GeekPolice
Welcome to GeekPolice.net!

From "wow" to "whoa" - we're teaching practical technology and helping others with tech support. Join our family here!

You are viewing the forum as a "Guest" which doesn't give you member privileges to ask questions or post comments.

Take 30 seconds to register or log in below and unlock the limitations of this website to discover new computer knowledge!

3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

View previous topic View next topic Go down

3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

Post by yiujun on Mon Apr 12, 2010 7:34 am

I believe I went to a bad direct download server and suddenly I have all these pop-ups from the following 3 malware:

Digital Protection
Antimalware Doctor
Win 7 Defender Pro

I tried Trend Micro Housecall, did not remove the programs
I tried to install Malwarebytes' Anti-malware, I can't install even after I rename the exe

Can anyone help me remove these buggers? They are really frustrating me.. Sad tearing Sad tearing

I am currently running Combofix b/c I saw it in one of the threads in this forum. It wasn't until after I started to run it when I saw a warning saying that Combofix is extremely powerful and I shouldnt be running it unless some skilled person advised me to... really sorry, I should have read the forum rules before I began this process... I guess I was too hasty in my desperateness to get rid of these malware...

I will post up the log regardless after it finishes running..

ANY HELP WILL BE GREATLY APPRECIATED!! THANKS!!


Last edited by yiujun on Mon Apr 12, 2010 8:17 am; edited 1 time in total

yiujun
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2010-04-12
OS : Windows 7 Starter
Points : 24293
# Likes : 0

View user profile

Back to top Go down

Re: 3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

Post by yiujun on Mon Apr 12, 2010 7:41 am

Combofix log:

ComboFix 10-04-11.03 - SHIP 12/04/2010 0:25.1.2 - x86 NETWORK
Microsoft Windows 7 Starter 6.1.7600.0.1252.2.1033.18.1014.658 [GMT -7:00]
Running from: c:\users\SHIP\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\programdata\fiosejgfse.dll
c:\users\SHIP\AppData\Local\ave.exe
c:\users\SHIP\AppData\Local\Microsoft\Windows\Temporary Internet Files\86j2v4Kw.jpg
c:\users\SHIP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Rnbq4DF.jpg
c:\users\SHIP\AppData\Local\Microsoft\Windows\Temporary Internet Files\WxS5WTS.jpg
c:\users\SHIP\AppData\Local\Microsoft\Windows\Temporary Internet Files\xDMHgl7.jpg
c:\users\SHIP\AppData\Roaming\564DD75DA3A3473B90719D1A47B6CA63
c:\users\SHIP\AppData\Roaming\564DD75DA3A3473B90719D1A47B6CA63\enemies-names.txt
c:\users\SHIP\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Antimalware Doctor.lnk
c:\users\SHIP\AppData\Roaming\Microsoft\Windows\Start Menu\Antimalware Doctor.lnk
c:\users\SHIP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor
c:\users\SHIP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor\Antimalware Doctor.lnk
c:\users\SHIP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antimalware Doctor\Uninstall.lnk
c:\users\SHIP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Antimalware Doctor.lnk
c:\users\SHIP\Desktop\Antimalware Doctor.lnk
c:\users\SHIP\FAVORI~1\_favdata.dat
c:\users\SHIP\Favorites\_favdata.dat
c:\users\SHIP\reader_s.exe
c:\windows\system32\Thumbs.db
c:\windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job
c:\windows\Tasks\{66BA574B-1E11-49b8-909C-8CC9E0E8E015}.job

.
((((((((((((((((((((((((( Files Created from 2010-03-12 to 2010-04-12 )))))))))))))))))))))))))))))))
.

2010-04-12 07:35 . 2010-04-12 07:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-04-12 06:36 . 2010-04-12 06:36 -------- d-----w- c:\users\SHIP\AppData\Local\ElevatedDiagnostics
2010-04-12 06:32 . 2010-04-12 07:21 182272 --sha-w- c:\users\SHIP\AppData\Local\2664644969.dll
2010-03-31 01:12 . 2010-02-23 07:56 977920 ----a-w- c:\windows\system32\wininet.dll
2010-03-17 07:14 . 2010-04-12 04:43 -------- d-----w- c:\users\SHIP\AppData\Roaming\vlc
2010-03-17 07:12 . 2010-03-17 07:12 -------- d-----w- c:\program files\VideoLAN

