Is my computer Clean?? Logs Attached

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by novachic, Mar 13, 2009.

  1. novachic

    novachic Private E-2

    I have VIPRE Anti-virus and Anti-spyware This morning it detected a trojan-spy.win32.zbot.com. when I ran my anti-virus software after it finished it would cancel it's self. SO I started looking on the internet and found this great site and thank you so much. I have followed all the direstions in the READ & RUN ME FIRST and have all the logs. It did find some things and i fixed them as It said. But I want to make sure that it is all clean. So if someone would look at the logs and tell me if I need to do anything else. I would really appreciate it.

    Also my anti-virus VIPRE is it good enough for my computers I bought it not to long ago Then reason why I went with it was I read some good reviews and it was at a reasonable price.

    Also should I continue to use the things I downloaded to keep my computer clean. Will they all work together with what I have now an what else do I need to get or add. If so how often should I run these programs.

    Thanks

    Cynthia
     

    Attached Files:

    novachic, Mar 13, 2009
    #1
  2. novachic

    novachic Private E-2

    The other log is attached to this post
     

    Attached Files:

    novachic, Mar 13, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean...If you are not having any other malware problems, it is time to do our final steps:

    1. We recommed you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They are useful as backup scanners. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

      • Delete the C:\combofix folder from combofix (if it exists)

    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning steps in the READ ME for your Window version and see the steps to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    8. After doing the above, you should work thru the below link:

     
    TimW, Mar 15, 2009
    #3
  4. novachic

    novachic Private E-2

    When I do this * Click *START* then *RUN *and enter the below into the run box and then click *OK. *Note the quotes are required
    * *"%userprofile%\Desktop\combofix" /u* I have it exactly like you have and it comes up and says This file does not have a program associated with it for performing this action. Create an association in the Folder Options control panel. So what else can I do to uninstall the combofix.exe. There is a icon on my desktop.

    Also when I try to uninstall hijack This 2.0.2 It says an error occured while trying to remove this It may have been already been uninstalled. Whould you like to remove from the Add or Remove program list. I have not uninstalled it. So do I need to do something else of just remove from the add and remove program list.

    Thanks for all your help.
     
    novachic, Mar 15, 2009
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You can delete the ComboFix.exe file, C:\ComboFix folder, C:\QooBox folder, C:\WINDOWS\nircmd.exe, C:\combofix.txt and C:\ComboFix-quarantined-files.txt logs that were created.

    And you can remove HJT from the add/remove program list.
     
    TimW, Mar 17, 2009
    #5
  6. novachic

    novachic Private E-2

    Thak you very much I was able to perform all of those. I do have one other question. Under C:\WINDOWS\$NtUninstallKB891781$ I have apx 200 file folders under C:\Windows| that all have the $ marks in them and have the word uninstall with other numbers and letters after each one. What are these and are they safe to delete without messing up anything in the computer.


    Thanks

    Cynthia
     
    novachic, Mar 17, 2009
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Since this question has been asked many times on the internet, I will not write up an explanation but will point you to some already written. Check these out:

    http://www.askdavetaylor.com/can_i_delete_the_contents_of_windows_ntuninstall.html

    http://ask-leo.com/can_ntuninstall_folders_be_deleted.html
     
    chaslang, Mar 20, 2009
    #7

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds