Am I Clean Now?

By bruzynski
Nov 26, 2008
  1. I would appreciate of someone could have a look at my logs and indicate whether I'm clean or not.

    Ok I have run the 8 steps. and since i've been reading etc. i have also run some of the other tools too. I am posting these logs including the AVG log that told my i first hada problem (anti-virus 2009). I didn't have too many problems running the tools, only at first with malware i had to change the name and run in safemode and that first run took more than 8hrs (i think casue i was asleep).

    Hopefully I got close to clean and can just get a bit of a checkup and then clean the tools.

    Thanks for all your help.

  2. bruzynski

    bruzynski TS Rookie Topic Starter Posts: 28

    more log files
  3. bruzynski

    bruzynski TS Rookie Topic Starter Posts: 28

    and yet one more
  4. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    It's always helpful to give us some explanation of what the problem is-or was. Tossing the logs out with no explanation is not the way to get the best help. It's interesting to note that where you posted the 5 Mbam logs, all were clean except for one entry in the third listed log.

    Okay, let's get these handled first:
    Did you remove the Trojans in the AVG vault?
    Update AVG:
    Update Java:
    Update Adobe:

    When all the updates have been done:
    Control Panel> Add/remove Programs> uninstall old AVG 7, Java v6u7 and Adobe 7.

    You have McAfee Free scan running in the background. It needs to be stopped.

    Please run SuperAntispyware- this is good to check for tracking Cookies as well as other malware entries and Cookies can be reset to prevent 3rd party tracking Cookies in the future. Follow by rescan with HijackThis. Attach both logs.

    You don't need tor rerun the other programs. But it would be helpful to know what problems you were experiencing and what the system status is now.

    EDIT: DO NOT use System Restore, The malware is in the restore points. We will drop those at the end of the cleaning.
  5. bruzynski

    bruzynski TS Rookie Topic Starter Posts: 28

    Thank you for your help.

    I have a little more info.

    What happened:
    SImilar to others. I was surfing and my computer poped up a couple of windows and stuff telling me that i had a virus and when i tried to close them etc. my computer restarted. When it came back up i had antivirus 2009 installed on my desktop and a balloon notification in my task bar telling me i had a virus and to run/download antivirus 2009 etc. like a retard i clicked on the balloon and when antivirus 2009 started running i pulled all my plugs and started killing processes and stuff and then powered down and started reading the 'security & the web' topic (where i meant to post this thread).

    I tried to follow the 8 step process suggested in the FAQ threads. It was a long process and i had to do a number of things that i saw suggested in other threads to get the tools working. I am including two more mbam logs which are the first two that ran. The first was in safe mode run from a different user than the original infection and with mbam renamed. The second is the first full scan with mbam.

    since then i have been rather busy and haven't had the time to deal properly with this. what I have been doing is running mbam and sas and ccleaner and avg everyday (with all of therie updates). things seem to be running smoother than they have in months (this may be an illusion as this computer is not often used).

    which brings me to the next post i shall make...
  6. bruzynski

    bruzynski TS Rookie Topic Starter Posts: 28

    Avg has been updated...on a full scan it found

    Grove.x32 adware generic2.KBT

    Java has been updated

    Acrobat reader has been updated

    avg 7 has been uninstalled

    i can not find java 6.7 nor adobe 7 to uninstall...but i may have done this last week sometime...getting old and can't remember

    i can not find McAfee Free scan running in the background...i may need help to find it.

    finally i have updated and run sas and hjt and am attaching the log files to this post.

    Thanks to you again.
  7. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    Okay then. Next time you ask for malware cleaning help, give us the problems right up front.

    Have SAS Remove the Tracking Cookies.
    Reset Cookies:
    Mbam logs:
    The HijackThis log looks good- with one exception> you have a lot of processes loading at startup that will slow you down> things like Creative SB Live, QuickTime, Pixami Image Control, IPIX, Linkedin Contact Finder, MSN Photo Upload Tool, Adaptec, for instance. These are valid programs, but they don't need to start on boot. That will slow you start up, surf and shutdown times.

    If you want to work on that:
    You will get a nag message that you can ignore after checking 'don't show this message again'. Stay in Selective Startup.

    All of those processes you took off of Startup can be started manually when you need them by using All Programs to access the program.

    You should also consider getting a firewall:
    We can remove the cleaning programs now:
    Clear your existing System Restore points and establish a new clean restore point:

    Go to Start > All Programs > Accessories > System Tools > System Restore> Select Create a restore point> OK.
    1. Next, go to Start > Run and type in cleanmgr
    2.Ensure the selection is on C:\ and click on OK"-
    3. Select the *More options* tab
    4. Choose the option to clean up System Restore and OK it.
    This will remove all restore points except the new one you just created. [/QUOTE]
  8. bruzynski

    bruzynski TS Rookie Topic Starter Posts: 28


    thank you very much...i will work on and get back again tomorrow.
  9. Bobbye

    Bobbye Helper on the Fringe Posts: 16,335   +36

    You're welcome. Let us know if you need more help.
  10. Tedster

    Tedster Techspot old timer..... Posts: 6,000   +15

    In the future please post security questions in the security forum. thanks! ;)
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...