Home > Antivirus Pro 2010 Malware. Ran DDS Log.

Antivirus Pro 2010 Malware. Ran DDS Log.

I'm not engaging in sock-puppetry here and you won't find 100 upvotes and comments about how helpful AssertNull is in answering questions and I won't be answering programming questions under this After reboot, I did not see the Anti-Virus Pro startup screen or task tray icon. C:\Windows\Temp\_avast5_\unp101265229.tmp (Trojan.Agent) -> Quarantined and deleted successfully. Oct 15, 2010 #12 Bobbye Helper on the Fringe Posts: 16,335 +36 Please tell me about this: ChrisDesktop Is this a folder you set up and named? news

You should update and rescan with Malwarebytes, checking the line for removal. I've only had W7 installed on this machine for about a week and haven't altered anything that I'm aware of. I the looked up and saw about process explorer which I was able to download but again won't let me run the program with a same type of message. Follow that with> Eset NOD32 Online AntiVirus scan HERE Tick the box next to YES, I accept the Terms of Use. http://www.bleepingcomputer.com/forums/t/260590/antivirus-pro-2010-malware-ran-dds-log/

C:\Windows\Temp\_avast5_\unp102114845.tmp (Trojan.Agent) -> Quarantined and deleted successfully. Oct 14, 2010 #9 MrSheen TS Rookie Topic Starter Yep. It's important that as much as possible removed.

Sorry if this is all a bit vague. I am trying to stress these two points.UPDATE UPDATE UPDATE!!! When finished, it shall produce a log for you. c:\Users\hp\AppData\Roaming\Zaykci\moynn.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

You may also find it helpful to print out the instructions you receive, as in some instances you may have to disconnect your computer from the Internet.PLEASE NOTE: If you do windows-virus This question has already been answered. Attached Files: DDS.txt File size: 24.4 KB Views: 2 Oct 13, 2010 #8 Bobbye Helper on the Fringe Posts: 16,335 +36 Use multiple posts if needed but the logs must check these guys out Oct 11, 2010 #6 MrSheen TS Rookie Topic Starter Here's the OTM log: All processes killed ========== PROCESSES ========== ========== FILES ========== D:\Software\avast pro\Avast Internet Security 5.0.545{h33t}{mad dog}\setup_ais_eng.exe moved successfully. ==========

Please follow these steps to remove older version Java components and update to the latest version...Updating Java:Download the latest version of Java Runtime Environment (JRE) 6 Update 20.Click the Download button That may cause it to stall.Do not "re-run" Combofix. C:\Windows\Temp\_avast5_\unp234453492.tmp (Trojan.Agent) -> Quarantined and deleted successfully. Try booting the machine into Safe Mode then try aswMBR again: Reboot Your System in Safe Mode Restart your computer.As soon as BIOS is loaded begin tapping the F8 key until

Important! c:\Users\hp\AppData\Roaming\microsoft\88CF\F65.exe (Malware.Packer) -> Quarantined and deleted successfully. Anybody can ask, anybody can answer. button.

Thanks. - Eric Back to top #6 oldman960 oldman960 Forum God Classroom Teacher 14,710 posts Posted 05 September 2009 - 02:27 PM Hi modena2904, Thanks. navigate to this website Please include a link to this thread with your request. scanning hidden files ... I switched it off and stopped using it.

There were 9 files for Avast showing infected: C:\Windows\Temp\_avast5_\unp101265229.tmp (Trojan.Agent)Some searching in the Avast forums indicate these [unp] files are from the Avast Self-Defense Module. Oct 16, 2010 #17 MrSheen TS Rookie Topic Starter OTL logfile created on: 18/10/2010 23:54:59 - Run 1 OTL by OldTimer - Version 3.2.15.2 Folder = C:\Users\ChrisDesktop\Desktop 64bit- Home Premium Edition Provided removal instructions are meant to be used in the correspondent user's case only. http://bgmediaworld.com/antivirus-pro/antivirus-pro-2010-i-think.php That's why you got malware with the AV program.

Will get back to you when I hear. I clicked "ok" each time. Make sure you do this about every 1-2 weeks.Make sure all of your security programs are up to date.Visit Microsoft's Windows Update Site Frequently - It is important that you visit

O32 - HKLM CDRom: AutoRun - 1 O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35:64bit: - HKLM\..comfile [open] -- "%1" %* O35:64bit: - HKLM\..exefile [open] -- "%1"

When done, DDS will open two (2) logs: DDS.txt Attach.txt[*]Save both reports to your desktop.=Download Security Check by screen317 and save it to your Desktop: here or hereRun Security Check Follow It has done this 1 time(s). Sign In Sign Up Browse Back Browse Forums Guidelines Staff Online Users Members Activity Back Activity All Activity My Activity Streams Unread Content Content I Started Search Malwarebytes.com Back Malwarebytes.com Malwarebytes antivirus 4.8.1351 [VPS 090904-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) .

It has done this 1 time(s). It is Essential that you use a Clean (uninfected) computer to change ALL of your passwords for the online services (banking etc) that you use. I wouldn't bet on it. click site Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4.

It appears this is a torrent download. It has done this 2 time(s). Thanks!The fixes and advice in this thread are for this machine only. scanning hidden autostart entries ...

Also, those startup items are still listed in msconfig (although now disabled). If you have problems create a thread in the forum, please.Don't post your log into other user's topic, create a new one. c:\docume~1\Eric\LOCALS~1\Temp\catchme.dll c:\documents and settings\All Users\Application Data\apemela.pif c:\documents and settings\All Users\Application Data\ezagixegy.bin c:\documents and settings\All Users\Application Data\imorak.lib c:\documents and settings\All Users\Application Data\irufo.dl c:\documents and settings\All Users\Application Data\laqi.lib c:\documents and settings\All Users\Application Data\newe.scr Below are the log files from all three runs of Malwarebytes Anti-Malware, along with a current HijackThis log file. ======= Anti-Malware 1st Run ========= Malwarebytes' Anti-Malware 1.40 Database version: 2744 Windows

I can't access it, format it or get rid of it. iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - Worst thing is that you are still infected and your pc is doing who-knows-what without your knowledge. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\TL8gRZqhYwUeOtP8234A (Malware.Packer) -> Value: TL8gRZqhYwUeOtP8234A -> Quarantined and deleted successfully.

However, it can slow down certain computers. Without a firewall your computer is susceptible to being hacked and taken over. Provided removal instructions are meant to be used in the correspondent user's case only. Please use "Reply to this topic" -button while replying.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mqvpc (Trojan.Agent) -> Quarantined and deleted successfully. I recommend either Online Armor Free or Comodo Firewall Pro (If you choose Comodo: Uncheck during installation Install Comodo HopSurf.., Make Comodo my default search provider and Make Comodo Search my In a very basic sense, they are used to locate webpages. Thirdly, I can identify a few of the exe files, but not the source.

Malwarebytes' Anti-Malware 1.51.2.1300 www.malwarebytes.org Database version: 8146 Windows 6.0.6002 Service Pack 2 Internet Explorer 9.0.8112.16421 11/12/2011 12:37:09 PM mbam-log-2011-11-12 (12-37-09).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 824363 Time elapsed: 3 C:\WINDOWS\braviax.exe (Trojan.Downloader) -> Quarantined and deleted successfully. ======= Anti-Malware 2nd Run ========= Malwarebytes' Anti-Malware 1.40 Database version: 2744 Windows 5.1.2600 Service Pack 3 9/5/2009 8:59:49 AM mbam-log-2009-09-05 (08-59-49).txt Scan type: Quick C:\WINDOWS\system32\braviax.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully.