We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
Virus appears to have wiped laptop
Comments
-
I don't think you updated MBAM first , I am not on my Windows PC so I can't check immediately but I am sure the database should be 68xx , someone will confirm soon tho4.8kWp 12x400W Longhi 9.6 kWh battery Giv-hy 5.0 Inverter, WSW facing Essex . Aint no sunshine ☀️ Octopus gas fixed dec 24 @ 5.74 tracker again+ Octopus Intelligent Flux leccy0
-
debitcardmayhem wrote: »I don't think you updated MBAM first , I am not on my Windows PC so I can't check immediately but I am sure the database should be 68xx , someone will confirm soon tho
6818 is latest.604!0 -
debitcardmayhem wrote: »I don't think you updated MBAM first , I am not on my Windows PC so I can't check immediately but I am sure the database should be 68xx , someone will confirm soon thoToxteth_OGrady wrote: »6818 is latest.
ok sorry guys - i cant get internet access downstairs on the infected lappie so am working between two laptops with a pen drive
have now updated mbam and run another test - found another infection and deleted it so heres the latest log:
Malwarebytes' Anti-Malware 1.51.0.1200
https://www.malwarebytes.org
Database version: 6818
Windows 6.1.7600
Internet Explorer 8.0.7600.16385
09/06/2011 15:34:16
mbam-log-2011-06-09 (15-34-16).txt
Scan type: Quick scan
Objects scanned: 145180
Time elapsed: 2 minute(s), 46 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
c:\Users\matty\AppData\Local\Temp\jar_cache1951420948477896635.tmp (Trojan.FakeAlert) -> Quarantined and deleted successfully.
again thankyou all for your patience and help"Beauty is in the eye of the beholder and it may be necessary from time to time to give a stupid or misinformed beholder a black eye" - Miss Piggy0 -
this is good !!!!. I had to do a relatives with a similar virus.
I loaded safemode and created a new account, and deleted his old 1. seemed to solve the problem and let him use the net. He's not bothered about the hidden files and has no work to worry about.0 -
alistair.long wrote: »this is good !!!!. I had to do a relatives with a similar virus.
I loaded safemode and created a new account, and deleted his old 1. seemed to solve the problem and let him use the net. He's not bothered about the hidden files and has no work to worry about.
So why did you not just run a Factory Restore?0 -
alistair.long wrote: »this is good !!!!. I had to do a relatives with a similar virus.
I loaded safemode and created a new account, and deleted his old 1. seemed to solve the problem and let him use the net. He's not bothered about the hidden files and has no work to worry about.stilltheone wrote: »So why did you not just run a Factory Restore?
I don't think stilltheone was suggesting you should Gremlin :wave:
Just a quick question from me (not an expert ) did you run unhide ? , and wait for some more reliable advice from RussJK/stilltheone/Alienrik/Gunjack/Browntoa
Edited: oh and others too Spud won't be here til evenings/weekends and then closed will help you with speeding up when it is clean, and then asbokid will come in with helpful advice too...the list is too long4.8kWp 12x400W Longhi 9.6 kWh battery Giv-hy 5.0 Inverter, WSW facing Essex . Aint no sunshine ☀️ Octopus gas fixed dec 24 @ 5.74 tracker again+ Octopus Intelligent Flux leccy0 -
oh yeh just to mention that Mbam is now up to 6820 now. just done my scan with it."If you no longer go for a gap, you are no longer a racing driver" - Ayrton Senna0
-
@debitcardmayhem
yeh sorry I realised after after I posted that is was to the other poster so I deleted it straight away.
I did run unhide and a lot of stuff showed - so I think its sorted that problem.
I am really grateful to everyone in here for the help they've given me."Beauty is in the eye of the beholder and it may be necessary from time to time to give a stupid or misinformed beholder a black eye" - Miss Piggy0 -
Id recommend a FULL scan with malwarebytes, then run combofix as youve had/have a nasty infection
Please run COMBOFIX
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
Shut down your anti virus
Follow the simple instructions it gives
Post the COMPLETE log it creates here (Split into sections if need be) ~ if there are loads of 'SNAPSHOT' pages then leave them out
If it comes up with a RENAMING error then RIGHT click the exe file and RENAME and call it QWERTY (Making the complete file name 'QWERTY.exe') Or SAVE as 'QWERTY' on download
(If no log comes up or you lose it, COMBOFIX.TXT can be found in C drive):idea:0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards