Jump to content

Don't know if Infected or Not/Can't tell if Legitimate file


Recommended Posts

Hello MBAM forums!

 

Today (A little over an hour ago, 3:00 PM EST), I came back from doing some work outside, and when my computer screensaver goes away, theres a message from my firewall (PC Tools Firewall), saying that Adobe Flash Player Installer/Uninstaller 14.0 r0 wants to access the internet. Having not done anything like this before, I click "details". Seemed legitimate enough. After clicking "Accept", I googled it. Apparently someone on bleepingcomputer downloaded it the same way, firewall asked and then accept, and later on he got a Trojan, Zeroacess.exe. I decided to run a few scans, a MBAM full scan, and an Avast! scan on the specific files. Nothing came up, and the full scan is still running. However, the person said that even though they ran scans, they didn't get anything detected initially. How do I know if its infected or not?

Any help would be appreciated.  :)

Link to post
Share on other sites

  • Root Admin

Would be better if you have a screen shot of the message but in either case if you still have the actual file you can upload it to http://www.virustotal.com and they can scan it for you and let you know.

 

 

Here is the type of scan you should be running with MBAM to check.

 

Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 

 

Link to post
Share on other sites

Would be better if you have a screen shot of the message but in either case if you still have the actual file you can upload it to http://www.virustotal.com and they can scan it for you and let you know.

 

 

Here is the type of scan you should be running with MBAM to check.

 

Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link

Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.

Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found

Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.

 

Thanks!

I checked all 3 files that were modified today, and all except Flashplayerinstaller.exe was clean, with 1/54. Don't know if that helps anything.

Here's a screenshot of the thing the Firewall asked (Not question, but something close, I hope).

post-147762-0-90638400-1404946199_thumb.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.