Malware Removal Logs (possible virus) & Process List

Discussion in 'Malware Help (A Specialist Will Reply)' started by Tweak-Hunter, Feb 7, 2008.

  1. Tweak-Hunter

    Tweak-Hunter Private E-2

    I had ran a Trend Micro scan and it came up with a virus/ Trojan of some kind, but I don’t think its anything to worry about since its inside a file that I already know is some kind of crack. Anyway, I’m trying to slim down the # of processes, and also GoogleToolbarNotifier keeps returning. I’m also doing this because some things changed on my computer after I had to rollback the video driver after the video driver update I did went sour. So if you see anything I have to get rid of or whatever let me know.
    Thanks For Your Help!

    I also included a log of what services/processes are running on my computer, I think it could be informative, I'm not sure.
    PS: Whoever replies to this; This latest MG cleaning procedure leaves a lot of leftover files in the C:\ drive could you tell me what I can remove? Thanks. :)
     

    Attached Files:

    Tweak-Hunter, Feb 7, 2008
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Not true! You need to delete it.

    This is the Malware Removal forum. We primarily work on removing malware here. Are goal is not to remove unnecessary software when it has nothing to do with malware since we cannot decide what other people use on their PCs. For example, I would say I don't need any of the below but you may like or need some of all of them:
    We don't need it. A process list is already in MGlogs.zip.

    No it doesn't! What exactly are you referring to? Are you referring to the below which are all cleaned up by our final instructions?
    Code:
    "C:\"
COMBOFIX      Feb  7 2008              "ComboFix"
mglogs.zip    Feb  7 2008       59799  "MGlogs.zip"
MGTOOLS       Feb  7 2008              "MGtools"
mgtools.exe   Feb  7 2008     1238736  "MGtools.exe"
QOOBOX        Feb  7 2008              "QooBox"
    In fact since your logs do not show any malware you can move right on to our final instructions.
    1. If we used ComboFix then UNINSTALL COMBOFIX (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN
      • Now type combofix /u in the runbox and click OK.
      • Note: The space between the X and the /U, it must be there.
    2. You can delete the C:\MGtools folder and the C:\MGtools.exe file. You can also delete the C:\MGlogs.zip
    3. After doing the above, you should work thru the below link:
     
    chaslang, Feb 9, 2008
    #2
  3. Tweak-Hunter

    Tweak-Hunter Private E-2

    Well, the "Virus" is a TROJ Generic.ADV found by TrendMicro, I had been thumbing through previous posts and found an individual who had the same thing on his computer and he was told that it wasn't anything bad but rather it was just something "TM" recognized as a virus that is actually a valid component of a program. If this is the case then I'd rather not remove it, but if it's actually dangerous I will... So, Is it dangerous?
     
    Tweak-Hunter, Feb 9, 2008
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You never told me exactly what the file was or where it was located, but if it is a crack or a keygen you need to delete it for two reasons

    1) they are not safe
    2) they are illegal
     
    chaslang, Feb 10, 2008
    #4
  5. Tweak-Hunter

    Tweak-Hunter Private E-2

    Sorry, your right the program is called "WB5.5e Patch.exe" and its used to crack "windows blinds 5.5"
    I suppose I'll delete it... :(
     
    Tweak-Hunter, Feb 10, 2008
    #5
  6. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    That is the safest thing to do otherwise you may find youself looking for help in forums like this more often then you (or we ;) ) want.
     
    chaslang, Feb 12, 2008
    #6
  7. Tweak-Hunter

    Tweak-Hunter Private E-2

    Oh good you replied, I wasn't going to ask this but...
    Now that I've done all these scans and such, It now takes a longer than normal time to open up files such as my documents and my music and open my computer. Also, now when I highlight over the startup folder (C:\Documents and Settings\Joe Viviano\Start Menu\Programs\Startup) it shows the usual files that should be in there but when I click on it it only displays only one file. However I know they're all still running because I've checked to see they're running.

    I read that virus's like to hide in startup folders so maybe this is a side effect?
    Anyway, I await your reply.. :major
     
    Tweak-Hunter, Feb 12, 2008
    #7
  8. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Those are folders not files. I'm not sure what your reference point in time is but nothing that you did here is impacting this. We did not even fix anything. Perhaps it is due to your recently installing TrendMicro with Kdefense. This will have an impact of performance.


    I don't follow what you mean. Are you talking about using Windows Explorer to go to the C:\Documents and Settings\Joe Viviano\Start Menu\Programs\Startup folder and you don't see all of the expected files? What do you expect to see in that folder? That folder does not have to have anything in it to get other programs to run. Only certain software will use this folder to run at startup. Other software (like your antivirus and more) use the registry.
     
    chaslang, Feb 13, 2008
    #8

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds