tigweld Posted July 8, 2010 ID:281029 Share Posted July 8, 2010 Hello-AV Security Suite just popped up on my computer. I followed the directions in the Self Help section for this particular problem, but I am still unable to access any sites on the internet. I downloaded Malwarebytes, ran the quick scan, and deleted the items. The directions say that no other action should be required so I am not sure how to proceed. I would appreciate any advice. This is the log from the quick scan:Malwarebytes' Anti-Malware 1.46www.malwarebytes.orgDatabase version: 4290Windows 5.1.2600 Service Pack 3Internet Explorer 8.0.6001.187027/7/2010 10:34:03 PMmbam-log-2010-07-07 (22-34-03).txtScan type: Quick scanObjects scanned: 142879Time elapsed: 12 minute(s), 13 second(s)Memory Processes Infected: 1Memory Modules Infected: 0Registry Keys Infected: 8Registry Values Infected: 2Registry Data Items Infected: 0Folders Infected: 0Files Infected: 3Memory Processes Infected:C:\Documents and Settings\Owner\Local Settings\Application Data\hpnhlncer\gwxtlmctssd.exe (Trojan.Downloader) -> Unloaded process successfully.Memory Modules Infected:(No malicious items detected)Registry Keys Infected:HKEY_CLASSES_ROOT\cmaidctlapp.maidctrl.1 (Adware.ClosetMaid) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{7fe26be2-b923-4b41-9834-e84da1cc1f96} (Adware.ClosetMaid) -> Quarantined and deleted successfully.HKEY_CLASSES_ROOT\CLSID\{9d761d3a-e8bd-434b-b42b-520d8fe1da3a} (Adware.ClosetMaid) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\Software\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.HKEY_CURRENT_USER\Software\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\avsoft (Trojan.Fraudpack) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\avsuite (Rogue.AntivirusSuite) -> Quarantined and deleted successfully.Registry Values Infected:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmildvaw (Trojan.Downloader) -> Quarantined and deleted successfully.HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\cmildvaw (Trojan.Downloader) -> Quarantined and deleted successfully.Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Documents and Settings\Owner\Local Settings\Application Data\hpnhlncer\gwxtlmctssd.exe (Trojan.Downloader) -> Quarantined and deleted successfully.C:\WINNT\Downloaded Program Files\CMAIDCTL.OCX (Adware.ClosetMaid) -> Quarantined and deleted successfully.C:\Documents and Settings\Owner\Local Settings\Temp\svchost.exe (Trojan.Downloader) -> Quarantined and deleted successfully. Link to post Share on other sites More sharing options...
Maniac Posted July 8, 2010 ID:281186 Share Posted July 8, 2010 Hello tigweld! Welcome to Malwarebytes' Anti-Malware Forums!My name is Borislav and I will be glad to help you solve your problems with malware. Before we begin, please note the following: The process of cleaning your system may take some time, so please be patient.Follow my instructions step by step if there is a problem somewhere, stop and tell me.Stay with the thread until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.Instructions that I give are for your system only!If you don't know or can't understand something please ask. Do not install or uninstall any software or hardware, while work on.Keep me informed about any changes.Follow these instructions and post all logs if you can:http://forums.malwarebytes.org/index.php?showtopic=9573 Link to post Share on other sites More sharing options...
madmelvin Posted July 8, 2010 ID:281370 Share Posted July 8, 2010 Thank you, but I will no longer need your help. Link to post Share on other sites More sharing options...
Recommended Posts