harshilsharma63
DIY FTW!
Hi. I gave my external HDD to a friend and i got infected with the shortcut malware. The drive had two objects: '$RECYCLE.BIN' folder and a shortcut pointing to 'system32' folder. The data in the drive was not visible. I scanned it with MalwareBytes Anti MAlware and it showed two reg values detected. Here is the MBAM log after scanning the drive:
I use NIS 2013 which was updated a few days back. However, NIS is not detecting anything during the scan. I formatted the drive but the malware seeps to be sitting in system files and registry.
MBAM says that it will delete the malwares during the reboot and asks to reboot but does nothing. It still detects malware on the next scan.
How can I clean my PC from the malware?
Code:
Malwarebytes Anti-Malware 1.70.0.1100www.malwarebytes.org
Database version: v2013.03.08.02
Windows 8 x64 NTFS (Safe Mode)
Internet Explorer 10.0.9200.16540
harshilsharma63 :: THEPUNISHER [administrator]
18-Apr-13 8:22:33 AM
MBAM-log-2013-04-18 (09-07-14).txt
Scan type: Full scan (C:\|E:\|F:\|)
Scan options enabled: Memory | Startup | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: Registry | P2P
Objects scanned: 419219
Time elapsed: 41 minute(s), 45 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 2
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (PUM.UserWLoad) -> Data: C:\Users\HARSHI~1\LOCALS~1\Temp\ccivcqie.com -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|Load (Trojan.Ransom) -> Data: C:\Users\HARSHI~1\LOCALS~1\Temp\ccivcqie.com -> No action taken.
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
(end)
I use NIS 2013 which was updated a few days back. However, NIS is not detecting anything during the scan. I formatted the drive but the malware seeps to be sitting in system files and registry.
MBAM says that it will delete the malwares during the reboot and asks to reboot but does nothing. It still detects malware on the next scan.
How can I clean my PC from the malware?