big14 Posted January 6, 2010 ID:180555 Share Posted January 6, 2010 okay so i was browsin the net with a non up to date java with firefox (doh!)http://www.malwarebytes.org/forums/index.php?showtopic=35537 according to my primary AV - nod32 2.7 - It said the following :Win32/Kryptik.BQD trojan and it came from the same location as the one posted in the above link. I clicked terminate but somestuff i guess got through and I was getting false security pop ups every 1 minute or so. So i did a quick scan with SAS - it removed 5 things (some stuff out memory/1 reg entry). Then after a restart I followed up with malwarebytes - and it found 2 things that were kinda freaky: Malwarebytes' Anti-Malware 1.43Database version: 3499Windows 6.0.6000Internet Explorer 8.0.6001.188651/5/2010 11:41:51 PMmbam-log-2010-01-05 (23-41-51).txtScan type: Quick ScanObjects scanned: 96837Time elapsed: 4 minute(s), 28 second(s)Memory Processes Infected: 0Memory Modules Infected: 0Registry Keys Infected: 0Registry Values Infected: 0Registry Data Items Infected: 0Folders Infected: 0Files Infected: 2Memory Processes Infected:(No malicious items detected)Memory Modules Infected:(No malicious items detected)Registry Keys Infected:(No malicious items detected)Registry Values Infected:(No malicious items detected)Registry Data Items Infected:(No malicious items detected)Folders Infected:(No malicious items detected)Files Infected:C:\Users\User\AppData\Local\Temp\H8SRT3ff2.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.C:\Users\User\AppData\Local\Temp\H8SRT629e.tmp (Rootkit.TDSS) -> Quarantined and deleted successfully.following the removal of these I restarted scanned again and everything came up clear in those apps. So far so good, no pop ups or nothing. However, Im still quite concerned as it distinguished rootkits tdss and it may be hiding inside the system am I right? Is there any other things I can do to confirm the malwares are gone? And that my information will be safe =) Is there a way to scan for rootkits? As you can see im kind of lost from here on - If someone can sort of guide me in the right direction it would be highly appreciated. Link to post Share on other sites More sharing options...
big14 Posted January 6, 2010 Author ID:180695 Share Posted January 6, 2010 Here is my DDS log.DDS (Ver_09-12-01.01) - NTFSx86 Run by User at 8:28:08.19 on Wed 01/06/2010Internet Explorer: 8.0.6001.18865 BrowserJavaVersion: 1.6.0_17MicrosoftAttach.txt Link to post Share on other sites More sharing options...
big14 Posted January 6, 2010 Author ID:180847 Share Posted January 6, 2010 bump...I tried using gmet but it keeps crashing my computer mid way through scans so I dont think that it is a viable solution. Link to post Share on other sites More sharing options...
Recommended Posts