0

Have got vista
got told that I had a MBR 3 weeks ago got charged £45 to get rid of it and re-istall my OS
last week avg found I had trojans and rootkits on so went back to shop he said comp full of them, only paid £15 and he just wiped my hard drive and I re-installed it myself, I assume my Os disk was okay

put avg 9 and malware bytes, mawarebytes made my hard drive make a funny noise, so removed it, everything okay till ran rootkit scan and it found one

kept off sites that are dodgy, only been on justin tv watching sports

avg says i have "C:\Windows\system32\drivers\mbamswissarmy.sys";"Hidden driver";"Object is hidden" and asks me if I really want to delete it, do I deleted it

dont want to spend anymore money getting it fixed so any help would be appreciated. dont mind paying small amount, am sick to death of it

3
Contributors
5
Replies
6
Views
8 Years
Discussion Span
Last Post by crunchie
0

Hi and welcome to the Daniweb forums :).

==========

C:\Windows\system32\drivers\mbamswissarmy.sys

Entry is from Malwarebytes Anti-Malware :).

0

does that mean its okay or that i got it from downloading malware bytes?

a squared cleaner also found this, ID Object
0 C:\Users\Chris4433\Downloads\SetupCasino.exe__en.exe Trojan.OnlineBank!IK

which i quarantined

can someone help me out please

0

does that mean its okay or that i got it from downloading malware bytes?

a squared cleaner also found this, ID Object
0 C:\Users\Chris4433\Downloads\SetupCasino.exe__en.exe Trojan.OnlineBank!IK

which i quarantined

can someone help me out please

That C:\Windows\system32\drivers\mbamswissarmy.sys is a NORMAL file from MBA-M, not a rootkit it is the
MalwareBytes 'Anti-Malware system driver file and in no way a threat to your system. You must have incorrectly uninstalled MBA-M. Since the rest of the program couldn't be found it is in all likelyhood why AVG flagged the file.
It would really help if we could see some logs here otherwise this is like trying to walk through an unknown building in the dark, we don't know what to look for or why we keep hitting walls.
The file found by aSquared

C:\Users\Chris4433\Downloads\SetupCasino.exe__en.exe Trojan.OnlineBank!IK

was downloaded by somebody using the computer.

Sorry crunchie, didn't see you there :icon_redface:

Edited by jholland1964: n/a

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.