Jump to content

Should I be concerned?

Draz

By Draz
in Resolved Malware Removal Logs

 Share

Recommended Posts

Draz

Draz

Posted
Posted

Hello,

Recently, my sister has had some of her information hacked. Mainly her Paypal and credit card number have been used. She is not sure how this happened as she uses a few computers to do online shopping. I currently have her laptop and have ran some full system scans with Malwarebytes as well as Microsoft Security Essentials. Everything has come up clean the past few scans until today I decided to do another full scan with Malwarebytes and it found a few infections in the Ikernel.exe showing as Trojan.Vilsel. I just googled this and apparently it was a false positive?

http://forums.malwarebytes.org/index.php?showtopic=124122

I was feeling pretty confident about the laptop being clean, but now I'm just not sure. I went ahead and updated Malwarebytes one again and I'm currently doing a full system scan.

I would appreciate it if someone could help me.

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Hy there.

Would be so kind to post the most recent MBAM Logfile where I can see what has been detected ?

Launch Malwarebytes --> Logs --> click on the last Logfile. A notepad Window will appear. Copy/Paste its content here in your topic.

Link to post
Share on other sites
Draz

Draz

Posted
  • Author
Posted

Hey Larusso,

Thanks for the quick reply. I updated Malwarebytes and started a full scan and again these were detected.

Malwarebytes Anti-Malware 1.70.0.1100

www.malwarebytes.org

Database version: v2013.03.21.14

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 9.0.8112.16421

PC :: PC-VAIO [administrator]

3/21/2013 2:14:51 PM

MBAM-log-2013-03-21 (14-32-15).txt

Scan type: Full scan (C:\|E:\|F:\|G:\|)

Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P

Scan options disabled:

Objects scanned: 61033

Time elapsed: 17 minute(s), 4 second(s) [aborted]

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 1

HKCR\TypeLib\{91814EB1-B5F0-11D2-80B9-00104B1F6CEA} (Trojan.Vilsel) -> No action taken.

Registry Values Detected: 1

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\PROGRAM FILES (X86)\COMMON FILES\INSTALLSHIELD\ENGINE\6\INTEL 32\IKERNEL.EXE (Trojan.Vilsel) -> Data: 1 -> No action taken.

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 1

C:\Program Files (x86)\Common Files\InstallShield\Engine\6\Intel 32\IKernel.exe (Trojan.Vilsel) -> No action taken.

(end)

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Go here to run an online scannner from ESET. Windows Vista/Windows 7 users will need to right click on their Internet Explorer shortcut, and select Run as Administrator

  • Note: For browsers other than Internet Explorer, you will be prompted to download and install esetsmartinstaller_enu.exe. Click on the link and save the file to a convenient location. Double click on it to install and a new window will open. Follow the prompts.
  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked and the Scan Archives option is ticked.
  • Click on Advanced Settings, ensure the options Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
  • Click Scan
  • Wait for the scan to finish
  • When the scan is done, if it shows a screen that says "Threats found!", then click "List of found threats", and then click "Export to text file..."
  • Save that text file on your desktop. Copy and paste the contents of that log as a reply to this topic.
  • Close the ESET online scan, and let me know how things are now.

Link to post
Share on other sites
Draz

Draz

Posted
  • Author
Posted

I updated Malwarebytes and Microsoft Security Essentials and then ran full system scans in safe mode with both, no threats found.

So this laptop is fine to continue using for online banking and shopping, correct? Also I had one question for you, is it possible for an infected computer to infect another computer on the same router? No network is setup just both using the same router.

Thanks,

Draz

Link to post
Share on other sites
Larusso

Larusso

Posted
Posted

Yes, it is safe but in all honest, I am not a friend of online banking. Looking what's going on is okay but paying bills and so on I prefer to this in the real life at the bank. As soon as the PC is connected to the internet, you can never be sure that it is safe :)

I do know some kind of infections who will manipulate the router so it is possible that this will infect another router, but it depends on different factors. Network technic is not my "area".

Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.