I'm new to this forum and to this whole process so please bear with me. I have an infection detected message from an ESET System Rescue scan, run from a USB key.
The scan reports 5 instances of an MBR infection "win32\olmasco.o". When I ask to clean them ESET reports that it has successfully cleaned them, however on performing another scan, with a reboot and without a reboot, it reports the same problem. I have tried to find details of this infection on the ESET site but have not found any.The ESET System Rescue update is from 13-08-2011.
I have tried some tools from the Kaspersky website but with no success, TDSSkiller and the kaspersky on-line scanner. Neither product detected a problem.
I believe the infection occured after downloading and running a fake copy of DiskInternals raid recovery from an e-mule search. The following day when I booted my PC it appeared normal but after a few minutes the desktop background turned black and I received numerous messages about a hard disk error, folders and desktop icons disappeared and then I received some errors relating to "attrib.exe". I don't have a detailed record of the messages.
These are the steps I took next.
I completed a system restore to a few days earlier.
I created a system rescue USB from another PC and scanned the system. It detected and cleared a number of infections, but is unable to clean this one.
I have successfully backed up my data to an external disk
I have run on-line scans from ESET & kaspersky, in normal and safe mode, nothing is detected.
I have connected the hard disk to a machine running virus vault, it fails to detect anything.
I don't know if I actually have an infection or not, however I have used the ESET System Rescue proccess previously and found it very credible.I don't wish to ignore it's findings. I would like some assistance to understand and resolve this, without the need to wipe the disk.
Edited by hamluis, 16 August 2011 - 07:29 AM.
Moved from Malware Removal Logs to Am I Infected.