Author Topic: RE: fryed computer/ attn: DavidV  (Read 2484 times)

0 Members and 1 Guest are viewing this topic.

Offline watchet10109

  • Newbie
  • *
  • Posts: 5
RE: fryed computer/ attn: DavidV
« on: August 31, 2009, 10:17:12 PM »
Hi fella, panic over. I went to a sight called "just answer" and was connected to a guy called Christopher Bessler. on his advise i downloaded a program called "malwarebytes" on a friends computer, popped it onto a USB memory stick. I started my laptop in safe mode an ran the program (I have placed a copy of the log below).It found 5 viruses, I also managed to delete Avast. This seems to have solved the problem.

 When i went onto the internet to download "Avast", it was the first time with this new HD and OS. I went straight to the Avast homepage and downloaded the home edition. There was very little chance for me to pick up these viruses anywhere else. I'm not pointing a finger, just thought that you should know. Here are the logs:

Malwarebytes' Anti-Malware 1.40
Database version: 2551
Windows 5.1.2600 Service Pack 2 (Safe Mode)

9/1/2009 7:29:28 PM
mbam-log-2009-09-01 (19-29-28).txt

Scan type: Quick Scan
Objects scanned: 90912
Time elapsed: 8 minute(s), 21 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 3
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\vistadrive (Trojan.Downloader) -> Quarantined and deleted successfully.

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\NoSMHelp (Hijack.Help) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Folders Infected:
(No malicious items detected)

Files Infected:
C:\WINDOWS\VistaDrive\VistaDrive.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: RE: fryed computer/ attn: DavidV
« Reply #1 on: August 31, 2009, 10:42:08 PM »
I found this about your VistaDrive.exe http://www.file.net/process/vistadrive.exe.html
http://spywarefiles.prevx.com/RRGDDE28573069/VISTADRIVE.EXE.html
http://www.superantispyware.com/malwarefiles/VISTADRIVE.EXE.html

I hope i did help you and dont maked mistake this time. ;) Also i hope i dont maked you scare... My point is to give you mush information about it so happy reading.

If some 1 say that i did make a mistake so reply to me and i will be happy to talk with you.

Mr.Agent
« Last Edit: August 31, 2009, 10:50:57 PM by Mr.Agent »

Offline watchet10109

  • Newbie
  • *
  • Posts: 5
Re: RE: fryed computer/ attn: Davidr
« Reply #2 on: August 31, 2009, 11:07:57 PM »
Thanks for the heads up Mr Agent. I will check this out straight away. ;)

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: RE: fryed computer/ attn: DavidV
« Reply #3 on: August 31, 2009, 11:09:03 PM »
Your welcome mate. I hope i did respond your post. ;)

Mr.Agent

Offline YoKenny

  • Serious Graphoman
  • **
  • Posts: 8784
Re: RE: fryed computer/ attn: DavidV
« Reply #4 on: August 31, 2009, 11:13:06 PM »
WinXP SP3 has been available for over a year so you should go to Tools then Windows Update in Internet Explorer and install all updates as it provides performance enhancements and several Critical updates.

Go to Control panel then Automatic updates then enable at least Notify me but do not download updates.

Run Secunia Online Software Inspector to see what applications are vulnerable:
http://secunia.com/vulnerability_scanning/online
E5200 2.5GHZ, 4GB RAM, 320GB HD, Windows 7 Home Premium 64bit, avast! V9.0 Free, IE10
P4 2.8GHZ, 1.5GB RAM, 40GB HD, XP Pro SP3 32bit, avast! V9.0 Free, Google Chrome
with hpHosts, MVPS HOSTS files, SpeedFan, WinPatrol PLUS

Offline Mr.Agent

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 2769
  • Proud to be an avast! user.
Re: RE: fryed computer/ attn: DavidV
« Reply #5 on: August 31, 2009, 11:17:49 PM »
Oh yeah i did miss also that thank Yokenny i was also wondering with those number of Malwarebytes of what kind OS you was running. But well Yokenny did understand the language OS of Malwarebytes lol. ;)

Mr.Agent

Offline mkis

  • Avast Evangelist
  • Super Poster
  • ***
  • Posts: 1620
Re: RE: fryed computer/ attn: DavidV
« Reply #6 on: September 01, 2009, 12:59:00 AM »
When i went onto the internet to download "Avast", it was the first time with this new HD and OS. I went straight to the Avast homepage and downloaded the home edition. There was very little chance for me to pick up these viruses anywhere else.

You didn't pick the viruses up on avast homepage. So be careful wherever else you go or you may get infected again.
Avast7 Free, MBAM (on demand), MVPS Hosts

Intel DG41TY, Windows 7 Ultimate, IE9, Google Chrome, 4 GB ram, Secunia PSI, ccleaner, Foxit Reader, Faststone Image viewer, MWSnap.