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-03-17 08:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Sidebar
2010-03-17 08:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Photo Viewer
2010-03-17 08:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\DVD Maker
2010-03-17 08:32 . 2009-07-14 02:37 -------- d-----w- c:\program files\Windows Mail
2010-03-17 08:32 . 2009-07-14 04:52 -------- d-----w- c:\program files\Windows Defender
2010-03-17 04:03 . 2009-11-10 23:25 -------- d-----w- c:\programdata\Microsoft Help
2010-03-01 08:15 . 2010-03-01 08:16 411368 ----a-w- c:\windows\system32\deploytk.dll
2010-03-01 08:15 . 2010-03-01 08:15 -------- d-----w- c:\program files\Java
2010-02-19 06:34 . 2010-02-19 06:34 -------- d-----w- c:\program files\Microsoft Silverlight
2010-02-18 11:51 . 2010-02-13 22:46 79136 ----a-w- c:\users\SHIP\AppData\Local\GDIPFONTCACHEV1.DAT
2010-02-18 05:58 . 2009-11-10 23:28 -------- d-----w- c:\program files\Microsoft Works
2010-02-14 07:13 . 2010-02-13 22:49 -------- d-----w- c:\program files\Windows Live
2010-02-13 23:14 . 2010-02-13 23:11 -------- d-----w- c:\users\SHIP\AppData\Roaming\Apple Computer
2010-02-13 23:13 . 2010-02-13 23:06 -------- d-----w- c:\programdata\Apple
2010-02-13 23:11 . 2010-02-13 23:10 -------- d-----w- c:\programdata\{755AC846-7372-4AC8-8550-C52491DAA8BD}
2010-02-13 23:11 . 2010-02-13 23:10 -------- d-----w- c:\program files\iTunes
2010-02-13 23:10 . 2010-02-13 23:10 -------- d-----w- c:\program files\iPod
2010-02-13 23:10 . 2010-02-13 23:06 -------- d-----w- c:\program files\Common Files\Apple
2010-02-13 23:10 . 2010-02-13 23:08 -------- d-----w- c:\programdata\Apple Computer
2010-02-13 23:09 . 2010-02-13 23:09 -------- d-----w- c:\program files\Bonjour
2010-02-13 23:09 . 2010-02-13 23:08 -------- d-----w- c:\program files\QuickTime
2010-02-13 23:08 . 2010-02-13 23:08 -------- d-----w- c:\program files\Apple Software Update
2010-02-13 23:02 . 2010-02-13 23:01 16265732 ----a-w- c:\users\SHIP\AppData\Roaming\Asus\ASUS Vibe\ASUSVibeSetup.exe
2010-02-13 23:01 . 2010-02-13 23:01 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2010-02-13 23:00 . 2010-02-13 23:00 -------- d-----w- c:\users\SHIP\AppData\Roaming\Asus
2010-02-13 22:57 . 2009-11-10 23:45 -------- d-----w- c:\programdata\Trend Micro
2010-02-13 22:56 . 2010-02-13 22:56 -------- d-----w- c:\programdata\GoBoingo
2010-02-13 22:56 . 2010-02-13 22:56 -------- d-----w- c:\program files\Boingo
2010-02-13 22:56 . 2009-11-10 23:24 -------- d-----w- c:\program files\ASUS
2010-02-13 22:56 . 2010-02-13 22:56 520192 ----a-w- c:\windows\system32\Eee PC 1005P Series.scr
2010-02-13 22:53 . 2010-02-13 22:50 -------- d-----w- c:\program files\Microsoft
2010-02-13 22:52 . 2010-02-13 22:52 -------- d-----w- c:\program files\Microsoft Sync Framework
2010-02-13 22:51 . 2010-02-13 22:51 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition
2010-02-13 22:49 . 2010-02-13 22:49 -------- d-----w- c:\program files\Windows Live SkyDrive
2010-02-13 22:47 . 2010-02-13 22:47 -------- d-----w- c:\program files\Common Files\Windows Live
2010-02-02 07:45 . 2010-02-25 03:07 2048 ----a-w- c:\windows\system32\tzres.dll
2010-01-23 03:51 . 2010-01-23 03:51 72488 ----a-w- c:\programdata\Apple Computer\Installer Cache\iTunes 9.0.3.15\SetupAdmin.exe
2010-01-18 23:29 . 2010-02-14 21:33 85504 ----a-w- c:\windows\system32\secproc_ssp_isv.dll
2010-01-18 23:29 . 2010-02-14 21:33 85504 ----a-w- c:\windows\system32\secproc_ssp.dll
2010-01-18 23:29 . 2010-02-14 21:33 365568 ----a-w- c:\windows\system32\secproc_isv.dll
2010-01-18 23:29 . 2010-02-14 21:33 369152 ----a-w- c:\windows\system32\secproc.dll
2010-01-18 23:28 . 2010-02-14 21:33 324608 ----a-w- c:\windows\system32\RMActivate_isv.exe
2010-01-18 23:28 . 2010-02-14 21:33 277504 ----a-w- c:\windows\system32\RMActivate_ssp_isv.exe
2010-01-18 23:28 . 2010-02-14 21:33 320512 ----a-w- c:\windows\system32\RMActivate.exe
2010-01-18 23:28 . 2010-02-14 21:33 280064 ----a-w- c:\windows\system32\RMActivate_ssp.exe
2009-06-10 21:26 . 2009-07-14 02:04 9633792 --sha-r- c:\windows\Fonts\StaticCache.dat
2009-07-14 01:14 . 2009-07-13 23:42 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension1]
@="{fe25455d-b4c2-4e32-97d2-92632ec1c224}"
[HKEY_CLASSES_ROOT\CLSID\{fe25455d-b4c2-4e32-97d2-92632ec1c224}]
2009-06-10 21:23 278864 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayIconExtension2]
@="{1fae2d88-a78e-4f03-909f-be818a3c1ce6}"
[HKEY_CLASSES_ROOT\CLSID\{1fae2d88-a78e-4f03-909f-be818a3c1ce6}]
2009-06-10 21:23 278864 ----a-w- c:\windows\System32\mscoree.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-07-14 1173504]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-27 3883856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUS Screen Saver Protector"="c:\windows\AsScrPro.exe" [2009-11-11 3058304]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-28 35696]
"Eee Docking"="c:\program files\ASUS\Eee Docking\Eee Docking.exe" [2009-11-17 414384]
"LiveUpdate"="AsusSender.exe" [2009-09-11 33768]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\iaanotif.exe" [2009-06-05 186904]
"SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2009-07-20 1545512]
"HotkeyMon"="AsusSender.exe" [2009-09-11 33768]
"HotkeyService"="AsusSender.exe" [2009-09-11 33768]
"SuperHybridEngine"="AsusSender.exe" [2009-09-11 33768]
"SynAsusAcpi"="c:\program files\Synaptics\SynTP\SynAsusAcpi.exe" [2009-07-20 83240]
"LivCam"="c:\program files\ASUS\LivCam\LivCam.exe" [2009-10-17 284160]
"EeeStorageBackup"="c:\program files\ASUS\Asus WebStorage\BackupService.exe" [2009-08-25 947472]
"UCam_Menu"="c:\program files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"VizorHtmlDialog.exe"="c:\program files\Trend Micro\Security\VizorHtmlDialog.exe" [2009-10-14 628016]
"Trend Micro Client Framework"="c:\program files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe" [2009-10-14 116008]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-10-05 141848]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-10-05 173592]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-10-05 150552]
"RtHDVCpl"="c:\program files\Realtek\Audio\HDA\RtHDVCpl.exe" [2009-09-29 7744032]
"OOBESetup"="c:\program files\asus\OOBERegBackup\OOBERegBackup.exe" [2009-09-30 338096]
"Boingo Wi-Fi"="c:\program files\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-02-13 2429]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-11-11 417792]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-01-23 141608]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2010-03-01 149280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv

