Author Topic: is the virus gone?  (Read 2474 times)

0 Members and 1 Guest are viewing this topic.


  • Guest
is the virus gone?
« on: April 12, 2011, 12:45:48 PM »
okay, So last sunday, i was streaming a wrestling event, which i will never do again. cause this is probbaly been the most annoying shit ever...

so when i got it, the virus blocked firewall, and everything. i had to do a scan, i done it, it found a few and leted firewall work and let me use the internet again. So i went to download malwarebytes found 37 infected files, i deleted them thankfully... so i download avast, which is class, its good stuff. and i done a boot scan, And it found 3 rootkits, which avast said it deleted. and my computer seems alright, nothings happend yet. so how do i know if im safe?

i also done aswMER, which essexboy said to do. and it came up with

aswMBR version 0.9.4 Copyright(c) 2011 AVAST Software
Run date: 2011-04-12 11:21:33
11:21:33.081    OS Version: Windows 6.0.6000
11:21:33.081    Number of processors: 2 586 0xF0D
11:21:33.081    ComputerName: 123456-PC  UserName: 123456
11:22:00.334    Initialize success
11:22:11.644    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
11:22:11.644    Disk 0 Vendor: FUJITSU_MHY2200BH 0000000B Size: 190782MB BusType: 3
11:22:13.719    Disk 0 MBR read successfully
11:22:13.734    Disk 0 MBR scan
11:22:15.762    Disk 0 scanning sectors +390719488
11:22:15.981    Disk 0 scanning C:\Windows\system32\drivers
11:22:42.298    Service scanning
11:22:48.288    Disk 0 trace - called modules:
11:22:48.304    ntoskrnl.exe CLASSPNP.SYS disk.sys acpi.sys hal.dll ataport.SYS pciide.sys PCIIDEX.SYS atapi.sys
11:22:48.320    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8418f270]
11:22:48.320    3 ntoskrnl.exe[81ca80af] -> nt!IofCallDriver -> [0x840a7928]
11:22:48.320    5 acpi.sys[8047632a] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0x8408ebb0]
11:22:48.335    Scan finished successfully

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67198
Re: is the virus gone?
« Reply #1 on: April 12, 2011, 01:18:43 PM »
If it helps, the general cleaning procedure could be:

1. Clean your temporary files.
2. Schedule a boot time scanning with avast with archive scanning turned on. If avast does not detect it, you can try DrWeb CureIT! instead.
3. Use MBAM (or SUPERantispyware or even Spyware Terminator) to scan for spywares and trojans. If any infection is detected, it is better and safer to send the infected file(s) to quarantine (Chest), rather than simply deleting them.
4. Test your machine with anti-rootkit applications. I suggest avast! antirootkit or Trend Micro RootkitBuster.
5. Read this instructions and provide more info with the logs generated.
6. Clean your Hosts file (replacing it) with HostsMan tool.
7. Disable System Restore and then reenable it again.
8. Immunize your system with SpywareBlaster.
9. Check if you have insecure applications with Secunia Software Inspector.
The best things in life are free.