GeekPolice Tech TutorialsLog in

 

Unknown virus/malware

Share

descriptionSolvedRe: Unknown virus/malware

more_horiz
Hi Dave, here is the Security Check log:

Results of screen317's Security Check version 1.009
x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
Windows Defender
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Ad-Aware
Spybot - Search & Destroy
Java 8 Update 45
Java version 32-bit out of Date!
Adobe Flash Player 20.0.0.286
Google Chrome (48.0.2564.103)
Google Chrome (48.0.2564.109)
````````Process Check: objlist.exe by Laurent````````
Windows Defender MSMpEng.exe
Ad-Aware AAWService.exe is disabled!
Ad-Aware AAWTray.exe is disabled!
Spybot Teatimer.exe is disabled!
Malwarebytes Anti-Exploit mbae-svc.exe
Malwarebytes Anti-Exploit mbae64.exe
Malwarebytes Anti-Exploit mbae.exe
iolo Common Lib ioloServiceManager.exe
iolo System Mechanic iologovernor64.exe
iolo System Mechanic LiveBoost.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: %
````````````````````End of Log``````````````````````

Uninstalling ZoneAlarm seems to have done the trick - the AntiKeylogger processes have stopped appearing, and I've been able to turn on and update Windows Defender (in your opinion, is WD adequate for protection? I've been using ZoneAlarm Extreme Security for years, because I was under the impression that WD was a bit crap).

Cheers,
Gav

descriptionSolvedRe: Unknown virus/malware

more_horiz
in your opinion, is WD adequate for protection? I've been using ZoneAlarm Extreme Security for years, because I was under the impression that WD was a bit crap

WD and Windows Security Essentials are as good as any other AV IMO. Most of the crap going around these days zip right by whatever AV you have installed. That's why I always urge users to use a layered approach to security with MBAM.
Let's clean up.


Click Start> Computer> right click the C Drive and choose Properties> enter
Click Disk Cleanup from there.



Click OK on the Disk Cleanup Screen.
Click Yes on the Confirmation screen.



This runs the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
***************************************
This step will remove all cleaning tools we used, it'll reset restore points (so you won't get reinfected by accidentally using some older restore point) and it'll make some other minor adjustments...
This is a very crucial step so make sure you don't skip it.
Download DelFix by Xplode to your desktop. Delfix will delete all the used tools and logfiles.

Double-click Delfix.exe to start the tool.
Make sure the following items are checked:

  • Activate UAC (optional; some users prefer to keep it off)
  • Remove disinfection tools
  • Create Registry backup
  • Purge System Restore Points
  • Re-set system settings

Now click "Run" and wait patiently.
Once finished a logfile will be created. You don't have to attach it to your next reply.
********************************************
I suggest using WOT - Web of Trust . WOT is a free Internet security addon for your browser. It will keep you safe from online scams, identity theft, spyware, spam, viruses and unreliable shopping sites. WOT warns you before you interact with a risky website. It's easy and it's free.

Check out Keeping Yourself Safe On The Web for tips and free tools to help keep you safe in the future.

Also see Slow Computer? It may not be Malware for free cleaning/maintenance tools to help keep your computer running smoothly.
Safe Surfing!

descriptionSolvedRe: Unknown virus/malware

more_horiz
That's all done, and I've installed WOT too; thanks so much for your help Dave. Were you able to identify what I was infected by in the end?

Given the dire warnings in your initial post, here's the $64,000 question: in your expert opinion, do you think my computer is now 'safe'? Can I use this machine as I always did, or should I be a bit more careful and no longer use it for, say, banking or online purchases? Or should I go even further and permanently disconnect it from the 'net? What would you do in my position?

I'm planning to build a new computer later this year, and would like to copy across a number of files from this one. If there's a possibility that the trojan had some backdoor functionality and this computer is permanently untrustworthy, can this be done safely? Obviously the last thing I'll want is for something nasty to hitch a ride over to my beautiful new machine! Would appreciate any advice.

Cheers mate, you're a legend!
Gav

descriptionSolvedRe: Unknown virus/malware

more_horiz
Given the dire warnings in your initial post, here's the $64,000 question: in your expert opinion, do you think my computer is now 'safe'? Can I use this machine as I always did, or should I be a bit more careful and no longer use it for, say, banking or online purchases? Or should I go even further and permanently disconnect it from the 'net? What would you do in my position?

I'm planning to build a new computer later this year, and would like to copy across a number of files from this one. If there's a possibility that the trojan had some backdoor functionality and this computer is permanently untrustworthy, can this be done safely? Obviously the last thing I'll want is for something nasty to hitch a ride over to my beautiful new machine! Would appreciate any advice.


There was nothing unusual that showed up in the scans but, given the fact that the hacker has access to the computer, the only way the computer can be trusted again is to do a reformat and re-install the OS. I have no idea what he may have done to it. I'm quite sure that the files you wish to save and transfer to the new computer are safe but do a scan with your AV before putting them on the new computer.

descriptionSolvedRe: Unknown virus/malware

more_horiz
@ghendo Do you want this marked as solved? Need anymore help?

descriptionSolvedRe: Unknown virus/malware

more_horiz
Yes, sorry, it can be marked as solved now - since Dave's awesome help I've had no more problems. Thanks very much once again!

descriptionSolvedRe: Unknown virus/malware

more_horiz
Excellent, I'm glad the Captain was able to help.

=>SOLVED&LOCKED

If you feel you want to contribute or give feedback at any time, see this page .
Permissions in this forum:
You cannot reply to topics in this forum