Hello ,yes this was good. Now as we want to be sure it's all off of here before we mop up... Your MBAM was a little outdated so Rerun MBAM (MalwareBytes) like this:
Open MBAM in normal/regular mode and click Update
tab, select Check for Updates
scan and scan (normal mode).
After scan click Remove Selected
, Post new scan log
into normal mode.
Also an Online scan.
Please perform a scan with Eset Online Antiivirus Scanner
.This scan requires Internet Explorer to work. Vista/Windows 7 users need to run Internet Explorer as Administrator.
To do this, right-click on the IE icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run As Administrator from the context menu.
- Click the green button.
- Read the End User License Agreement and check the box:
- Check .
- Click the button.
- Accept any security warnings from your browser.
- Check Remove found threats and Scan potentially unwanted applications. (If given the option, choose "Quarantine" instead of delete.)
- Click the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer.
- If offered the option to get information or buy software at any point, just close the window.
- The scan will take a while so be patient and do NOT use the computer while the scan is running. Keep all other programs and windows closed.
- When the scan completes, push
- Push , and save the file to your desktop as ESETScan.txt.
- Push the button, then Finish.
- Copy and paste the contents of ESETScan.txt in your next reply.
Note: A log.txt
file will also be created and automatically saved in the C:\Program Files\EsetOnlineScanner\ folder.
If you did not save the ESETScan log, click
, then type or copy and paste everything in the code box below into the Open dialogue box:
-- Some online scanners will detect existing anti-virus software and refuse to cooperate. You may have to disable the real-time protection components of your existing anti-virus and try running the scan again. If you do this, remember to turn them back on after you are finished.NOTE: In some instances if no malware is found there will be no log produced.
- Click Ok and the scan results will open in Notepad.
- Copy and paste the contents of log.txt in your next reply.
About the TDDS Rootkit found:
This malware can allow an attacker togain control of the system, log keystrokes, steal passwords, access personal
data, send malevolent outgoing traffic, and close the security warning
messages displayed by some anti-virus and security programs.
I would advise you to change any passwords or security information held
on the infected computer. In particular, check whatever relates to online
banking financial transactions, shopping, credit cards, or sensitive
personal information. It is also wise to contact your financial institutions
to apprise them of your situation.
Rootkits are used by Trojans to conceal its presence (hide from view) in order to prevent detection of an attacker's software and make removal more difficult. Many rootkits can hook into the Windows 32-bit kernel, and patch several APIs to hide new registry keys and files they install. They can disable your anti-virus and security tools to prevent detection and removal
. Remote attackers use backdoors as a means of accessing and taking control of a computer that bypasses security mechanisms. This type of exploit allows them to steal sensitive information like passwords, personal and financial data which is send back to the hacker. To learn more about these types of infections, you can refer to:What danger is presented by rootkits?Rootkits and how to combat themr00tkit Analysis: What Is A RootkitEDIT: TDSS: Silent but Deadly
Edited by boopme, 09 November 2010 - 09:02 PM.