Remove-Malware.com Forums

[DN102]

hey guys sorry but i aint sure if im infected or not, mainly because i wiped my HD with Active Disk Kill after my pc was going weird, random hangs, things taking forever to load like notepad etc. Thing is i havent downloaded nothing dodgy and im behind Sandboxie, Avira etc, befor i wiped my hard drive i have noticed some random files named dc2.zip and other things with dc some exe's soem zips. and after using Active Disk Kill similar files with same names. After browsing google i found this post on geekstogo, http://www.geekstogo.com/forum/topic/184986-trojan-horse-droppergenericrgq-resolved/ same zip file i see when using ccleaner in 35 passes mode, similar files to what i also had befor wipeing the hard drive. the file seems to show up in recyler thought only when i use ccleaner and i got quite alot of stuff in teh recyle bin. dc1.exe dc2.exe dc2.zip.... confusing me.

[jamesste2k7]

definately sounds like something that got past when you wiped your hd maybe a mbr rootkit not sure wait for fiery demon or someone else who will know to advise you

[DN102]

cheers mate yea not sure but after searching around, alot of posts about it some say a file that pretends to be legit and hides itself from task manager, soem says its a really harmfull worm that can slowly kill the system etc etc, it only shows up when i run Ccleaner, like if i have 100+mb of files in my recycle bin it shows up with dc1.exe dc2.exe up till dc4 and also a couple of dc2 etc zip files.When i enter the hidden folder C:\RECYCLER theres nothing there completey empty but yet ccleaner shows there files everytime.. nothing will pick it up, trojan scanners, trend micro house call, avira, nothing lol, even befor i wiped my HD i used Dr.Web etc and it never found anything. My hijackthis log looks clean also, what ever it is sounds like a really well made virus/worm lol. ive never had a rootkit befor so i have no idea how to detect/remove one, but i thought progs like active disk kill, dban etc wiped everything every tiny file virus or spyware etc but i guess not.

[jamesste2k7]

first try running hitman pro

then next download the avira boot record virus detecter and run that

[DN102]

cheers m8, ran hitman befor i formated guess its worth another shot, after i formated i also put my pc in shadow mode befor connecting to the net not sure if this was a good idea, nut if it is a rootkit il do what ever to get rid of it lol

[DN102]

not even sure if this is a virus/rootkit?.. ive done fixmbr in the recovery consol, scanned with hitman pro, prevx, avira, also used tet gmer mbr scan thing, nothing but ccleaner still shows the files, Dc1.exe and Dc3.exe im confussed lol i have no idea what these files are but every scanner i have run cant find anything. pc seems fine at the moment tho no slow downs etc but these fiels are doing my head in lol.

[Dieselman]

If you wiped the disk with Kill disk then its impossible for you to have an infection. Do you have separate partitions? Did you insert a thumb drive after formatting? Are you sure you wiped the ENTIRE disk? I use Dban myself and not Kill Disk.

[DN102]

Yea thats what i thought dieselaman, i normally use dban to but i got a bit unpatient and used disk kill. yes i use a pen drive, but i formated it last week and all thats on there is apps like sandboxie, sp3, etc. and no i dont use partitions i have done but got rid of them.

heres my boot ini

[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
C:\CMDCONS\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer

says partition(1) not sure if thats normall lol. not even sure if this is a rootkit or virus tho, my hijacklist was clean, ran hitman, malewarebytes, tojanhunter, avira, trend micro, gmer mdr thin, comdofix.. the Dc1.exe, Dc3.exe only show tho when im doing a clean up in Ccleaner and alwasy shows them files in C:\RECYCLER when i enter that hidden folder nothing is there apart from a recycle bin icon.

*going to test with diffrent files delete, knowing my luck the files are part of the big files i put in recycler bin which ccleaner show up as i just seen alot of dll's and .ogg files with same name lol.

[Dieselman]

What is your OS? Did you COMPLETELY reinstall everything such as ALL needed drivers and updates? Seems like Kill Disk missed something which is the reason I no longer use it.

http://www.processlibrary.com/directory/files/dc1/

http://www.bleepingcomputer.com/startup ... 18690.html

http://forum.worldstart.com/showthread.php?t=65844

http://forums.techguy.org/earlier-versi ... 1-exe.html

http://www.xraymypc.com/process/D/Dc1.exe.htm

[DN102]

Windows XP Pro SP3, and yes, completly wiped everythign and installed the drivers back from disk that came with my mobo.