Possible Virus Infection

Discussion in 'Malware Help (A Specialist Will Reply)' started by NewComer08, Oct 5, 2010.

  1. NewComer08

    NewComer08 Private E-2

    Hi there, I was browsing various video streaming sites. Started off on videobash followed a series of video links and ended up on some random site (can't remember what it was I'm afraid). As soon as I clicked on one of the videos posted on the website my virus software (F-Secure) said it had detected and deleted a virus (win32.runmit and win32.rumnit.c - I think I've spelt them right). I immediately closed the website but for the next hour I was continually getting the same message from F-Secure. Checking in the logs F-secure provided, it said it had deleted the same two viruses about 200 times. I had a quick look online for solutions other people had come up with, came across this forum and have gone through the Vista cleaning thread (Superantispyware etc.) During the process I had to restart the computer several times (not crashes, just me restarting the computer) and after one of these reboots F-Secure started another series of messages saying viruses found and deleted, but this time they were a series of different trojan viruses. I've done a full scan with the superanti spyware, malwarebytes and MGtTools and have attached the log files. I have Vista 64 bit and so didn't use the other two bits of software on the vista cleaning thread. None of these scans found anything and I've done a scan with F-Secure which also found nothing. So I don't know if F-Secure managed to delete the viruses or not and I'd appreciate some advice as to whether you think the computer is clean or not. Many, many thanks in advance.
     

    Attached Files:

    NewComer08, Oct 5, 2010
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I am not seeing any malware in your logs. Are you experiencing any malware issues at present?
     
    TimW, Oct 5, 2010
    #2
  3. NewComer08

    NewComer08 Private E-2

    No the messages from F-Secure seem to have stopped, so I guess it did its job. I was just worried about the fact that F-secure was having to continuously delete the viruses, multiple times. If you think its clear then I'll just keep an eye on things and post again if necessary. Many Thanks!
     
    NewComer08, Oct 5, 2010
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Do let us know if it crops up again. In the meantime, you can do the final cleanup when you feel confident that all is well:

    If you are not having any other malware problems, it is time to do our final steps:

    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real time protection. They do not use any significant amount of resources ( except a little disk space ) until you run a scan.We recommend them for doing backup scans when you suspect a malware infection.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /uninstall
        • Notes: The space between the combofix" and the /uninstall, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.


    3. Go back to step 6 of the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    5. If we had you download any registry patches like fixme.reg or fixWLK.reg (or any others), you can delete these files now.
    6. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    7. Go to add/remove programs and uninstall HijackThis.
    8. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    9. If you are running Win 7, Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures pointed to by step 7 of the READ ME
        for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore to create a new clean Restore Point.

    10. After doing the above, you should work thru the below link:




    Support MajorGeeks with Geek Wear!
     
    TimW, Oct 5, 2010
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds