Infostealer.gampass infection

Trojan.ByteVerify was detected

Detected by what Norton?

And what did it do fix,delete, quarantine or what?

Mike

EDIT:

Update then run SAS
Click Preferences-Repairs
Then counting down from top do the following entries
Numbers 6, 8, 11, 12, 13,18, 19, 23 and 24!

Superhidden files

Click Start-Run.

Type in regedit in the box and click OK
regedit opens, navigate through HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced.
Right-click on ShowSuperHidden and select Modify.

1 to show 0 to hide

Change the value to 0 and click OK to save your changes.

Reboot and test report results

Mike

Norton, it autodeleted, sorry, i have to go for the rest of the day. Do you think that progress has been made?

I am not sure but do you have time to do the edit in my last post.

Mike

Test report results? ill do it now (only have to go before 8:20)

without restarting it is now hiding the superhidden files

OK Good, reboot retest and do the Autoruns and RunScanner tomorrow and have a good night.

Mike

EDIT:
You said

I asked

You said

Not to be sorry. We can not stop Virus/Malware from trying to get on the system so be glad Norton did its job and detected and handled it.

Sorry, I hav'nt been on because of the time pertinent thing i mentioned in my opening post. I may be on tommorow if i have time. I have not given up or solved it

OK I'll try to be here!

mike

Hopefully this is a good thing, and not a new virus. mbam detected 6 objects, which seemed to have been removed properly. immediately afterward, my computer logged off and shut down, before i could save the log file. Luckily i took a screenshot of the results. The results surprise me, as the programs seem extremely safe. It's website is rated green in WOT and Mcafee site advisor, without any comments warning of Trojans etc.

mbam detect is an uncompleted scan run on the 2nd, and redkawadetect a completed on the third.

I have yet to run a second mbam scan, have downloaded http://technet.microsoft.com/en-us/sysinternals/bb897445.aspx to run, will download others like ad-aware, will manage my files to see if anything is odd. will screenshot nortons initial detection details, and will run autoruns and runscanner.

Is there anything i have forgotten?

Run MBAM click Logs. Attach back the bottom 2 logs!

Then run ComboFix to be sure!

After this I think we will be clean and any remaining issues should be system and not malware related!

A status report of how computer is running and what we need to address now!


Mike

the rootkit revealer service cannot run/install

It could be the Virus scanner or other security protections on your computer.

Try the install in Safe Mode and don't just double click, rt click and chose Run as Administrator.

What are we down to now, what are the remaining issues.

Mike

The remaining issues will be stated as soon as i have time to compile them. One major one would be that there is not the slightest garuntee that i have gotten rid of the main virus

the other log file is too big

You may have gotten it that time. There were several new ones found and deleted.

You may be getting reinfected, from a website, email, music or video file

These were all related to P2P file sharing!

Update and run both MBAM and SAS quick scans to confirm no more found.

Follow that with a ComboFix scan.

Mike

How is it that they are all related, when most are components of programs that have been recently installed?

How?

You apparently downloaded and installed infected programs!

Not saying the programs are bad but the place you got them likely was already infected when you downloaded them.

youtube downloader app (Trojan.Downloader) -> Quarantined and deleted successfully.
psp video 9 (Trojan.Downloader) -> Quarantined and deleted successfully.
videora ipod touch converter (Trojan.Downloader) -> Quarantined and deleted successfully.

Mike

I appologize, i meant to say "How do you know they are all related with P2P"

It may help me understand the source of the infection