R1 AsUpIO;AsUpIO;c:\windows\system32\drivers\AsUpIO.sys [2009-07-06 11448]
R2 Amsp;Trend Micro Solution Platform;c:\program files\Trend Micro\AMSP\coreServiceShell.exe coreFrameworkHost.exe [x]
R2 AsusService;Asus Launcher Service;c:\windows\System32\AsusService.exe [2009-08-19 219136]
R2 OberonGameConsoleService;Oberon Media Game Console service;c:\program files\Asus\Game Park\GameConsole\OberonGameConsoleService.exe [2009-09-15 44312]
R2 tmevtmgr;tmevtmgr;c:\windows\system32\DRIVERS\tmevtmgr.sys [2009-10-14 52752]
R3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2009-07-01 43944]
R3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\DRIVERS\btwl2cap.sys [x]
S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [2009-07-13 48128]
S3 L1C;NDIS Miniport Driver for Atheros AR8131/AR8132 PCI-E Ethernet Controller (NDIS 6.20);c:\windows\system32\DRIVERS\L1C62x86.sys [2009-07-27 51712]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation REG_MULTI_SZ SSDPSRV upnphost SCardSvr TBS FontCache fdrespub AppIDSvc QWAVE wcncsvc
.
.
------- Supplementary Scan -------
.
uStart Page = [You must be registered and logged in to see this link.]
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} - [You must be registered and logged in to see this link.]
FF - ProfilePath - c:\users\SHIP\AppData\Roaming\Mozilla\Firefox\Profiles\8a09sluv.default\
FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll
FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_colors", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("svg.smil.enabled", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.debug", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("html5.enable", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);
.
- - - - ORPHANS REMOVED - - - -

