HELP: Trojan on pc which is now removed but so is AVG

Jo4

waddler_8 wrote: »

The logs look ok. If everythings ok now, uninstall combofix

Open a Run command box (Windows key + R) and copy paste this command in:

ComboFix /uninstall

Note the space between ComboFix and /uninstall , it needs to be there.

Click OK

Let me know if that wasn't successful before proceeding to remove OTM and its folder. If it was, continue on with this:

• Right-click OTM.exe & choose "Run as Administrator" to run it.
• Click the CleanUp! button
• Select Yes when the Begin cleanup Process? Prompt appears
• If you are prompted to Reboot during the cleanup, select Yes
• The tool will delete itself once it finishes, if not delete it by yourself

Then download and install an antivirus of your choice & run a scan with it.

Which anti virus would you install?

waddler_8

Any of the free ones - Avast, Avira, AVG, MSE... It's personal preference really. If your used to how AVG works then maybe you could install that again but it wouldn't be my first choice.

Jo4

waddler_8 wrote: »

Any of the free ones - Avast, Avira, AVG, MSE... It's personal preference really. If your used to how AVG works then maybe you could install that again but it wouldn't be my first choice.

Since you obviously know an awful lot about computers can I ask what your first choice would be?

My Dad was wondering what you actually do for a living? BTW I understand if you don't answer Dad's question as he cannot understand how come someone is fixing his computer and they haven't asked for money to do it! :eek:

waddler_8

I really don't have a preference although I do currently have MSE on my personal machines (Aside from my testbox that has Avast on it at the moment). There all as good/bad as each other. People will always say one is better than another but there's a lot more to securing a PC than the antivirus alone.

waddler_8

Jo4 wrote: »

I understand if you don't answer Dad's question as he cannot understand how come someone is fixing his computer and they haven't asked for money to do it! :eek:

The bill's in the post!

Jo4

waddler_8 wrote: »

I really don't have a preference although I do currently have MSE on my personal machines (Aside from my testbox that has Avast on it at the moment). There all as good/bad as each other. People will always say one is better than another but there's a lot more to securing a PC than the antivirus alone.

I am installing MSE on the pc. :j I didn't think you would state what you do but Dad wanted me to ask, sorry for being nosey!

Jo4

waddler_8 wrote: »

The bill's in the post!

I dread to see the price of it! :eek:

No one can ever be paid or thanked enough for what you have done. THANK YOU! :A :T :beer:

waddler_8

Combofix couldn't clean or replace some files that were infected so unfortunately had to delete them.

c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe . . . is infected!!
c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe . . . was deleted!! You should re-install the program it pertains to

http://www.intel.com/support/viiv/updates.htm
http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=pv-58790-1&cc=uk&dlc=en&lc=en

(Check it's correct for your model. Let me know if you need further help with this)

c:\program files\Common Files\LightScribe\LSSrvc.exe . . . is infected!!
c:\program files\Common Files\LightScribe\LSSrvc.exe . . . was deleted!! You should re-install the program it pertains to

http://www.lightscribe.com/

I'd also uninstall these:

Adobe Reader 8.1.2 (Support for 8x ends very soon) http://get.adobe.com/uk/reader/

Advanced Registry Optimizer
ALOT Toolbar
Conduit Engine
ResultBar 1.0 build 113 (Probably gone already)

waddler_8

Jo4 wrote: »

No one can ever be paid or thanked enough for what you have done. THANK YOU!

No problem. Give yourself a big pat on the back - You've removed a very nasty rootkit!

Jo4

waddler_8 wrote: »

Combofix couldn't clean or replace some files that were infected so unfortunately had to delete them.


http://www.intel.com/support/viiv/updates.htm
http://h10025.www1.hp.com/ewfrf/wc/softwareDownloadIndex?softwareitem=pv-58790-1&cc=uk&dlc=en&lc=en

(Check it's correct for your model. Let me know if you need further help with this)

http://www.lightscribe.com/

I'd also uninstall these:

Adobe Reader 8.1.2 (Support for 8x ends very soon) http://get.adobe.com/uk/reader/

Advanced Registry Optimizer
ALOT Toolbar
Conduit Engine
ResultBar 1.0 build 113 (Probably gone already)

It had Intel Viiv 1.6.361.6 installed and it is now installing 1.7.1.