest version. Press the download button under JRE and follow the prompts. Accept the agreement and choose the Windows x86 offline option.
  • Run the installer you just downloaded
Posted Image Go to thisLINK to run an online scannner from ESET.
  • Note: For browsers other than Internet Explorer, you will need to download and install esetsmartinstaller_enu.exe. Click on it and save the file to a convenient location. Double click on it to install and a new window will open.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • If you are using Internet Explorer, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • Use notepad to open the logfile located at C:\Program Files\Eset\Eset Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Please include the following in your next post:
  • How is the computer running now?
  • ESET log

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#8 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 13 October 2012 - 11:46 PM

My computer seems to be running without a hitch. I uninstalled everything related to Java, restarted, and installed the newest version.

After running the scanner, the log file did not update. It was basically empty. So I went to the list of threats found, and selected to output a log file. This is what I'm pasting as it's all I have.

C:\Qoobox\Quarantine\C\$RECYCLE.BIN\S-1-5-21-3474545190-478377701-745825005-1001\$14ebfd99c34861c97e7d283289efdee6\U\00000008.@.vir Win32/Sirefef.FG trojan
C:\Users\Evan\AppData\Local\Downloaded Installations\{7278CEDB-D80B-4DAC-B497-CBC19C30C848}\Mobile Mouse Server.msi a variant of Win32/HiddenStart.A application
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\20\61a55414-1dda8199 Java/Exploit.Agent.NCH trojan
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\1b6211a6-4609c927 Java/Exploit.CVE-2011-3544.F trojan
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\4ab61cc5-20587e80 a variant of Java/Exploit.CVE-2012-1723.CP trojan
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\5\5c97d9c5-27377a89 multiple threats
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\6\3f054e06-1a444994 multiple threats
C:\Users\Evan\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\60\68bd49bc-71ad90de multiple threats
C:\Windows\Installer\4f4bb9d.msi a variant of Win32/HiddenStart.A application

#9 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 14 October 2012 - 11:23 AM

Great! All I have left for you is some very important cleanup that will also clean up those ESET detections:

Posted Image Uninstall ComboFix
  • Press the Windows key + R on your keyboard or click Start -> Run. Copy and past the following text into the run box that opens and press OK:
    Combofix /Uninstall
Posted Image

Posted Image Delete the following tools along with any other logs you saved from our work:
  • DDS
  • GMER
  • TDSSKiller
Posted Image Download TFC to your desktop
  • Close any open windows.
  • Double click the TFC icon to run the program
  • TFC will close all open programs itself in order to run,
  • Click the Start button to begin the process.
  • Allow TFC to run uninterrupted.
  • The program should not take long to finish it's job
  • Once its finished it should automatically reboot your machine,
  • if it doesn't, manually reboot to ensure a complete clean
Posted Image Finally, I'd like to make a couple of suggestions to help you stay clean in the future:
  • Restart any anti-malware programs that we disabled while we were cleaning your machine.
  • Keep your antivirus application and MBAM current and updated. Scan with them at least weekly.
  • Please read this post for some helpful information.
Please post once more so I know you are all set and I can mark this thread resolved. Good luck and stay safe!

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#10 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 14 October 2012 - 12:00 PM

Without thinking, I deleted the Combofix icon from my desktop without uninstalling it. Now I don't have the option to uninstall it through the Run box. Is there anything that I need to do because of this?

#11 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 14 October 2012 - 01:45 PM

Download a new copy from this Link, save it to your desktop, then follow the uninstall instructions.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#12 EvanOz

EvanOz
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Local time:04:26 PM

Posted 14 October 2012 - 03:08 PM

All done and cleaned! System seems to be perfect. Thank you so much!!

#13 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 14 October 2012 - 09:50 PM

You're welcome. Take care!

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif


#14 RPMcMurphy

RPMcMurphy

    Bleeping *^#@%~


  • Malware Response Team
  • 3,970 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:26 PM

Posted 15 October 2012 - 08:26 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

Threads are closed after 5 days of inactivity.

ASAP & UNITE Member


The help you receive here is free. If you wish to show your appreciation, then you may btn_donate_SM.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users