TechSpot

HTML Script Inf, Iframe and Framer Trojan Problems

By Moraelyn
Apr 11, 2011
  1. Avast on both my desktop and laptop computers started reporting a Trojan attack when I visit almost any page, reporting it as either HTML Script-Inf (95% of the time), or HTML Iframe or Framer Trojans.

    I will post about the laptop first. I first ran an Avast full scan and it identified every single html file on my computer as infected. I deleted them all, and then proceeded as you instructed.

    The Malwarebytes log:

    Malwarebytes' Anti-Malware 1.50.1.1100
    www.malwarebytes.org

    Database version: 6337

    Windows 6.0.6002 Service Pack 2
    Internet Explorer 8.0.6001.18943

    11-Apr-11 23:09:54
    mbam-log-2011-04-11 (23-09-54).txt

    Scan type: Quick scan
    Objects scanned: 149842
    Time elapsed: 4 minute(s), 13 second(s)

    Memory Processes Infected: 0
    Memory Modules Infected: 0
    Registry Keys Infected: 0
    Registry Values Infected: 0
    Registry Data Items Infected: 0
    Folders Infected: 0
    Files Infected: 0

    Memory Processes Infected:
    (No malicious items detected)

    Memory Modules Infected:
    (No malicious items detected)

    Registry Keys Infected:
    (No malicious items detected)

    Registry Values Infected:
    (No malicious items detected)

    Registry Data Items Infected:
    (No malicious items detected)

    Folders Infected:
    (No malicious items detected)

    Files Infected:
    (No malicious items detected)

    The DDS log:

    .
    DDS (Ver_11-03-05.01) - NTFSx86
    Run by Nikola at 23:41:22.80 on 11-Apr-11
    Internet Explorer: 8.0.6001.18943 BrowserJavaVersion: 1.6.0_24
    Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1714 [GMT 2:00]
    .
    AV: avast! Antivirus *Disabled/Updated* {C37D8F93-0602-E43C-40AA-47DAD597F308}
    SP: avast! Antivirus *Disabled/Updated* {781C6E77-2038-EBB2-7A1A-7CA8AE10B9B5}
    SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    C:\Windows\system32\svchost.exe -k rpcss
    C:\Windows\System32\svchost.exe -k secsvcs
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k GPSvcGroup
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Windows\system32\agrsmsvc.exe
    C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Toshiba TEMPRO\TempoSVC.exe
    C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
    C:\Windows\system32\TODDSrv.exe
    C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
    c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
    C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Windows\System32\svchost.exe -k WerSvcGroup
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\system32\spool\DRIVERS\W32X86\3\HP1006MC.EXE
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
    C:\Program Files\Google\Google EULA\GoogleEULALauncher.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
    C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
    C:\Program Files\Toshiba\SmoothView\SmoothView.exe
    C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
    C:\Windows\System32\igfxtray.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
    C:\Users\Nikola\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
    c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
    c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
    c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
    C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    C:\Windows\system32\wuauclt.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Internet Download\dds.scr
    C:\Windows\system32\conime.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
    uDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
    mStart Page = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA
    mDefault_Page_URL = hxxp://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA;
    BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
    BHO: jZip Webmail plugin: {647fd14a-c4f1-46f4-8fc3-0b40f54226f7} - c:\program files\jzip\WebmailPlugin.dll
    BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
    mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
    mRun: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
    mRun: [NDSTray.exe] NDSTray.exe
    mRun: [cfFncEnabler.exe] cfFncEnabler.exe
    mRun: [topi] c:\program files\toshiba\toshiba online product information\topi.exe -startup
    mRun: [Google EULA Launcher] c:\program files\google\google eula\GoogleEULALauncher.exe IE PA
    mRun: [Toshiba TEMPO] c:\program files\toshiba tempro\Toshiba.Tempo.UI.TrayApplication.exe
    mRun: [RtHDVCpl] RtHDVCpl.exe
    mRun: [Camera Assistant Software] "c:\program files\camera assistant software for toshiba\traybar.exe" /start
    mRun: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
    mRun: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
    mRun: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
    mRun: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
    mRun: [Toshiba Registration] c:\program files\toshiba\registration\ToshibaRegistration.exe
    mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
    mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
    mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
    mRun: [Persistence] c:\windows\system32\igfxpers.exe
    mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [avast5] c:\progra~1\alwils~1\avast5\avastUI.exe /nogui
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"
    mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
    StartupFolder: c:\users\nikola\appdata\roaming\micros~1\windows\startm~1\programs\startup\dropbox.lnk - c:\users\nikola\appdata\roaming\dropbox\bin\Dropbox.exe
    StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\blueto~1.lnk - c:\program files\toshiba\bluetooth toshiba stack\TosBtMng.exe
    mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
    mPolicies-system: EnableLUA = 0 (0x0)
    mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
    IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
    IE: {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4
    IE: {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/redirect-home?tag=Toshibaukbholink-21&site=home
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_06-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
    DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
    Notify: igfxcui - igfxdev.dll
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\users\nikola\appdata\roaming\mozilla\firefox\profiles\ey7oo3gi.default\
    FF - prefs.js: browser.startup.homepage - about:blank
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: c:\program files\microsoft silverlight\4.0.50401.0\npctrlui.dll
    FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll
    .
    ============= SERVICES / DRIVERS ===============
    .
    R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2009-2-13 294608]
    R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver;c:\windows\system32\drivers\RtlProt.sys [2009-2-13 25896]
    R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-2-13 17744]
    R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2009-2-13 51280]
    R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-5-12 40384]
    R2 ConfigFree Service;ConfigFree Service;c:\program files\toshiba\configfree\CFSvcs.exe [2008-4-17 40960]
    R2 TempoMonitoringService;Notebook Performance Tuning Service ;c:\program files\toshiba tempro\TempoSVC.exe [2008-4-24 99720]
    R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service;c:\program files\toshiba\smartlogservice\TosIPCSrv.exe [2007-12-3 126976]
    R3 FwLnk;FwLnk Driver;c:\windows\system32\drivers\FwLnk.sys [2008-7-1 7168]
    R3 RTL8187B;Realtek RTL8187B Wireless 802.11b/g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187B.sys [2009-6-10 347648]
    R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv;c:\program files\toshiba\smartfacev\SmartFaceVWatchSrv.exe [2008-4-24 73728]
    S3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\drivers\ewusbfake.sys [2011-2-1 103040]
    S3 Ph3xIB32;Philips 713x Inbox PCI TV Card;c:\windows\system32\drivers\Ph3xIB32.sys [2006-11-2 1083520]
    .
    =============== Created Last 30 ================
    .
    2011-04-11 21:05:12 -------- d-----w- c:\users\nikola\appdata\roaming\Malwarebytes
    2011-04-11 21:05:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
    2011-04-11 21:05:08 -------- d-----w- c:\progra~2\Malwarebytes
    2011-04-11 21:05:05 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
    2011-04-11 21:05:05 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
    2011-04-11 20:44:59 781272 ----a-w- c:\program files\mozilla firefox\mozsqlite3.dll
    2011-04-11 20:44:59 728024 ----a-w- c:\program files\mozilla firefox\libGLESv2.dll
    2011-04-11 20:44:59 1975768 ----a-w- c:\program files\mozilla firefox\D3DCompiler_42.dll
    2011-04-11 20:44:59 1893336 ----a-w- c:\program files\mozilla firefox\d3dx9_42.dll
    2011-04-11 20:44:59 1874904 ----a-w- c:\program files\mozilla firefox\mozjs.dll
    2011-04-11 20:44:59 15832 ----a-w- c:\program files\mozilla firefox\mozalloc.dll
    2011-04-11 20:44:59 142296 ----a-w- c:\program files\mozilla firefox\libEGL.dll
    2011-04-11 20:44:59 142296 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    .
    ==================== Find3M ====================
    .
    2011-04-01 16:31:19 60 ----a-w- c:\windows\wpd99.drv
    2011-02-02 20:40:23 472808 ----a-w- c:\windows\system32\deployJava1.dll
    2011-01-13 08:47:35 38848 ----a-w- c:\windows\avastSS.scr
    .
    ============= FINISH: 23:41:50.40 ===============



    The DDS "Attach" log:

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_11-03-05.01)
    .
    Microsoft® Windows Vista™ Home Premium
    Boot Device: \Device\HarddiskVolume2
    Install Date: 13-Feb-09 13:16:52
    System Uptime: 11-Apr-11 23:00:57 (0 hours ago)
    .
    Motherboard: Intel Corp. | | Base Board Product Name
    Processor: Intel(R) Pentium(R) Dual CPU T3200 @ 2.00GHz | CPU | 2000/667mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 116 GiB total, 57.209 GiB free.
    E: is FIXED (NTFS) - 115 GiB total, 109.621 GiB free.
    F: is CDROM (CDFS)
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP165: 23-Nov-10 15:07:34 - Windows Update
    RP166: 25-Nov-10 16:27:39 - Installed Java(TM) 6 Update 22
    RP167: 17-Dec-10 02:01:16 - Installed Java(TM) 6 Update 23
    RP168: 17-Jan-11 18:39:00 - Windows Update
    RP175: 06-Feb-11 19:13:00 - Scheduled Checkpoint
    RP176: 11-Feb-11 18:19:25 - Scheduled Checkpoint
    RP177: 12-Feb-11 10:57:15 - Scheduled Checkpoint
    RP178: 19-Feb-11 20:45:42 - Scheduled Checkpoint
    RP179: 17-Mar-11 13:38:13 - Installed Java(TM) 6 Update 24
    .
    ==== Installed Programs ======================
    .
    ACDSee Classic
    Adobe Flash Player 10 ActiveX
    Adobe Flash Player 10 Plugin
    Adobe Reader 8.2.6
    Apple Software Update
    avast! Free Antivirus
    Bluetooth Stack for Windows by Toshiba
    Camera Assistant Software for Toshiba
    CD/DVD Drive Acoustic Silencer
    Compatibility Pack for the 2007 Office system
    Crystal Reports 10
    DivX Setup
    Dropbox
    DVD MovieFactory for TOSHIBA
    DVDx 2
    Elektronski test 1.1
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
    Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
    HP LaserJet P1000 series
    HPSSupply
    Intel(R) Graphics Media Accelerator Driver
    Intel® Matrix Storage Manager
    Java Auto Updater
    Java(TM) 6 Update 24
    Java(TM) 6 Update 6
    jZip
    Malwarebytes' Anti-Malware
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Security Update (KB979906)
    Microsoft .NET Framework 3.5 SP1
    Microsoft Office FrontPage 2003
    Microsoft Office Professional Edition 2003
    Microsoft Silverlight
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft XML Parser
    Mount&Blade
    Mozilla Firefox 4.0 (x86 en-US)
    MrvlUsgTracking
    MSXML 4.0 SP2 (KB941833)
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MySQL Connector/ODBC 3.51
    Paint Shop Pro 6.0 Evaluation
    Pdf995
    PDFCreator 0.8.0
    Playchess
    QuickTime
    Real Alternative 2.0.2
    Realtek 8169 8168 8101E 8102E Ethernet Driver
    Realtek High Definition Audio Driver
    REALTEK RTL8187B Wireless LAN Driver
    Realtek WiFi Protected Setup Library
    RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02
    Security Update for Windows Media Encoder (KB954156)
    Security Update for Windows Media Encoder (KB979332)
    Skype™ 4.2
    Synaptics Pointing Device Driver
    System Requirements Lab
    Telenor Internet
    TOSHIBA Assist
    TOSHIBA ConfigFree
    TOSHIBA Disc Creator
    TOSHIBA DVD PLAYER
    TOSHIBA Extended Tiles for Windows Mobility Center
    TOSHIBA Face Recognition
    TOSHIBA Hardware Setup
    TOSHIBA Manuals
    Toshiba Online Product Information
    TOSHIBA Recovery Disc Creator
    TOSHIBA SD Memory Utilities
    TOSHIBA Software Modem
    TOSHIBA Supervisor Password
    Toshiba TEMPRO
    TOSHIBA Value Added Package
    TRDCReminder
    TRORDCLauncher
    Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
    VC80CRTRedist - 8.0.50727.4053
    VLC media player 1.1.0
    Vuze
    Windows Media Encoder 9 Series
    Windows Media Player Firefox Plugin
    .
    ==== Event Viewer Messages From Past Week ========
    .
    10-Apr-11 14:26:13, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.17.110 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.24.1 (The DHCP Server sent a DHCPNACK message).
    09-Apr-11 13:28:47, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.0.102 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.17.1 (The DHCP Server sent a DHCPNACK message).
    06-Apr-11 14:54:35, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.17.106 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.24.1 (The DHCP Server sent a DHCPNACK message).
    06-Apr-11 14:54:01, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.23 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.17.1 (The DHCP Server sent a DHCPNACK message).
    05-Apr-11 15:02:26, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.24.12 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.24.1 (The DHCP Server sent a DHCPNACK message).
    05-Apr-11 12:54:30, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.1.33 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).
    05-Apr-11 11:32:06, Error: Microsoft-Windows-Dhcp-Client [1002] - The IP address lease 192.168.24.12 for the Network Card with network address 0021636E1EEF has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
    .
    ==== End Of File ===========================


    Thank you very much in advance for your help.
     
  2. Broni

    Broni Malware Annihilator Posts: 52,895   +344

    Welcome aboard [​IMG]

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running tools or applying updates other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

    ====================================================================

    GMER log is missing.
     
  3. Broni

    Broni Malware Annihilator Posts: 52,895   +344

  4. Moraelyn

    Moraelyn TS Rookie Topic Starter

    Well, after updating Avast and waiting for 24 hours, there seem to be absolutely no problems.

    It appears that it was all due to that bad update from Avast.

    In any case, thank you for the quick reply and willingness to help, I really appreciate it.
     
  5. Broni

    Broni Malware Annihilator Posts: 52,895   +344

    That must be it :)
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...