Toolbar-Locked - (no file)
HKLM-RunOnce- - (no file)


.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(1612)
c:\program files\ASUS\Asus WebStorage\LogicNP.EZShellExtensions.dll
c:\windows\assembly\GAC_32\System.Data.SQLite\1.0.60.0__db937bc2d44ff139\System.Data.SQLite.dll
.
Completion time: 2010-04-12 00:39:44
ComboFix-quarantined-files.txt 2010-04-12 07:39

Pre-Run: 77,137,182,720 bytes free
Post-Run: 77,311,307,776 bytes free

- - End Of File - - CE70294F1AFD3476829ACC0A6664A1A5

THANKS IN ADVANCE!

yiujun
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2010-04-12
OS : Windows 7 Starter
Points : 24293
# Likes : 0

View user profile

Back to top Go down

Re: 3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

Post by Belahzur on Mon Apr 12, 2010 8:17 pm

You aren't running Anti Virus Software

Please install Avira antivirus otherwise you won't be protected.

1) [You must be registered and logged in to see this link.]
-Free anti-virus software for Windows.
-Detects and removes more than 50,000 viruses. Free support.

It is strongly recommended that you run only one antivirus program at a time. Having more than one antivirus program active in memory uses additional resources and can result in program conflicts and false virus alerts.

Click Start > Run and copy/paste the following bolded text into the Run box and click OK:

ComboFix /uninstall

This will also reset your restore points.

How is the machine running now?


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

Re: 3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

Post by yiujun on Mon Apr 12, 2010 9:00 pm

Hi,

Since yesterday night I have downloaded Avira to protect my computer. Smile

The machine has been running fine every since I ran Combofix. No popups or anything at all. I also ran Malwarebytes' Anti-malware and got rid of some Digital Protection malware files. I will check the programs list again on my machine to ensure that everything was cleared out.

I guess I was lucky with Combofix - I was so worried after I found out that I shouldn't be running it without supervision. Lesson learned!

yiujun
Beginner
Beginner

Status :
Online
Offline

Posts : 3
Joined : 2010-04-12
OS : Windows 7 Starter
Points : 24293
# Likes : 0

View user profile

Back to top Go down

Re: 3 malware programs - Digital Protection, Antimalware Doctor, Win 7 Defender Pro

Post by Belahzur on Tue Apr 13, 2010 6:55 pm

Run ESET Online Scan
Please do an online scan with [You must be registered and logged in to see this link.]. Please use Internet Explorer as it uses ActiveX.

  • Check (tick) this box: YES, I accept the Terms of Use.
  • Click on the Start button next to it.
  • When prompted to run ActiveX. click Yes.
  • You will be asked to install an ActiveX. Click Install.
  • Once installed, the scanner will be initialized.
  • After the scanner is initialized, click Start.
  • Check (tick) Remove found threats box.
  • Check (tick) Scan unwanted applications.
  • Click on Scan.
  • It will start scanning. Please be patient.
  • Once the scan is done, the log will be saved here: C:\Program Files\esetonlinescanner\log.txt.


[You must be registered and logged in to see this link.] - [You must be registered and logged in to see this link.] - Please PM me if I fail to respond within 24hrs.


Belahzur
Administrator
Administrator

Status :
Online
Offline

Posts : 34916
Joined : 2008-08-03
Gender : Male
OS : XP SP3 Media Centre
Points : 245029
# Likes : 1

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum