• 0

Worried with this virus..


Question

Hy. On my second computer from friday a tiny little issue was displayed by Eset Smart Security 7.. all details are available in attached screenshots. Tried to full-scan computer but .. the results are in the log below. What should I do? Try other security suite such as..Kaspersky ? :(

Thanks for any suggestion.

post-18459-0-73037600-1411412125.jpg

post-18459-0-51891800-1411412126.jpg

Link to comment
Share on other sites

Recommended Posts

  • 0

If you have the ability to scan the HD from another PC, or attached/slave the HD to another...that will help as well.  I find that if things are loaded in memory, antimalware scans sometimes do not pickup everything.

Link to comment
Share on other sites

  • 0

If you have the ability to scan the HD from another PC, or attached/slave the HD to another...that will help as well. I find that if things are loaded in memory, antimalware scans sometimes do not pickup everything.

Or even better, download one of these. And burn to a cd or write to usb, boot from it and remove it from that
Link to comment
Share on other sites

  • 0

If you have the ability to scan the HD from another PC, or attached/slave the HD to another...that will help as well.  I find that if things are loaded in memory, antimalware scans sometimes do not pickup everything.

well.. it's connected in a local network through the router from which get the internet too.. how can I scan it from my pc for example? which has eset s.s. 7 too installed.

Link to comment
Share on other sites

  • 0

well.. it's connected in a local network through the router from which get the internet too.. how can I scan it from my pc for example? which has eset s.s. 7 too installed.

 

Map a drive, then scan that drive.

 

But if the PC is on, then the malware may be loaded in memory.  Sow hat I said attach to a different PC, or like someone else suggested, boot from removable media and scan that way.

Link to comment
Share on other sites

  • 0

Hello,
 
I am not sure where in Europe you are located, but chances are there is an ESET distributor, or even an actual ESET office, somewhere in your country that you can call for assistance.  Contact information can be found here on ESET's web site.
 
Also, ESET offers a free CD/USB image you can download and use to boot the PC from to check for the infection.  It's called ESET SysRescue Live and can be downloaded from www.eset.com/int/download/utilities/detail/family/239/.  One nice thing about creating a USB version is that it can download updates--no license required.
 
Regards,
 
Aryeh Goretsky

  • Like 2
Link to comment
Share on other sites

  • 0

Or create a kasperksy rescue disc and scan it from that.

 

it gives me No bootable partition on table when I start booting from usb .. all steps from here done succesfully but :|

 

Also, ESET offers a free CD/USB image you can download and use to boot the PC from to check for the infection.  It's called ESET SysRescue Live and can be downloaded from www.eset.com/int/download/utilities/detail/family/239/.  One nice thing about creating a USB version is that it can download updates--no license required.

 

I'll give this a try if kaspersky fails.. thanks.

Link to comment
Share on other sites

  • 0

I would recommend you Emsisoft Anti-Malware - http://www.emsisoft.com/en/software/antimalware/ and try AVG Rescue CD as well - http://www.avg.com/ww-en/avg-rescue-cd.

 

It has been mentioned here sometime DLL can be flagged as this Trojan: http://www.wilderssecurity.com/threads/eset-detecting-printer-driver-as-trojan-win32-ponmocup-aa-gen.317602/

 

Behavior of trojan: http://www.virusradar.com/Win32_Ponmocup.AA/description?lng=en

Link to comment
Share on other sites

  • 0

Run TDSSKiller yet?

List of malicious programs :|

Backdoor.Win32.Phanta.a,b

Backdoor.Win32.Sinowal.knf,kmy

Backdoor.Win32.Trup.a,b

Rootkit.Boot.Aeon.a

Rootkit.Boot.Backboot.a

Rootkit.Boot.Batan.a

Rootkit.Boot.Bootkor.a

Rootkit.Boot.Cidox.a,b

Rootkit.Boot.Clones.a

Rootkit.Boot.CPD.a,b

Rootkit.Boot.Fisp.a

Rootkit.Boot.Geth.a

Rootkit.Boot.Goodkit.a

Rootkit.Boot.Harbinger.a

Rootkit.Boot.Krogan.a

Rootkit.Boot.Lapka.a

Rootkit.Boot.MyBios.b

Rootkit.Boot.Nimnul.a

Rootkit.Boot.Pihar.a,b,c

Rootkit.Boot.Plite.a

Rootkit.Boot.Prothean.a

Rootkit.Boot.Qvod.a

Rootkit.Boot.Smitnyl.a

Rootkit.Boot.SST.a,b

Rootkit.Boot.SST.b

Rootkit.Boot.Wistler.a

Rootkit.Boot.Xpaj.a

Rootkit.Boot.Yurn.a

Rootkit.Win32.PMax.gen

Rootkit.Win32.Stoned.d

Rootkit.Win32.TDSS

Rootkit.Win32.TDSS.mbr

Rootkit.Win32.ZAccess.aml,c,e,f,g,h,i,j,k

Trojan-Clicker.Win32.Wistler.a,b,c

Trojan-Dropper.Boot.Niwa.a

Trojan-Ransom.Boot.Mbro.d,e

Trojan-Ransom.Boot.Mbro.f

Trojan-Ransom.Boot.Siob.a

Virus.Win32.Cmoser.a

Virus.Win32.Rloader.a

Virus.Win32.TDSS.a,b,c,d,e

Virus.Win32.Volus.a

Virus.Win32.ZAccess.k

Virus.Win32.Zhaba.a,b,c

Link to comment
Share on other sites

  • 0

Open process explorer in windows and check the properties of all the run32.exe's. You'll find one that is getting hooked by a file on the system.

Link to comment
Share on other sites

  • 0

Agreed. Re-install Windows, and this time around be more careful what you install. Make sure it's from legal sources.

Link to comment
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.