Jump to content

fm88

Members
 View Profile  See their activity

  • Posts

    6

  • Joined

  • Last visited

Reputation

0 Neutral
  1. fm88
    Hi, I had some trouble with a zeroaccess backdoor trojan and after getting some help from MrC decided that it would be best to format my harddrive etc. http://forums.malwarebytes.org/index.php?showtopic=125361&hl=&fromsearch=1 As I'm a computer novice I gave the pc to my friend who restored it to factory settings using the D:\ recovery drive. What I'm wanting to check is whether the computer is completely clean and safe to connect to the internet etc as wanting to use it again for online banking/shopping and as my main pc and have read online that format/restoring might not get rid of infection? Attached are the DDS logs and a log from full scan of MBAM free edition which showed no threats. Just wanting to make extra sure it's safe so don't have to phone the bank at 1am again and cancel my cards and online accounts like the last time! Any help would be greatly appreciated! Fraser Attach.txt DDS.txt mbam-log-2013-05-18 (14-59-00).txt
  2. fm88
    Hi, Was looking for some advice to help me remove a zeroaccess backdoor virus. Started a thread last month which MrC helped me with and I chose to take the reformat option to remove the virus. http://forums.malwarebytes.org/index.php?showtopic=125361&hl=&fromsearch=1 I am, however, an amateur at these sorts of things. Currently running Vista Home Premium edition on an HP desktop. I thought I would be able to format the C drive and reinstall vista but it seems that it didn't come with any installation disks. My dad did create some recovery disks however so I'm wondering what my options are? There is also a D:\ recovery drive, but not sure if the infection could be in that? So wondering how to format and get vista back on the pc whilst making sure the virus has been removed as have read that formatting might not always remove it and I wouldn't be able to tell either way! Any help would be greatly appreciated! Thanks, Fraser
  3. fm88
    OK I think I will take that option then, just to be on the safe side for the future. Thank you very much for your help and speedy replies, it is very much appreciated!! Thanks again1 Best wishes, Fraser
  4. fm88
    Hi MrC, obviously this is bad news! I've disconnected infected computer and am on a clean computer and have just been changing passwords/phoning bank etc. I'm wondering if I go down the format route am I able to remove music/photos/videos from the infected computer offline to an external harddrive or are they compromised? If I move everything I want to keep to one folder can I scan it with MBAM to check if it is safe, then move to external harddrive and format/reinstall infected pc? Or might there be hidden malware etc? If I can do this I will probably go for that option just to be on the safe side in the future! Thanks a lot, Fraser
  5. fm88
    Thanks for the speedy reply MrC! Have run RogueKiller and here is the report. Fraser RKreport1_S_04202013_02d0043.txt
  6. fm88
    HI, I believe I have some malware that I cannot remove and would appreciate some help. I have run MBAM and it found a number of threats, seemingly resolved some and told me to reboot to resolve the rest. However when running a full scan after reboot there were more threats shown including the one that was supposed to have been deleted (C:\$Recycle BIn...). From searching the forums it seems like others with a similar problem have needed to be talked through fixing it and I will be the same. Any help will be greatly appreciated! I will attach the initial MBAM log file as well as the one after reboot and the DDS and Attach files. Thanks, Fraser First MBAM scan Malwarebytes Anti-Malware 1.70.0.1100 www.malwarebytes.org Database version: v2012.12.14.11 Windows Vista Service Pack 2 x86 NTFS (Safe Mode) Internet Explorer 9.0.8112.16421 Fraser :: DOUGLAS-PC [administrator] 19/04/2013 21:18:35 mbam-log-2013-04-19 (21-18-35).txt Scan type: Quick scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 238157 Time elapsed: 5 minute(s), 50 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 4 HKCR\CLSID\{FBEB8A05-BEEE-4442-804E-409D6C4515E9}\InProcServer32| (Trojan.0Access) -> Bad: (C:\$Recycle.Bin\S-1-5-21-3074228592-795862466-625756439-1002\$d26638e23478b50239d4b3e8e95bca87\n.) Good: (shell32.dll) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|FirewallDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. HKLM\SOFTWARE\Microsoft\Security Center|UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and repaired successfully. Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\$Recycle.Bin\S-1-5-21-3074228592-795862466-625756439-1002\$d26638e23478b50239d4b3e8e95bca87\n (Trojan.0Access) -> Delete on reboot. (end) ----------------------------------------------------------------------- Second MBAM scan after reboot Malwarebytes Anti-Malware 1.75.0.1300 www.malwarebytes.org Database version: v2013.04.19.08 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Fraser :: DOUGLAS-PC [administrator] 19/04/2013 21:57:15 MBAM-log-2013-04-20 (00-05-46).txt Scan type: Full scan (C:\|D:\|E:\|F:\|G:\|H:\|I:\|J:\|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 493743 Time elapsed: 1 hour(s), 59 minute(s), 19 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 3 C:\$Recycle.Bin\S-1-5-21-3074228592-795862466-625756439-1002\$d26638e23478b50239d4b3e8e95bca87\U\00000001.@ (Trojan.0Access) -> No action taken. C:\$Recycle.Bin\S-1-5-21-3074228592-795862466-625756439-1002\$d26638e23478b50239d4b3e8e95bca87\U\80000000.@ (Trojan.0Access) -> No action taken. C:\$Recycle.Bin\S-1-5-21-3074228592-795862466-625756439-1002\$d26638e23478b50239d4b3e8e95bca87\U\800000cb.@ (Trojan.0Access) -> No action taken. (end) -------------------------------------------------- attach.txt dds.txt
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.