Hello guys iv noticed that computers on my area have application turning to zero bytes … so i wanted to know how i could avoid this malware
This sounds extremely intriguing, I’ve never heard of anything doing that.
Please follow the guide here (and attach those logs) >> https://forum.avast.com/index.php?topic=194892.0
Its undected Sir … it once hit me sometime last year and i Friend on this Forum advised me to use a particular usb scanner for future protection …i never managed to hit me after that …
but i never really found a solution to the application that has been hit … even when i scan my computer its not traceable …
but here is a sample on virus total : https://www.virustotal.com/gui/file/e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/detection
The above programs aren’t typical scanners. They won’t remove anything unless directed to do so. However, it may give us an idea of what’s modifying your files, that way we can grab a sample and remove it from your system.
Regards,
Michael.
Edit: I should specify, MBAM is a typical scanner. FRST is not. But please run both…
Here are the logs Sir
Hello Pako,
I certinaly see a lot of empty directories (temp folders, MBAM’s directory is empty etc). I’ll reach out to Sass Drake and see if they have any ideas. May take a day or so for them to swing around so please be patient.
Ok Thank You no problem
Can you post screenshot (or explain it more detailed) of application reduced to zero bytes please?
if you want more screenshot you want more screenshots you can Tell me…
But this is what is happening … application memory (May it be Exe Files , Music , Pictures) their size change from a particular size to zero bytes … and once they change to zero bytes the computer wont be capable of opening them …
What directory was that in?
it hs always been at Documents but i moved it to desktop yesterday
Is it only exe file which turns to zero bytes?
Not really even music , Pictures , but at the moment i have samples for exes …
Kind of deleted the Pictures and Music
Please post new FRST.txt and Addition.txt.
Check replay #4
Problem is that I don’t see anything malicious in logs. Since you are using Education edition do you know wheter is your PC part of Active Directory in your school/college? Also please uninstall CCleaner for short time just to eliminate it from list of possible culprits.
iv Finished School Sir …
thats the thing …this file tdoesnt seem to be detectable …ok il uninstall it