LandzDown Forum

Hi Woody189,

Welcome back. Is this the same Toshiba that had the virus back in April of this year? Are you able to tell us what BitDefender reported as having been detected? Please follow the directions shown below and supply the information requested, also, we would prefer it if you don't go off and do your own thing without telling us - thre are a lot of snake oil salesmen out there on the net.

Please download ATF Cleaner by Atribune from http://www.atribune.org/index.php?option=com_content&task=view&id=25&Itemid=25 .  Save it to your Desktop.

Run ATF Cleaner

• Double-click ATF-Cleaner.exe to run the program.
• Click Select All found at the bottom of the list.
• Click the Empty Selected button.
• Click Exit on the Main menu to close the program.
• Shutdown/restart the computer.

Next Please download Malwarebytes' Anti-Malware to your desktop.

• Double-click mbam-setup.exe and follow the prompts to install the program.
  
• At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select Perform full scan, then click Scan.
  
• When the scan is complete, click OK, then Show Results to view the results.
  
• Be sure that everything is checked, and click Remove Selected.
  
• When completed, a log will open in Notepad.

Please save it to a convenient location.
The log can also be found here: C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt

• Please post contents of that file in your next reply.

woody189,
It is always best to carry on posting till your PC is all clear as that way we know it is clean not only is it in your interest but it can ofern help other who come here for help

GR@PH;<'S   

I THINK it worked.  Here's the log in case you're still interested:

Malwarebytes' Anti-Malware 1.38
Database version: 2414
Windows 5.1.2600 Service Pack 3

7/13/2009 7:19:49 AM
mbam-log-2009-07-13 (07-19-41).txt

Scan type: Full Scan (C:\|)
Objects scanned: 162830
Time elapsed: 45 minute(s), 18 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 3
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 2

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Cognac (Rogue.Multiple) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\XML (Trojan.FakeAlert) -> No action taken.
HKEY_CURRENT_USER\SOFTWARE\ColdWare (Malware.Trace) -> No action taken.

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Cognac (Trojan.FakeAlert) -> No action taken.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
c:\WINDOWS\Tasks\{5B57CF47-0BFA-43c6-ACF9-3B3653DCADBA}.job (Trojan.FakeAlert) -> No action taken.
C:\WINDOWS\Tasks\{783AF354-B514-42d6-970E-3E8BF0A5279C}.job (Trojan.Downloader) -> No action taken.



I have a question though.  Why is it that Bitdefender didn't find/remove all the viruses, and Malware did? IS it just because Malare is a better program, or because Bit as just online or what?  Just wondering.

thanks again.

From your other thread:  "I got it to reformat my whole harddrive.  I backed everything I needed up, so it's not that bad of a thing."

Unless the backup includes infected files.

Once the machine is infected, anything pulled off of it at that point is suspect.  If you did carry out the format, before you brought files back in from the backup, were they scanned first, or at a minimum, was there some form of real-time antimalware protection keeping an eye on things?  In any case, even with these practices, the files are still suspect.  Proceed with caution when pulling files from this fileset.

//A

Oh, and I only kept some important emails and old documents. 

No music, programs, vids, or anything downloaded.

Make sure you update Malwarebytes >> the newest version 1.39 just released.
Don't be surprised if it askes you to reboot the computer after the update it did on this desktop,
tho it didn't on the laptop top or the other desktop..

Paddy..

"emails and old documents" fall within the scope of anything in the sentence,

//A

Wow.. Sorry, I'm not exactly computer savvy, hence the thread.

I understand it's possible (then again, what isn't), but I don't think that's where it came from.

Everything was fine, and I recently downloaded a file, and then started to have problems.  When I ran the virus scan, the file I d/led was one of the files that came up as being infected.  It was then supposedly fixed, but I'm still having the problems.

Paddy, after I completed the scan, I realized that I didn't update.  I updated, rebooted, and reran the scan and still nothing came up as being infected.  Thanks for the idea though.