Jump to content

taffy1967

Members
  • Posts

    7
  • Joined

  • Last visited

Everything posted by taffy1967

  1. Thanks for all your help Borislav it's much appreciated, you've been a great help and saved me from having to format my computer. Hopefully I won't have any more problems now.
  2. Fine I think thanks, although I wasn't really aware of any problems other than the virus that Malwarebytes scan registered but was unable to remove. So does that mean my system is clean again? If so and going by the rumours I've heard about this Worm (Waldac), should I change all my saved passwords to be on the safe side?
  3. Thanks again Borislav and here's my report: - Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 4001 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 17/04/2010 15:40:47 mbam-log-2010-04-17 (15-40-47).txt Scan type: Quick scan Objects scanned: 124630 Time elapsed: 4 minute(s), 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) I also did a full scan just in case and that appears to be clear too: - Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 4002 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 17/04/2010 18:35:04 mbam-log-2010-04-17 (18-35-04).txt Scan type: Full scan (C:\|D:\|E:\|F:\|) Objects scanned: 227982 Time elapsed: 1 hour(s), 5 minute(s), 7 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  4. Here's my contents of Combofix.txt Borislav: - ComboFix 10-04-15.05 - Turner Family 17/04/2010 9:51.1.2 - x86 Microsoft
  5. Thanks for the reply Borislav and I downloaded JavaRa and followed your guide, so I imagine all traces of Java have now been removed. I wasn't able to find the JavaRa log file though. I'm sure it said it saved one though, but as much as I've tried I can't locate it. I also didn't realise I should have enabled hidden files to be viewed so I could then access the application data. Because 'documents and settings' didn't show up on my 'C' drive. I also downloaded 'ComboFix' and followed your guide. I use 'AVG 9' and as I was unable to stop the real time scan, I decided to un-install it until I was able to use ComboFix. I've still not ran a Combofix scan yet because it keeps warning me that a real time scan is being carried out by 'Spybot Search & Destroy' and it tells me to continue if I wish even though it could be harmful to do so. But I don't have Spybot Search & Destroy installed on my computer any more and I can't find any trace of it myself. So will it be safe to run a scan with ComboFix? Or is there something else I should be doing? Thanks again for your assistance.
  6. Hello Borislav thanks for the advice and here is my Malwarebytes Anti-Malware quick scan report (please note it doesn't find the Worm.Waledac via a quick scan though, only a full scan which I posted earlier): - Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 3993 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 15/04/2010 23:42:05 mbam-log-2010-04-15 (23-42-05).txt Scan type: Quick scan Objects scanned: 122738 Time elapsed: 5 minute(s), 31 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) My DDS.txt: - DDS (Ver_10-03-17.01) - NTFSx86 Run by Turner Family at 23:53:48.79 on 15/04/2010 Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_19 Microsoft
  7. Hello everyone and although I've been using the wonder that is 'Malwarebytes Anti-Malware' for quite some time, I only joined this forum today. The reason being is due to the fact that I ran a full Malwarebytes Anti-Malware scan today and it picked up a worm virus that just won't go away. (I do hope I'm posting in the right section, if not I'm sure you'll move me to the appropriate place.) I've deactivated system restore and tried running a full system scan three times, but the virus remains. It shows up as: - Malwarebytes' Anti-Malware 1.45 www.malwarebytes.org Database version: 3985 Windows 6.0.6002 Service Pack 2 Internet Explorer 8.0.6001.18904 13/04/2010 23:29:45 mbam-log-2010-04-13 (23-29-45).txt Scan type: Full scan (C:\|D:\|E:\|F:\|) Objects scanned: 48174 Time elapsed: 19 minute(s), 59 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 1 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\tmp.edb (Worm.Waledac) -> Delete on reboot. And going by a few threads I take it the 'Waledac' botnet is well known? http://forums.malwarebytes.org/index.php?s...&hl=Waledac http://forums.malwarebytes.org/index.php?s...&hl=Waledac I'm still not sure how I got infected (I was clean a few days ago), I only use Yahoo Mail and I don't open attachments from anyone I don't know and I've not opened any for ages. So could I have picked this up from a website? Oh and when I've hit the delete button on Malwarebytes, apart from requesting a reboot it also states that it couldn't remove all the files. My HijackThis report appears to be in order though. Apart from that I'd appreciate any advice on how to get it kicked off my computer once and for all.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.