1 reply to this topic

[cad yellow]

Hello,

I noticed a new folder the other day: C:\Qoobox that has a quarantine and Backenv subfolder. I'm concerned that it's malware and would appreciate your help to find out. 

 

Other info in case it's relevant:

• I run Norton 360 and Malewarebytes' Anti-Maleware.  I did a full system scan and Norton didn’t find any threats.
• Autoruns shows a process called catchme that it indicates came from the folder C:\ComboFix\catchme.sys (that no longer exists) and there are catchme folders in the registry.
• MY OS is Windows 7 Pro and all updates have been applied.
• I've been having problems booting lately.  The computer runs fine in Safe Mode. I'd been having alot of problems with member disks dropping out of a RAID array so recently broke the RAID. In the process my user profile got corrupted. The boot issues may be associated with remnants of that issue or hardware problems.
• Norton 360 recently quarantined some Trojans from a few email messages.
• My PC was recently at repair shop. They may have run some virus tests.

Thanks for your help!

[The Dark Knight]

Hello cad yellow.

 

Both those folders are from ComboFix. The Backenv folder is still present because most likely ComboFix was not uninstalled correctly.

 

To uninstall ComboFix:

 

Please click Start>Run and copy/paste the following text, including the space between "ComboFix and "/uninstall", into the Run box and click OK:

ComboFix /uninstall