Author Topic: Att: Essexboy. Worried about malware & keyloggers  (Read 19339 times)

0 Members and 1 Guest are viewing this topic.

firmafest

  • Guest
Att: Essexboy. Worried about malware & keyloggers
« on: April 26, 2012, 01:29:09 PM »
Hi!

I think I might have/have had some viruses on my computer. I am especially worried about keyloggers since one of my passwords had been changed and I have had problems with logging in to several sites. The steps I have taken now is;

* Scanned with AIS and removed the 2 infected files
* Scanned again and didn't find any more infected files (just some locked, and uppacked bombs (?))
* Restored the system to a point when it worked as usual

See my first thread about this: http://forum.avast.com/index.php?topic=97675.0

How can I be COMPLETELY sure that i don't have any crap left? Can you help?

I would appreciate this A LOT.

Thank you in advance,

Firmafest

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37697
  • F-Secure user
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #1 on: April 26, 2012, 02:09:04 PM »
tjena grabben   ;)

follow essexboys guide and attach the logs from malwarebytes / OTL / aswMBR
http://forum.avast.com/index.php?topic=53253.0

then he may see if you have anything suspicious



Quote
* Scanned with AIS and removed the 2 infected files
* Scanned again and didn't find any more infected files (just some locked, and uppacked bombs (?))
what was found.....location and malware name avast gave?


« Last Edit: April 26, 2012, 02:10:57 PM by Pondus »

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #2 on: April 26, 2012, 02:31:31 PM »
Haha! Här var det någon som förstod mitt screenname  ;)

I have started with the malware-scan now and I'm hoping to do everything right so Essexboy can read my files.

The 2 infected files was named something like "Kleerup.3.am" which I found out is a song by Kleerup that I've never heard, and therefore never downloaded. And I don't know where they where found so that's strange.

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #3 on: April 26, 2012, 02:35:09 PM »
Now the scan I did with Malwarebytes Anti-Malware is finished and it didn't find anything. Should I still go through with the other steps? Just in case or?

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #4 on: April 26, 2012, 02:37:57 PM »
This is a copy of the MBAM-file

Malwarebytes Anti-Malware 1.61.0.1400
www.malwarebytes.org

Databasversion: v2012.04.26.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
ADMIN :: LINNEASDATOR [administratör]

2012-04-26 14:19:50
mbam-log-2012-04-26 (14-19-50).txt

Skanningstyp: Snabbskanning
Aktiverade skanningsalternativ: Minne | Start | Register | Filsystem | Heuristik/Extra | Heuristik/Shuriken | PUP | PUM
Inaktiverade skanningsalternativ: P2P
Antal skannade objekt: 242346
Förfluten tid: 8 minut(er), 54 sekund(er)

Upptäckta minnesprocesser: 0
(Inga skadliga poster hittades)

Upptäckta minnesmoduler: 0
(Inga skadliga poster hittades)

Upptäckta registernycklar: 0
(Inga skadliga poster hittades)

Upptäckta registervärden: 0
(Inga skadliga poster hittades)

Upptäckta registerdataposter: 0
(Inga skadliga poster hittades)

Upptäckta mappar: 0
(Inga skadliga poster hittades)

Upptäckta filer: 0
(Inga skadliga poster hittades)

(klar)

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37697
  • F-Secure user
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #5 on: April 26, 2012, 02:58:13 PM »
Quote
Haha! Här var det någon som förstod mitt screenname
yepp..... det er mange blå / gule her inne... og jeg er naboen   ;)



Quote
Now the scan I did with Malwarebytes Anti-Malware is finished and it didn't find anything. Should I still go through with the other steps? Just in case or?
yes.....
aswMBR will show rootkits
and OTL is a system diagnostic that will show lots of stuff

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #6 on: April 26, 2012, 04:34:57 PM »
Here are my 2 logfiles from the OTL-scanning. I could't find how to check the encoding on the files.

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #7 on: April 26, 2012, 04:35:52 PM »
Had two split them into two posts.

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #8 on: April 26, 2012, 04:43:01 PM »
In the middle of the scan with aswMBR the programme stopped working and cancelled the programme and the scan. Why? What to do? Essexboy?

Offline Pondus

  • Probably Bot
  • ****
  • Posts: 37697
  • F-Secure user
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #9 on: April 26, 2012, 05:09:06 PM »
seems to be lots of McAfee files in there...

was your computer delivered with McAfee when new?
did you uninstall it before installing avast?
did you run a removal tool to clear any leftover files that may conflict?

run and reboot - Uninstallers – Security Software
http://singularlabs.com/uninstallers/security-software/

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89632
  • No support PMs thanks
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #10 on: April 26, 2012, 05:42:30 PM »
In the middle of the scan with aswMBR the programme stopped working and cancelled the programme and the scan. Why? What to do? Essexboy?

Run aswMBR again, but in the AV Scan: type dropdown list, select None rather than Quickscan. As has been mentioned you appear to have lots of remnants of McAfee so that could be impacting on the scan.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free  24.8.6127 (build 24.8.9372.862) UI 1.0.814/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #11 on: April 26, 2012, 06:56:08 PM »
Thanks guys. It worked when i changed the dropmenu to "none".
Why didn't it work the way it was suppose work? (Sorry for my stupidity  :))
I'm attaching the scanfile.

Offline DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 89632
  • No support PMs thanks
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #12 on: April 26, 2012, 08:11:48 PM »
As I said "you appear to have lots of remnants of McAfee so that could be impacting on the scan."

Having multiple resident AVs or remnants can bring the two AVs into conflict.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free  24.8.6127 (build 24.8.9372.862) UI 1.0.814/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #13 on: April 26, 2012, 08:40:15 PM »
The McAfee removal tool can be found here http://majorgeeks.com/McAfee_Consumer_Product_Removal_Tool_d5420.html

There is nothing apparent in the logs - are you experiencing any anomolies ?

firmafest

  • Guest
Re: Att: Essexboy. Worried about malware & keyloggers
« Reply #14 on: April 26, 2012, 10:17:58 PM »
I've already removed all of McAfee before my previous post and it still didn't work to do the first scan (quick scan). It only worked with "none"scan.
I'm not experiencing anything strange now so I just wan't to make sure all viruses are gone.
As said, Avast found two infected files and I removed them.
So it's all ok now?