Possible multiply infections including cool.vbs virus

[Ricky Vybz]

Hello everyone,

I have a system that has been exposed to an infected flash drive that had infected another computer with the cool.vbs virus. With the help of magna86 and other members on this forum I was able to neutralize the cool.vbs virus along with other issues on that system and also clean/fix the infected flash drive .

Now this system I currently looking into was exposed to the same infected flash drive and unfortunately there was no anti-virus software installed on the system, hence I am not sure whether or not it got infected, also since it had no anti-virus software installed I am assuming there could be many other viruses hanging out on it. I have not had any adverse issues with the system, everything runs okay but to be on the safe side I want to ensure that it is clean after which I will install a version of Avast on it. The system is running Windows 7 Ultimate (32 bit). I have attached the various logs and I ask for your help in identifying any viruses that are on the system and help me to remove them.

I look forward to the expert advice and knowledge of members of this forum.

Thanks in advance,

Ricky. 

[Ricky Vybz]

More logs...

[Pondus]

removal guys are notified.   


you may run AdwCleaner again... and click clean

[essexboy]

Looks like MCShield and MBAM between them got it

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

• Under the Custom Scans/Fixes box at the bottom, paste in the following
  
  
  

Code: [Select]

:Commands
[CREATERESTOREPOINT]

:OTL
[2013/09/18 05:49:46 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\ffxtlbr@babylon.com
O2 - BHO: (Babylon toolbar helper) - {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\bh\BabylonToolbar.dll (Babylon BHO)
O3 - HKLM\..\Toolbar: (Babylon Toolbar) - {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files\BabylonToolbar\BabylonToolbar\1.6.9.12\BabylonToolbarTlbr.dll (Babylon Ltd.)
O3 - HKU\S-1-5-21-3371199651-1158534765-2135718783-1000\..\Toolbar\WebBrowser: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No CLSID value found.
[2012/09/04 15:37:07 | 000,000,000 | ---D | M] -- C:\Users\SUPERUSER\AppData\Roaming\BabylonToolbar

:Commands
[resethosts]
[emptytemp]
[Reboot]

• Then click the Run Fix button at the top
  
• Let the program run unhindered, reboot the PC when it is done
• Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

[Ricky Vybz]

Thanks for the speedy response, you guys are awesome 

The OTL scan is attached as OTL2.txt, after the Run/Fix was done a log report was produced, I also attached that log.

[essexboy]

How is the computer running .. Any problems ?

[Ricky Vybz]

I am not having any problems with the computer, as I said earlier everything was running okay but I just wanted to make sure it was clean since I know that a known infected flash drive was plugged into the system. It boots up faster now and I am not having any problems at all.

Does the logs show that the system is clean now? Thanks much.

Ricky

[essexboy]

Yes the system looks clean, all I had left to remove was some adware

Run OTL and press the cleanup button to remove it