New
#31
"Win32/Autoit.JW worm----> "D:\Skypee\googleupdate.a3x"
Read about the 'worm' and where it might be possible to find it:
WORM_IPPEDO.B - Threat Encyclopedia - Trend Micro USA
Immunizing portable HDD
-
-
New #32
Moxie, my post wasn't in reply to you, I should have quoted the OP. And that's some detailed information about MBAM. Much appreciated. Not finding some infections, I took from the support page.
-
New #33
No problem, GokAy.:)
No offense was taken or intended.
As a bit of a stickler for details, I was just trying to clarify matters for anyone reading this thread.
We very often see folks at the MBAM forum who mistakenly assume MBAM is an AV.
I tried to explain in a bit more detail WHY it is not an AV or substitute for one.
As one can see even from a few replies to the poll here, there are users who unwisely rely on ONLY MBAM Premium or even MBAM Free (!!) to protect their system.
So it was good that you pointed out the helpdesk KB article.
Ennywho, I tried to answer the OP's original question about immunizing his external UHD here and here.:)
As the topic has drifted a bit to malware cleanup and "best security strategies", I will likely just monitor the thread from this point.
-
New #34
Okay so we know where to find it. Do you still have UVK installed and are you able to upload scan results?
If you want to try that also state Drive Letters for all currently connected drives.
-
New #35
Thank you guys for your thoughts, screenshots attached again.
@ Callender
I tried the TrafficLight plugin and it seems to be rather nice and as name suggests its light weight.
Also I scanned with Comodo and it didn't detect anything other than the entries of emisoft quarantined files.
ADS removal, I'll give it a try tomorrow.
I'll run the suggested cleanup for "D:\Skypee\googleupdate.a3x"
About the present drives on my system ...
C: E: F: .. built-in HDD
C = OS (win7 64bit)
E = work files
F = work files
D: portable HDD
J: DVD drive (irrelevant probably)
K = Hidden drive .. its basically the drive that shows up when I connect the usb wifi router from my ISP
And yes I still have UKV, what are the setting should i use to run the scan?
-
New #36
UVK Settings needed:
Note: Add .a3x file extension to list of exectutables to be scanned and change the number of days to whatever you think it needs to be (number of days before infection)
Also add drive letters to custom scan settings as shown.
-
New #37
Also add the domains www.geoplugin.net and geoplugin.net to your hosts file!Last edited by Callender; 31 May 2015 at 14:45. Reason: unparse links
-
New #38
Re: Your screenshots.
You can probably delete that unreadable file extension as the characters are gibberish.
It's detected Avast virus definitions - no need to worry about those.
The Games one (EOS) - probably detected as adware - up to you if you want to remove it.
Wordpress entry - no idea on that one.
Disabled UAC - really should be enabled unless you've got software that performs the same function. Also it#s not set to it's highest level by default in Windows 7.
Modified Hosts. Nothing to worry about as I know you add your own entries. All you really need to do is check those entries yourself and check that there are no re-directs in place.
-
-
New #40
Re: UAC.
User Account Control - UAC - Change Notification Settings
It should be on highest level and that way malware can't change important system files without you noticing although some .alware is probably designed to get around this.
If you turned off UAC because of the prompts when you run a program - it's possible to create elevated shortcuts to run trusted programs without a UAC prompt getting in the way;
Quote
Related Discussions