Author Topic: SVC: swcustcfg > ???  (Read 5483 times)

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
SVC: swcustcfg > ???
« on: July 20, 2012, 11:06:40 AM »
Hi  :)

Avast is telling me that it has detected the following rootkit: SVC: swcustcfg > ???

Cannot delete or move to chest. Comes up with: Error: Error 0xA0000101. (-1610612479)

Any help would be much appreciated.

BTW I'm running Telstra bigpond wireless 4G and windows 7.

Regards, skipai

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #1 on: July 20, 2012, 11:15:30 AM »
For information only (don't apply any fixes, etc. they are unique), see this old topic on the same detection, http://forum.avast.com/index.php?topic=90891.0.

This needs further analysis by a malware removal specialist:
Go to this topic http://forum.avast.com/index.php?topic=53253.0 for information on Logs to assist in cleaning malware. Use the information about getting and using the tools and attach the logs here, not in the LOGS topic.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #2 on: July 20, 2012, 11:43:37 AM »
Unable to post as files are too large even though they are under 150k?

Cheers

Offline DavidR

  • avast! Überevangelist
  • Certainly Bot
  • *****
  • Posts: 69213
  • Gender: Male
  • No support PMs thanks
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #3 on: July 20, 2012, 12:40:18 PM »
The cumulative total also comes into it max 192KB - If they won't go collectively try individual.

If that is still a problem, you can use a file sharing site such as Mediafire.com - Upload to http://www.mediafire.com/ and post the sharing link.
Core2Duo E8300/ 4GB Ram/ WinXP ProSP3/ avast! free 2014 9.0.2018/ Outpost Firewall Pro9.1/ Firefox 28.0, NoScript, RequestPolicy/ MailWasher Pro/ DropMyRights/ MalwareBytes AntiMalware Premium 2.0.1/ WinPatrol+/ Drive Image 7.1/ SnagIt 10.0/ avast! mobile security

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #4 on: July 21, 2012, 04:23:59 AM »
Extra :

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #5 on: July 21, 2012, 04:25:54 AM »
OTL:

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #6 on: July 21, 2012, 04:27:35 AM »
Funny, I did the same thing as last night and it worked fine this time.

What other data do you need? This is all confusing to me as I'm no computer wiz lol.

Cheers

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #7 on: July 21, 2012, 04:40:17 AM »
aswMBR:

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21701
  • Gender: Male
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #8 on: July 21, 2012, 05:04:26 AM »
it seems you have avast and Symantec/Norton installed

never install multiple AV as this can give all kind of mysterious windows errors and false positive detections
you
so you have to remove one

run and reboot - Uninstallers – Security Software  http://singularlabs.com/uninstallers/security-software/
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #9 on: July 21, 2012, 05:30:24 AM »
Cool as! I have attempted to remove Norton before with no joy. That tool done the job!

Cheers!

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #10 on: July 21, 2012, 05:32:33 AM »
Just ran Avast and it appears the Infected file is still their!

Any suggestions?

Offline Pondus

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 21701
  • Gender: Male
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #11 on: July 21, 2012, 06:02:31 AM »
Just ran Avast and it appears the Infected file is still their!

Any suggestions?
malware removers are notified......may take several hours before one arrive, so be patient
Chief Wiggum: Uh, no, you got the wrong number. This is 9-1…2.


Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #12 on: July 21, 2012, 10:22:08 AM »
No worries mate  :)

Offline skipai

  • Newbie
  • *
  • Posts: 11
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #13 on: July 22, 2012, 05:10:12 AM »
Bump  :-\

Offline essexboy

  • avast! Überevangelist
  • Maybe Bot
  • *****
  • Posts: 28987
  • Gender: Male
  • Dragons by Sasha
    • Malware fixes
    • Personal Message (Offline)
Re: SVC: swcustcfg > ???
« Reply #14 on: July 22, 2012, 10:41:44 AM »
Hi that file is related to ZeroCD Sierra Wireless and I have come across this before, it is a false positive. 

What it is, is that the registry data give a null value and that raises a red flag to Avast

If it is coming up on the rootkit scan then set it to ignore

The logs look clean

 

Google Chrome

AVAST recommends using the FREE Google Chrome™ browser.

Download Google Chrome Now