Jump to content

Recommended Posts

Hello everyone,

Today I performed a full system scan with MBAM which detected the infected registry key: HKCU\Software\VB and VBA Program Settings\SrvID (Malware.Trace). It was quarantied, and I permanently deleted it and disconnected the infected PC from the network.

After Searching I found some topics about it claiming it keeps appearing in scans, like this one: http://forums.malwarebytes.org/index.php?showtopic=124721&st=0. So I rebooted into Safe Mode and fully re-scanned my system with MBAM, found nothing and the registry key was nowhere to be found when I searched for it manually. Then I restarted the PC normally and re-connected it to the network, and when I looked for the registry key again it was there. So again, I disconnected and fully scanned, but MBAM found no infected objects, which made me worry - how was it so easily removed from my PC while others struggle to remove it, and while the registry key still exists?

Just to mention, maybe it indicates something: the computer was connected to the internet only during the first scan when I first found the malicious registry key. During the other 2 scans that came after it was disconnected, but between those two it was connected for some time, and though I doubt it I think it may be the reason for the reappearing of the registry key and the fact it was not detected on the next scans.

There were no other infected objects MBAM detected, and there is no "Socks" folder in AppData\Roaming that contains data collected by a keylogger as described in the topic from the link above.

I seriously consider formatting and re-installing Windows, I easily get anxious from such things and I think the computer might still be infected in some ways.

Thank you very much, I'll appreciate any help or suggestion!

Link to post
Share on other sites

Hi there,

my name is Marius and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

Let´s see what happened here:

You told us that you removed several items with Malwarebytes´ Antimalware. This tool creates a log on every run and we need to see them.

  • The logs can be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Zip any and all of these logs and attach the file to your next reply.

Link to post
Share on other sites

Well I Just reinstalled Windows... Was about to post it now. Maybe not the smartest thing to do but I feel calm with it.

Anyway, thank you very much for your help. I just want to say that I've never seen such forum, so many active and helping experts (and I mean trusted advisors, moderators and administrators too), and such a high success rate. Big advantage for Malwarebytes here besides its program effectiveness.

Still, I would be very happy to get some advices about prevention and detection as you mentioned.

Thanks again.

Link to post
Share on other sites

Reading Material

How to protect yourself

  • System Updates
    Beeing up to date is very important. Please be sure to activate automatic updates in your control panel.
    Windows XP | Windows Vista |
    Windows 7 | windows 8
  • Protection
    What you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.
    Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software.
  • Up to date Software
    Stay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check:

    [*] Backups

    There are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice.

    [*] Brains

    It's no joke! You really need one of those things. :) It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want.

Link to post
Share on other sites

Reading Material

How to protect yourself

  • System Updates
    Beeing up to date is very important. Please be sure to activate automatic updates in your control panel.
    Windows XP | Windows Vista |
    Windows 7 | windows 8
  • Protection
    What you need is one (not more) good virus scanner with backgroud protection. Additionally I recommend a special malwarescanner that you run from time to time.
    Personally I am using the avast! Antivirus Free Edition and Malwarebytes Anti-Malware. They offer you good protection for free use. But please remember: You get only the full protection if you use the payed versions of your security software.
  • Up to date Software
    Stay up to date with all the programs you use. Some of those really have to have an eye on are: your browser(s) including add-ons and plug-ins, Java, Flash Player, your virus scanner, and basically every software you use often. These link may help you to check:

    [*]Backups

    There are chances for an emergency every day. So be prepared. Back up your data on a regular basis. If you burn it to DVDs from time to time, use a cloud-drive or a professional network backup system is your choice.

    [*]Brains

    It's no joke! You really need one of those things. :) It is very important not just to click anywhere it is colored or flashing while you surfing on the web. Do not click an OK button on any popping window without reading what it says. While installing software always choose the custom mode, read what those windows says and uncheck adware that will be installed along the software you want.

Helpful tips, Appreciate your help! I'll be even more meticulous from now on about these things. Personally I use Avira Free Antivirus or Kaspersky Internet Security and of course Malwarebytes Anti-Malware.

Thank you very much for your time and help! :)

Link to post
Share on other sites

  • Root Admin

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.