Using 8-step removal for Win32:Rootkit-gen [Rtk], VBS:Malware-gen, Win32:Trojan-gen

By dessela ยท 5 replies
Feb 6, 2010
  1. As just said in my introductory lines - keep my fingers crossed that everything is just fine with my PC now.
    I followed step-by-step the 8-step Viruses/Spyware/Malware Prelimiary Removal Tool. No doubt, I shall be using the installed programs from now on, because there isn't always going to be enough time to look for the suitable remedy.
    At that moment everything seems safe and sound - no more sign of the viruses and/or the rootkits I had before.

    Thankful to all of you who had worked on the issue and shared the expertise.

    Here I do attach an Avast log where the infections (that my PC used to have) are listed, and a hijackthis.log showing the results after the 8-step Viruses/Spyware/Malware Prelimiary Removal Tool has been executed twice. The other two logs - namely the SUPERAnti Spyware one and the Malwarebytes' anti Malware one, show no evidence of infections. Please, I need your feedback is everything there OK or else - some suspicious lines are present... Thank you in advance.

    Attached Files:

  2. Archean

    Archean TechSpot Paladin Posts: 5,690   +96

    1. Re-run Avast; rescan and clean out everything AVAST has found (as logged in the avast log)
    2. I've quick scanned your hijackthis log, and there seems to be nothing special in it; however, once you have ran avast as i said above, re-run hijackthis and post the log again. I am unsure why at 09 with regard to Windows Live Writer needs examination.

    Also please note that once you clean out all the badies from your PC, you will also have to get rid of infected restore points. I will guide you through that as well; when we get there.
  3. dessela

    dessela TS Rookie Topic Starter

    Said and done :)

    Thank you, Archean - I did re-scan - Avast found nothing :) And here's the new hijackthis log - have a look, please.
    I've already got rid of all the restore points and also of the 'mountpoints2' :))) Have never heard of these two issues until two days ago, but am a good student.
    Oh, and I have disabled the autorun option on all drives of all my computers ;) - I like surprises but let them be good ones ;)
    My OS is waiting for your verdict, Archean.

    Attached Files:

  4. Archean

    Archean TechSpot Paladin Posts: 5,690   +96

    1. C:\WINDOWS\BR040286.exe <== it may well be a legitimate file (probably webcam's driver/un-installation related file; but do have a look at it.
    2. @ 09: there are two entries for Windows Live Writer; but they seems bit odd to me; although they are not suspicious IMHO.

    Rest looks fine to me; and as you already pointed out you've gotten rid of all infected restore points so you should be safe.
  5. dessela

    dessela TS Rookie Topic Starter

    no more worries then

    looked for the BR040286.exe - related to an USB cam
    the Live Writer - obviously I can live with it :LOL:
    Thank you for helping me, Archean!
  6. Archean

    Archean TechSpot Paladin Posts: 5,690   +96

    You are welcome; take care.
Topic Status:
Not open for further replies.

Similar Topics

Add your comment to this article

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...