Author Topic: Win32 MBRoot - J[Trj] detected  (Read 50434 times)

0 Members and 1 Guest are viewing this topic.

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #120 on: June 29, 2011, 09:43:21 PM »
Here is the log.

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #121 on: June 29, 2011, 09:44:44 PM »
Ooops! I didn't attach but here it is.

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32 MBRoot - J[Trj] detected
« Reply #122 on: June 29, 2011, 10:42:50 PM »
OK bear with me for a few minutes whilst I check it out

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32 MBRoot - J[Trj] detected
« Reply #123 on: June 29, 2011, 10:47:02 PM »
OK an old help assist mbr backup file has been found, but that is now impotent so lets just close the port.  Once this run is complete what problems remain

1. Close any open browsers.
 
2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix. 
 
3. Open notepad and copy/paste the text in the quotebox below into it:
 
Quote

Registry::
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"=-
 

 
Save this as CFScript.txt, in the same location as ComboFix.exe
 
 
 
 
Refering to the picture above, drag CFScript into ComboFix.exe
 
When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #124 on: June 30, 2011, 12:47:06 AM »
Here it is.

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #125 on: June 30, 2011, 01:05:09 AM »
Pending the results of the last posted attachment, there is nothing else yet that I've noticed but let me see over the next couple of days how it goes.  I have one last question, what should I be using to protect my computers from potential harm in the future?

Offline polonus

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 33873
  • malware fighter
Re: Win32 MBRoot - J[Trj] detected
« Reply #126 on: June 30, 2011, 01:18:20 AM »
Hi you norfon,

Go here and check it out: http://n1.netalyzr.icsi.berkeley.edu
Run the netalyzr from there (allow the java plugin for this to run once) and you will be served up with a report that will extensively deal with any specific hick-ups that occur on the connection from that machine,

polonus

Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #127 on: June 30, 2011, 02:20:24 AM »
Polonus, thanks but that problem has already been addressed.  I'm just waiting for a response from essexboy in regards to my previous post.  Thanks again!

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Win32 MBRoot - J[Trj] detected
« Reply #128 on: June 30, 2011, 07:20:32 PM »
Looks ok now could you run for a day or so, and once happy let me know and I will tidy up  ;D

norfon

  • Guest
Re: Win32 MBRoot - J[Trj] detected
« Reply #129 on: July 01, 2011, 10:24:02 AM »
Sure! Will do, thanks.