We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
FAO aliEnRIK. Combofix Log after rootkit cleaned, thankyou for looking.
Comments
-
rockin_plumber wrote: »Maybe I missunderstood that..
Did you want to know what loose files where in the folders along the way??
Only if they were in either of the 'pMjHnAb08514' folders:idea:0 -
-
Only if they were in either of the 'pMjHnAb08514' folders
Just let me clarify this was ok...
When I opened folder 'pMjHnAb08514'
inside there was a file called 'pMjHnAb08514'
Sorry to be a pain
Anyway Ran quick scan of DR WEB all clear and running full scan..
50 minutes in and 82000 objects scanned, this is gonna be a long scan
So far its found 1 object
Object
856c4-184-0.dat
Path
C:\Documents and Settings\All Users\Application Data\Alwil\Avast5\arpot
Status
BackDoor.Tdss.4005
Action
Incurable.Moved.0 -
rockin_plumber wrote: »Just let me clarify this was ok...
When I opened folder 'pMjHnAb08514'
inside there was a file called 'pMjHnAb08514'
Sorry to be a pain
No worries
Open malwarebytes
Goto MORE TOOLS
then RUN TOOL
Use the tool to destroy that pMjHnAb08514 file:idea:0 -
Dr Web is running the scan so that may take all night at this rate :rotfl:
Shall I let it finish before i delete that file0 -
You should be ok to do it as its running:idea:0
-
Ooops
When I plugged in my netbook charger I knocked the bleepin switch and turned off the infected pc :mad::mad::mad:
So starting the scan again
But should I do anything with the object It found that I mentioned above??
Object
856c4-184-0.dat
Path
C:\Documents and Settings\All Users\Application Data\Alwil\Avast5\arpot
Status
BackDoor.Tdss.4005
Action
Incurable.Moved.
its moved it to the DR WEB quarantine folder
and I have deleted that file you mentioned previously with Malwarebytes0 -
Just let dr web run:idea:0
-
Blimey.. that took about 15 hours to complete :eek:
The only problem is it asks you what to do every time it finds something...
So it may have been sat idle all night for all I know
Should I let Dr Web delete what it has found??
What it has found looks to be mostly in system restore files or in Combofix quarentine folder??
I still have my AV turned off on the machine and its not connected to internet at the moment so cant get the log to this computer very easy at the moment.0 -
You said 'mostly'
What else has it found?:idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 351.7K Banking & Borrowing
- 253.4K Reduce Debt & Boost Income
- 454K Spending & Discounts
- 244.7K Work, Benefits & Business
- 600.1K Mortgages, Homes & Bills
- 177.3K Life & Family
- 258.4K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards