Avast community forum
Home
Help
Search
Login
Register
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Infection:Filerepmalware
« previous
next »
Print
Pages:
1
[
2
]
3
4
...
7
Go Down
Author
Topic: Infection:Filerepmalware (Read 29543 times)
0 Members and 1 Guest are viewing this topic.
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #15 on:
November 12, 2014, 06:25:40 PM »
Ok, so I message back in 2 hours and say if a alert has come.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: Infection:Filerepmalware
«
Reply #16 on:
November 12, 2014, 06:26:06 PM »
Sure
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #17 on:
November 12, 2014, 06:31:30 PM »
May I ask why exactly you scheduled those files for deletion?
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: Infection:Filerepmalware
«
Reply #18 on:
November 12, 2014, 06:33:52 PM »
They were run once files that pointed to a temp folder using a system programme. Run once are just that they should not be there after a reboot. Plus they use run32 which operates under svchost
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #19 on:
November 12, 2014, 06:46:53 PM »
Ah, theres a program in my Taskmgr named: Setupafterrebootservice.exe Which is coming under Realtek audio.
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #20 on:
November 12, 2014, 06:54:09 PM »
Also, were those files deleted malicious?
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: Infection:Filerepmalware
«
Reply #21 on:
November 12, 2014, 07:20:34 PM »
Realtek is safe and as for the files they may have been downloaders but they were blocked and now dead
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #22 on:
November 12, 2014, 07:29:41 PM »
Thank you, no more alerts now.
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #23 on:
November 12, 2014, 07:42:34 PM »
Came up again, it's every installer. Rundll32.exe this time.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: Infection:Filerepmalware
«
Reply #24 on:
November 12, 2014, 07:48:15 PM »
OK could you run combofix please and I will look for hidden drivers
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #25 on:
November 12, 2014, 07:58:31 PM »
It say's that it won't run with my operating system version.
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #26 on:
November 12, 2014, 08:16:27 PM »
It's now reporting URL:MAL and Firefox is opening random sites, I do not need my firefox opening up random dating sites.
Logged
essexboy
Malware removal instructor
Avast Überevangelist
Probably Bot
Posts: 40589
Dragons by Sasha
Re: Infection:Filerepmalware
«
Reply #27 on:
November 12, 2014, 08:54:33 PM »
You are on windows 7 aren't you ?
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #28 on:
November 12, 2014, 09:09:59 PM »
I know you won't like this, so I don't need to be scolded about it; but it's the technical preview.
Logged
REDACTED
Guest
Re: Infection:Filerepmalware
«
Reply #29 on:
November 12, 2014, 09:12:04 PM »
This report is more interesting, it was the same; svchost.exe but it displayed its PID.
Logged
Print
Pages:
1
[
2
]
3
4
...
7
Go Up
« previous
next »
Avast WEBforum
»
Other
»
Viruses and worms
(Moderators:
Maxx_original
,
misak
) »
Infection:Filerepmalware
