Home > Antimalware Doctor > Antimalware Doctor Still Hanging On

Antimalware Doctor Still Hanging On

IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 27-12-2009 22:52:46 System Uptime: 06-05-2010 10:55:17 (730 hours ago) Motherboard: Gigabyte Technology Now I still get the warning about AVG being installed (its not), but combofix will at least allow me to proceed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\HNUqOXRrta (Malware.Packer.Gen) -> Value: HNUqOXRrta -> Quarantined and deleted successfully. A log will open, please post the contents of that log in your next reply (it can also be found on your desktop, called GooredLog.txt). navigate here

Uncheck the rest and then click OK. • Wait till the scanner has finished and then click File, Save Report. • Post the report here. Last edited by crisislover; 04-19-2011 at 03:44 PM. Click Start, click Shut down, click Restart, click OK. Jump to content FacebookTwitter Geeks to Go Forum Security Virus, Spyware, Malware Removal Welcome to Geeks to Go - Register now for FREE Geeks To Go is a helpful hub, where

Run OTL •Under the Custom Scans/Fixes box at the bottom, paste in the following ============================== :Files C:\WINDOWS\system32\drivers\volsnap.sys|C:\WINDOWS\ServicePackFiles\i386\volsnap.sys /replace :Commands [purity] [resethosts] [emptytemp] [EMPTYFLASH] [CREATERESTOREPOINT] [Reboot] ============================= •Then click the Run Fix c:\WINDOWS\Temp\67.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. Again, sorry for not replying soon.Cheerscantor Back to top #22 Blade Blade Strong in the Bleepforce Site Admin 12,673 posts OFFLINE Gender:Male Location:US Local time:05:30 PM Posted 14 October 2010

c:\WINDOWS\Temp\66.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully. I ran Malwarebytes and it came out with this: Malwarebytes' Anti-Malware Malwarebytes Database version: 6391 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 4/18/2011 1:39:45 PM mbam-log-2011-04-18 (13-39-45).txt Scan type: You may have pulled in a "redirect" virus that intercepts Web searches and redirects you to its own fake results. (Apple computers aren't immune to this, either.) If you click anywhere Get OTL and save it to your desktop.

E: is FIXED (NTFS) - 76 GiB total, 5,954 GiB free. Don't forget to update the installed program before scanning. 3. also the icons in my tray went away.Killed a process called tnirstvtssd.exe and the program stoped. https://www.experts-exchange.com/questions/27084014/post-antimalware-doctor-infection-recurs-despite-rkill-combofix-mbam-SAS.html I'll be very grateful for any help I can get.

I will take care not to knowingly suggest courses of action that might damage your computer. Please post that log in your next reply.The log can also be found here: Launch Malwarebytes' Anti-MalwareClick on the Logs radio tab.Note: If MBAM encounters a file that is difficult to Download HijackThis and save it to your desktop. When finished, a notepad file should open up.

Jump to content Sign In Create Account Search Advanced Search section: This topic Forums Members Help Files Calendar View New Content Forum Rules BleepingComputer.com Forums Members Tutorials Startup List additional hints Removed attack detected! Error - 5/25/2011 2:52:58 PM | Computer Name = SINDHU | Source = DCOM | ID = 10010Description = The server {58FC39EB-9DBD-4EA7-B7B4-9404CC6ACFAB} did not register with DCOM within the required timeout. Do you think it's this chinese text program?

C:\Users\Jeroen\AppData\Local\Temp\winlogon.exe (Trojan.Downloader) -> Unloaded process successfully. check over here As it turned out, if I had clicked anywhere in the Antimalware Doctor window (even on the red "X" to close it), more malware might have streamed into my PC, including I'm hoping someone here will be able to help me. C:\Users\Jeroen\AppData\Local\Temp\70AC.tmp (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run\MKZe (Malware.Packer.Gen) -> Value: MKZe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run\MKfpe (Malware.Packer.Gen) -> Value: MKfpe -> Quarantined and deleted successfully. I tried creating a new admin user and tried re-dl-ing a fresh copy of combofix, but still no progression beyond the autoscan initial message. (FYI, when the autoscan screen comes up, his comment is here We achieve RTOs (recovery time objectives) as low as 15 seconds. 30 Day Free Trial Question has a verified solution.

They might suggest it if it is needed. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\lvfnzkfgnz (Trojan.Downloader) -> Quarantined and deleted successfully. These deceptive messages trick users into downloading a rogue antivirus program on their computers.

If so, search this blog for removal instructions or browse computer threats by category.

C:\Users\Jeroen\Downloads\Anno 1404 CrackOnly\Anno1404_Crack.exe (Trojan.Bancos) -> Quarantined and deleted successfully. Join the community of 500,000 technology professionals and ask your questions. However, when I look in there I can't see either the explorer.ex_ or winlogon.ex_ folders. Deletemalware.blogspot.com can not be held responsible for problems that may occur by using this information.

Inc.)"C:\Program Files\Yahoo!\Messenger\YServer.exe" = C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! If I don't respond within 2 days, please feel free to PM me.Please don't ask for help via PM. There should be something there if volsnap.sys is infected. weblink If you are unable to remove Antimalware Doctor, you can use these manual removal instructions.

Also, I'm trying to contact the owner of the laptop to ensure the virus is still gone (bcz combofix still hung when I returned it to her.) Things that might have Download Hijack This, do a systemscan+log and save it HijackThis - Trend Micro USA 2.