I have a real bad Trojan problem. [F]

[Formerly the latter]

Please do a full scan with MBAM and post back that log.

[WasTech]

None of these so called viruses really are that. bs226 is an old Bearshare app, bvort is a bi vortex app, IMesh is another old app. I think I need to delete some old app files. The SF is the stuff you guys said to get. None of the AV's told me to reboot. Next will be full scan log.


KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, June 24, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, June 24, 2008 17:28:04
Records in database: 881342
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 123935
Threat name: 6
Infected objects: 16
Suspicious objects: 0
Duration of the scan: 01:33:53


File name / Threat name / Threats count
D:\Good Apps2\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
D:\Trojans suck\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
D:\Trojans suck\SmitfraudFix.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f 1
D:\Zip Stuff\BS226.exe Infected: not-a-virus:AdWare.Win32.NewDotNet 1
D:\Zip Stuff\BS226.exe Infected: not-a-virus:AdWare.Win32.SaveNow.bg 1
D:\Zip Stuff\BS226.exe Infected: not-a-virus:AdWare.Win32.SaveNow.au 1
D:\Zip Stuff\bvort17.zip Infected: not-a-virus:AdWare.Win32.Aureate.a 6
D:\Zip Stuff\iMeshV2.exe Infected: not-a-virus:AdWare.Win32.Cydoor 4

The selected area was scanned.

[WasTech]

Hi, It says no problems. How do I know for sure?

Mbam FS log

Malwarebytes' Anti-Malware 1.18
Database version: 887

6:08:06 PM 6/24/2008
mbam-log-6-24-2008 (18-08-06).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 149211
Time elapsed: 26 minute(s), 7 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[Formerly the latter]

Please delete these files:

D:\Zip Stuff\BS226.exe
D:\Zip Stuff\bvort17.zip
D:\Zip Stuff\iMeshV2.exe

Tell me how that goes.

[WasTech]

Ok, they're deleted. They were saved in that folder for years. I don't think they were a problem.

[Formerly the latter]

You had to execute them for them to even do any damage

Step1 | ComboFix Uninstallation

I now need you to uninstall ComboFix. To do so please go to Start => Run, and copy/paste the following text in quotes:

"combofix /u"

ComboFix will flash and then state that it has been uninstalled. It will remove the tools, and archive folders we used during our fixing your computer to make it more cleanly.

Step2 | ATF Cleaner

Please download ATF Cleaner by Atribune.
This program is for XP and Windows 2000 only

• Double-click ATF-Cleaner.exe to run the program.
  Under Main choose: Select All
  Click the Empty Selected button.

If you use Firefox browser

• Click Firefox at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

If you use Opera browser

• Click Opera at the top and choose: Select All
  Click the Empty Selected button.
  NOTE: If you would like to keep your saved passwords, please click No at the prompt.

Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.

After that your clean. You'll have to post up your other issues in the Windows Support Forums

[WasTech]

Ok, I did everything. Are you sure it's clean? What was the name of the Trojan it had? Is there any way to tell when I got it? That was a nasty SOB.

[Formerly the latter]

I am completely sure it's clean. How many scans do you need to know that your computer is free of malware?

I am not sure on when exactly you got the malware, and I don't really have time to research into what exact infection you had. I get very busy with logs here, and running my own site. Sorry to not be more into the problem. Is there any reason why your so interested on information about your infection?

PM me if you want to keep discussing this. For now the thread is closed due to this being solved.