gmccguy Posted September 4, 2012 ID:593308 Share Posted September 4, 2012 i suspected my computer had been compromised and disconnected internet asap until virus and malware programs could be installed. the malware scan came up with the following logMalwarebytes Anti-Malware 1.62.0.1300www.malwarebytes.orgDatabase version: v2012.09.03.01Windows 7 Service Pack 1 x64 NTFSInternet Explorer 9.0.8112.16421Graham :: HP-DESKTOP [administrator]02/09/2012 7:40:00 PMmbam-log-2012-09-02 (19-40-00).txtScan type: Quick scanScan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUMScan options disabled: P2PObjects scanned: 198686Time elapsed: 6 minute(s), 1 second(s)Memory Processes Detected: 0(No malicious items detected)Memory Modules Detected: 0(No malicious items detected)Registry Keys Detected: 0(No malicious items detected)Registry Values Detected: 0(No malicious items detected)Registry Data Items Detected: 0(No malicious items detected)Folders Detected: 1C:\Users\Graham\AppData\Roaming\dclogs (Stolen.Data) -> Quarantined and deleted successfully.Files Detected: 1C:\Users\Graham\AppData\Roaming\dclogs\2012-09-02-1.dc (Stolen.Data) -> Quarantined and deleted successfully.(end)have i anything further to worry about... i changed passwords on banking, email, social networks... is there anything else recommended? Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 4, 2012 ID:593413 Share Posted September 4, 2012 Hello gmccguy and welcome to MalwareBytes forums.Step 11. Go >> Here << and download ERUNT (ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)2. Install ERUNT by following the prompts (use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)3. Start ERUNT (either by double clicking on the desktop icon or choosing to start the program at the end of the setup)4. Choose a location for the backup (the default location is C:\WINDOWS\ERDNT which is acceptable).5. Make sure that at least the first two check boxes are ticked 6. Press OK7. Press YES to create the folder.Step 2To show all files:Go to your DesktopDouble-Click the Computer icon. From the menu options, Select Tools, then Folder Options. Next click the View tab. Locate and uncheck Hide file extensions for known file types. Locate and uncheck Hide protected operating system files (Recommended). Locate and click Show hidden files and folders and drives. Click Apply > OK. Step 3You will want to print out or copy these instructions to Notepad for offline reference!Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our toolsFor directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware ProgramsDo NOT turn off the firewallClose all open browsers at this point.Start Internet Explorer (fresh) by pressing Start >> Internet Explorer >> Right-Click and select Run As Administrator.Using Internet Explorer browser only, go to ESET Online Scanner website:http://www.eset.com/onlinescan/Accept the Terms of Use and press Start button;Approve the install of the required ActiveX Control, then follow on-screen instructions;Enable (check) the Remove found threats option, and run the scan.After the scan completes, the Details tab in the Results window will display what was found and removed. A logfile is created and located at C:\Program Files (x86)\Eset\EsetOnlineScanner\log.txt. Look at contents of this file using Notepad.The Frequently Asked Questions for ESET Online Scanner can be viewed herehttp://go.eset.com/us/online-scanner/faqIt is emphasized to temporarily disable any pc-resident {active} antivirus program prior to any on-line scan by any on-line scanner. (And the prompt re-enabling when finished.) If you use Firefox, you have to install IETab, an add-on. This is to enable ActiveX support.Do not use the system while the scan is running. Once the full scan is underway, go take a long break Reply with copy of the Eset scan logStep 4Download, & save & then run the MS Safety scannerhttp://www.microsoft.com/security/scanner/en-us/default.aspxLet me know the result.Re-enable your antivirus program.Step 5Download Security Check by screen317 from here.Save it to your Desktop.Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.A Notepad document should open automatically called checkup.txt; please post the contents of that document. Link to post Share on other sites More sharing options...
gmccguy Posted September 4, 2012 Author ID:593516 Share Posted September 4, 2012 will do this when i get home this evening... will post results as soon as i can Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 5, 2012 ID:593744 Share Posted September 5, 2012 How's it going ? Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 9, 2012 ID:595215 Share Posted September 9, 2012 This thread will be closed if I do not hear back from you before end-of-day 9 SEPT Link to post Share on other sites More sharing options...
Maurice Naggar Posted September 10, 2012 ID:595428 Share Posted September 10, 2012 Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread. Other members who need assistance please start your own topic in a new thread. Thanks! Link to post Share on other sites More sharing options...
Recommended Posts