Virus caught on p2p software, am I clean?

enrico68 · Apr 17, 2010

My antivirus caught quite a few viruses while I was downloading form a p2p application. First I quarantined everything the antivirus software caught, but my pc was still slow, and my AV would not update anymore. I removed the p2p application, and run all the scans according to the malware removal procedure of this website. Everything now seems to be ok, but I would still like someone to take a look at the logs I generated. I am not sure whether my pc is clean. Any questions let me know, and thanks in advance for your precious attention, regards. In this post I attach four logs, the last log will be attached on a second post

Enrico

enrico68 · Apr 17, 2010

Here is my last log. I hope I did everything according to the procedure

TimW · Apr 17, 2010

I am not seeing any malware in your logs.

If you are not having any other malware problems, it is time to do our final steps:

We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /uninstall

Notes: The space between the combofix" and the /uninstall, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.

If you are running Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

enrico68 · Apr 17, 2010

TimW said: ↑

I am not seeing any malware in your logs.

If you are not having any other malware problems, it is time to do our final steps:

We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.

If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)

Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required

"%userprofile%\Desktop\combofix" /uninstall

Notes: The space between the combofix" and the /uninstall, it must be there.

This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.

Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.

If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.

Go to add/remove programs and uninstall HijackThis.

Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.

If you are running Vista, Windows XP or Windows ME, do the below:

Refer to the cleaning procedures pointed to by step 6 of the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.

Then reboot and Enable System Restore to create a new clean Restore Point.

After doing the above, you should work thru the below link:

How to Protect yourself from malware!

Click to expand...

Hi TimW, I have to thank you for your analysis, it was very fast indeed. I followed the after cleaning procedures, hopefully next time I drop by is just to ask other types of questions, not malware related. I just want to add a spyware program to your list that is very popular in Europe, it is called a-squared antimalware, soon to become Emisoft antimalware, in its new version 5. It seems to be a very efficient antimalware, you might already know about it. If you know it, you might be able to help me in picking one among SAS, MB, or a-squared. Thanks again, enjoy the rest of the week end

Enrico

chaslang · Apr 17, 2010

enrico68 said: ↑

I just want to add a spyware program to your list that is very popular in Europe, it is called a-squared antimalware, soon to become Emisoft antimalware, in its new version 5.
Click to expand...

Thanks! We know about and removed it from our list of tools quite awhile ago because of way too many ridiculous false detections.

Log in or Sign up

Virus caught on p2p software, am I clean?

enrico68 Private E-2

Attached Files:

SASlog.txt

mblog.txt

combofixlog.txt

RRlog.txt

enrico68 Private E-2

Attached Files:

MGlogs.zip

TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

enrico68 Private E-2

chaslang MajorGeeks Admin - Master Malware Expert Staff Member