I have "b.exe" step 11 of malware removal, and step 12

By vaxinius
Mar 8, 2008
  1. Okay,

    So i've gone through all of the motions up to step 11.

    I've ran Panda Antirootkit programme. root kits were found.

    Step 12: ran combo fix

    log included as attachment

    I will update accordingly

  2. vaxinius

    vaxinius TS Rookie Topic Starter Posts: 16

    combofix.exe in step 12 snuffed out the problem file "b.exe" in system32 file.

    B.exe has been the only registry related issue teatimer picked up since i reinstalled xp on a partitioned drive a few months ago.

    Should I continue running through steps 13 to 15?

    I got the infection through Msn Messenger...stupid attachment came as a friends supposed favorite picture. If such a post happens again in msn, how exactually do i get the infection ?
    1.simple association with the infected computer email by being in my msn roster or,
    2. communication through msn with infected computer or,
    3.downloading the infected attachment

    Lastly, am i immune to it once its gone.

  3. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    You may need to remove B.exe manually.
    By first stopping the process (if exists) in Task Manager (Ctrl+Alt+Del) and then removing the file fully from system32 folder.

    Continue on with further steps

    To avoid this file (or others) in future. You will need a good Antivirus and firewall application, and you can run such programs as Spybots S & D TeaTimer (resident protection)

    Note: I have not looked at your attachment, because I believe you should run all steps first.

    Also, to make life easier (viewing your inevitable HiJackThis log) I would recommend disabling as many startups as possible. A simple tool that can be used to do this would be Startup Control Panel

    No just more cautious!
  4. kritius

    kritius TS Guru Posts: 2,084

    How do you know this?

    Continue with the rest of the steps and post the three requested logs together.
  5. vaxinius

    vaxinius TS Rookie Topic Starter Posts: 16

    finished step 13. Virus Scanner found no problems.

    finished step 14. AVG Spyware scanner found nothing either. attached log anyways.

    finished step 15. Attached Hijackthis scan log

    View attachment 29781

    View attachment 29783

    combo fix log is posted above there any easy way i can analyze the material in these logs?

    Again, thanks for your further assistance

  6. kimsland

    kimsland Ex-TechSpotter Posts: 14,524

    There are a number of websites that can check each file in your HJT log
    Here's two:

    Looking at your HJT log, all looks clean though.

    You may receive other replies (ie "No File" HJT cleaning up)
    But generally all's ok. I believe your next approach would be to remove some (if not all) of these Startups and then run CCleaner through your system.
    And finally confirming System Restore is enabled, and doing a full Defrag.

    All done.
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...