A double check please

[jamiebosco]

Hi,Did a couple of scans with SAS yesterday and found some files called  "trace.known threat sources" SAS removed them but I'd like you guys to please just double check that their definitely gone.
OS is windows 7 Home Premium
Thanks
Jamie
Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7827

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

29/09/2011 10:22:13 PM
mbam-log-2011-09-29 (22-22-13).txt

Scan type: Quick scan
Objects scanned: 178669
Time elapsed: 1 minute(s), 35 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[mikaelrask]

hey and welcome to the forum jamiebosco. someone of our malware expert here will check those logs and give you further instruction if needed.

are you having any trouble on your computer after sas had removed those threts?

what avast version you using free/pro/suite?

[Pondus]

also attache SAS log so that essexboy can see what was removed   

[jamiebosco]

hey and welcome to the forum jamiebosco. someone of our malware expert here will check those logs and give you further instruction if needed.

are you having any trouble on your computer after sas had removed those threts?

what avast version you using free/pro/suite?

No problems at the moment,computer is a little slow at times but nothing major.

I'm using avast free ( 7.0.1426).

I scanned with malwarebytes right before SAS and MBAM didn't find anything.The first SAS scan found 1 file (trace.known threat sources)and removed it and asked me to restart.After the restart I scanned again and found 2 files ("trace.known threat sources" again)and restarted again.Scanned again after restart and came up clean.Have scanned several times today with no more files
Thanks
jamie

[jamiebosco]

also attache SAS log so that essexboy can see what was removed   

sorry I've done quite a few SAS scans since the 2 that found the "trace.known threat sources" files and now the only logs available to see are clean ones
The files are still in quarentine if that helps?
jamie

[Pondus]

And one more thing......the malwarebytes log You posted is from 2011-09-29

[jamiebosco]

And one more thing......the malwarebytes log You posted is from 2011-09-29

Whoops!   it was the one at the top so I thought it was the newest
I'll do another one now
thanks

[jamiebosco]

And one more thing......the malwarebytes log You posted is from 2011-09-29

Malwarebytes Anti-Malware 1.60.1.1000
www.malwarebytes.org

Database version: v2012.03.25.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Jamie :: JAMIE-PC [administrator]

25/03/2012 3:43:35 PM
mbam-log-2012-03-25 (15-43-35).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 207590
Time elapsed: 1 minute(s), 49 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

[essexboy]

Nothing apparent in the logs - is it just a general slowness that you are getting or only on boot ?

[jamiebosco]

Nothing apparent in the logs - is it just a general slowness that you are getting or only on boot ?

Hi,
Just general slowness really,nothing too bad.Internet explorer has shut down on me a few times lately as well,that's what prompted me to do the MBAM and SAS scans in the first place.Maybe Java related?
Thanks for the help
jamie

[essexboy]

No problem - empty the temp files and run a defrag, that sometimes helps

 

[polonus]

Hi jamiebosco,

It migt be a good idea to visit here: secunia.com/vulnerability_scanning/online/ 
There you could do a check of the software on your comp is fully updated and patched,

polonus

[jamiebosco]

I did a scan with TDSS and it found a file but won't let me cure it,I can skip,copy to quarentine,and delete
Here's the log

[essexboy]

\Device\Harddisk1\DR1 ( TDSS File System )

This can be deleted, it is a copy of the malware files (inert) 

[jamiebosco]

Thanks again for the help,seems all clear at the moment

jamie