Jump to content

Accountant's Computer

BryanO
 Share

Recommended Posts

BryanO

BryanO

Posted
  • Author
Posted

Well,I don't know how long this has been on the systems,so for all I know the other two have been infected already.Malwayre bytes didn't find the same set of results on the other two computers though,if I remember right,so hopefully that's okay.

I've updated their AVG,and told them to regularly change their passwords.So,I'll see what happens on Friday now.

Link to post
Share on other sites
BryanO

BryanO

Posted
  • Author
Posted

--------------------------------------------------------------------------------

KASPERSKY ONLINE SCANNER 7.0: scan report

Friday, July 23, 2010

Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600)

Kaspersky Online Scanner version: 7.0.26.13

Last database update: Friday, July 23, 2010 05:03:30

Records in database: 4229778

--------------------------------------------------------------------------------

Scan settings:

scan using the following database: extended

Scan archives: yes

Scan e-mail databases: yes

Scan area - My Computer:

A:\

C:\

D:\

Scan statistics:

Objects scanned: 110604

Threats found: 1

Infected objects found: 4

Suspicious objects found: 0

Scan duration: 03:38:40

File name / Threat / Threats count

C:\System Volume Information\_restore{E3999490-0950-4EDB-A452-A06C672D2567}\RP382\A0124699.exe Infected: Packed.Win32.Krap.hc 1

C:\System Volume Information\_restore{E3999490-0950-4EDB-A452-A06C672D2567}\RP382\A0124703.exe Infected: Packed.Win32.Krap.hc 1

C:\System Volume Information\_restore{E3999490-0950-4EDB-A452-A06C672D2567}\RP382\A0124708.exe Infected: Packed.Win32.Krap.hc 1

C:\System Volume Information\_restore{E3999490-0950-4EDB-A452-A06C672D2567}\RP382\A0124712.exe Infected: Packed.Win32.Krap.hc 1

Selected area has been scanned.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Great, those are all just in the Restore section of the system. The removal of Combofix will clean that out as well.

We should be done here. Some final housekeeping instructions, and protection information for you.

Your logs appear clean.You should be good to go. We still have a few items to address.

Disable your AntiVirus temporarily so that it does not block removal of Combofix.

Press the Windows key + R -> in the Run box which opens -> copy/paste in the following single line command & click OK

ComboFix /Uninstall

combofix_run_uninstall.png

This will uninstall ComboFix. It will also implement some cleanup procedures.

Re-enable your AntiVirus now.

Delete any remaining tools we've used (DDS and GMER) and logs from them.

Empty your Recycle Bin.

============================================

I'll close your post soon so that other don't post into it and leave you with this information and suggestions.

So how did I get infected in the first place?

Link to post
Share on other sites
  • 2 weeks later...
  • Staff
screen317

screen317

Posted
  • Staff
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.