Uncertain if malware was removed after read & run me

Discussion in 'Malware Help (A Specialist Will Reply)' started by charliecab, Oct 16, 2009.

  1. charliecab

    charliecab Private E-2

    Hello! My computer is apparently infected with TR/Crypt.XPACK.Gen as my avira intercepts it most of the time when I cut/copy a file or doing tasks. The virus is always intercepted in the temp folder of avast. Yes, I had 2 AV's but already uninstalled avast as directed on read & run me first.

    But prior to consulting majorgeeks, I tried to remove the virus by installing Paretologic av plus, it found a Trojan-Downloader.WMA.Wimad.v in my C:\recycler but did not remove it since it wasn't freeware (hah!).

    I did as instructed in read & run me first and in windows xp cleaning procedure, it worked great! But I'm still quite uncertain of the results since the scans removed only a trojan other than crypt.xpack gen nor that wma.wimad (or any other pests for that matter). I'm still stuck on proceding to the 4th step (Toggle System Restore).

    A problem I have before running your method is that my computer restarts when I double click on the Creative volume control while running Cakewalk Sonar & Roland VSC (softwares I use for MIDI sequencing). I don't know if it is infection related or system conflicts. But now, I also observed that my yahoo messenger only slides in the taskbar when i click on it, needs right clicking to restore. Other than that, sometimes when I open up a software, another software/s also open up.

    Need your expert help. Thanks!



    Additional info: PC specs:

    WIndows xp sp3
    Pentium dual core E5200 2.50Ghz
    2gig kingston ram
    Creative Audigy soundblaster
     

    Attached Files:

    charliecab, Oct 16, 2009
    #1
  2. charliecab

    charliecab Private E-2

    Here are the 2 other logs
     

    Attached Files:

    charliecab, Oct 16, 2009
    #2
  3. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    I need the log from running MGTools:
    C:\MGLogs.zip
     
    TimW, Oct 19, 2009
    #3
  4. charliecab

    charliecab Private E-2

    I attached the MGlog & RRlog to another message of the same thread I think, and I'm having trouble how to make another post or reply with attachments to a thread...sorry. Nevertheless thanks again!
     
    charliecab, Oct 19, 2009
    #4
  5. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You had started a new thread for those logs. Please keep all your replies in this thread. I have merged the two and will look at them as I work thru my queue.
     
    TimW, Oct 19, 2009
    #5
  6. charliecab

    charliecab Private E-2

    Alrighty! :cool
     
    charliecab, Oct 21, 2009
    #6
  7. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Your logs are clean. I suggest that you post in the software forum for additional assistance.

    If you are not having any other malware problems, it is time to do our final steps:
    1. We recommend you keep SUPERAntiSpyware and Malwarebytes Anti-Malware for scanning/removal of malware. Unless you purchase them, they provide no real-time protection. They are useful as backup scanners.They do not use any significant amount of resources ( except a little disk space ) until you run a scan.
    2. If we had you use ComboFix, uninstall ComboFix (This uninstall will only work as written if you installed ComboFix on your Desktop like we requested.)
      • Click START then RUN and enter the below into the run box and then click OK. Note the quotes are required
      • "%userprofile%\Desktop\combofix" /u
        • Notes: The space between the combofix" and the /u, it must be there.
        • This will uninstall ComboFix and also reset hidden files and folders settings back to Windows defaults.
    3. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    4. If running Vista, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    5. Go to add/remove programs and uninstall HijackThis.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    7. If you are running Vista, Windows XP or Windows ME, do the below:
      • Refer to the cleaning procedures in step 3 the READ ME for your Window version and see the instructions to Disable System Restore which will flush your Restore Points.
      • Then reboot and Enable System Restore ato create a new clean Restore Point.
    8. After doing the above, you should work thru the below link:
     
    TimW, Oct 23, 2009
    #7
  8. charliecab

    charliecab Private E-2

    Thanks man! Your methods and additional procedures worked out very well. I'd recommend this to my friends. Everything runs smoothly now and I'm quite confident my pc is clean. Great tips you have, I've also installed a comodo firewall for web stalkers to slam onto it haha. Thanks a many guys, you rock! :major
     
    charliecab, Oct 29, 2009
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    You are most welcome....safe surfing. :)
     
    TimW, Nov 1, 2009
    #9

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds