TechSpot

quick question re: system alert:malware threats

By burnstreet
Mar 4, 2007
  1. Hello. Having read instructions on other threads re: this m-f-ing virus, given that I have online banking concerns etc., it appears I have little choice but to backup files and re-program XP (3rd time in as many years). Probably dumb question but.....do I have to worry about this trojan attaching to one of the files being downloaded onto a flash drive....once opened, only to re-infect a newly programmed Window? Thanks very much for an answer to this asap.
     
  2. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Hello and welcome to Techspot.

    Go and read this thread HERE and post a HJT log as an attachment. Once I`ve looked at your log, I`ll be able to advise you further.

    A lot depends on what virus you have as to how dangerous it is, so there may be no need for a format.

    Regards Howard :wave: :wave:

    This thread is for the use of burnstreet only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  3. burnstreet

    burnstreet TS Rookie Topic Starter

    Thanks very much Howard. Hope I captured the log data right. Will await your next recommendations. Here goes.

    Howard. Neglected to attach logfile data (rather than cut and paste). Hope the attachment....attached.
     
  4. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Please do the following exactly.

    You might want to copy and paste these instructions into a notepad file. Then you can have the file open in safe mode, so you can follow the instructions easier.

    Boot into safe mode, under your normal user name(NOT THE ADMINISTRATOR ACCOUNT). See how HERE.

    In Windows Explorer, turn on "Show all files and folders, including hidden and system". See how HERE.

    Go to add remove programmes in your control panel and uninstall anything to do with(if there).

    Video Access ActiveX Object

    Close control panel.

    Open your task manager, by holding down the ctrl and alt keys and pressing the delete key.

    Click on the processes tab and end process for(if there).

    pmsnrr.exe
    pmmnt.exe

    Close task manager.

    Run HJT with no other programmes open(except notepad). Click the scan button. Have HJT fix the following, by placing a tick in the little box next to(if there).

    O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file)

    Click on the fix checked button.

    Close HJT.

    Locate and delete the following bold files and/or directories(if there).

    C:\Program Files\Video Access ActiveX Object<Delete the entire folder.

    Reboot into normal mode and rehide your protected OS files.

    Go and read the Viruses/Spyware/Malware, preliminary removal instructions. Follow all the instructions exactly.

    Post fresh HJT and AVG Antispyware logs as attachments into this thread, only after doing the above.

    Regards Howard :)

    This thread is for the use of burnstreet only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  5. burnstreet

    burnstreet TS Rookie Topic Starter

    results of followup on your instructions

    Hello Howard.

    Whoa...that was some process......

    As requested, attached is the HJT log just completed.

    In that there were a truly massive amount of infected files (now deleted) found in the AVG Spyware full scan, the log proved too big to attach or cut and paste (I tried both several times). I don't know how to remedy this. Is there another report that might take its place?

    Thanks very, very much for all.

    David
     
  6. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Just do a fresh AVG Antispyware scan and post the log. Obviously, if AVG Antispyware doesn`t find anything, then there`s no need to post the log file.

    Regards Howard :)
     
  7. burnstreet

    burnstreet TS Rookie Topic Starter

    Howard.

    Have attached a final round of HJT and AVG Spyware logs. Am I now clean?

    Lastly, could you please advise whether I need be concerned that the alert:malware guys are likely to have accessed online banking & credit card info, SS#, etc. while their malware was up and running on my system?

    Kindest regards for all your extraordinary assistance.

    David
     
  8. howard_hopkinso

    howard_hopkinso TS Rookie Posts: 24,177   +19

    Your HJT log is clean.

    I didn`t find anything on your system, that I would consider to be a backdoor trojan. However, having said that, I can`t guarantee 100% that your sensitive data is safe. It`s really upto you to evaluate the risks. Read the thread below.

    Very Important: Before deciding whether you should clean or reformat your system, go and read this thread HERE and decide what it is you want to do.

    If you have any further virus/spyware problems, please post in this thread.

    Regards Howard :)

    This thread is for the use of burnstreet only. Please don`t post your own virus/spyware problems in this thread. Instead, open a new thread in our security and the web forum.
     
  9. burnstreet

    burnstreet TS Rookie Topic Starter

    My thanks again

    Alright...then I'll close with my thanks again for manoeuvring around some land mines....and getting me out alive. Howard, All The Best, David
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...