Am i infected?

Viruses and worms
1

Hi guys,
I once had w32/nsAnti and inf:autorun-c[trj] infections on my system. Now, after running the a couple of antivirus programs(including avast) and anti-spyware programs, i can’t ind them anymore. However, my system doesn’t seem to be running smoothly. What can i do to be certain that my system is free of malware?

2

Please do the following steps in the order that they are posted. It is important that the .bat be ran first.

Download this file queerymountpoints.bat from the link below and save it to your desktop

http://cid-32d8666f4048075b.skydrive.live.com/browse.aspx/Malware%20files

Plug in your USB device and double click the .bat file you just downloaded to run it. A notepad entitled Mountpoints.txt will appear on your desktop when it has finished. Please include that file in your next reply.

Download ComboFix from Here or Here to your Desktop.

Double click combofix.exe and follow the prompts.

When finished, it shall produce a log for you. Post that log and a new HJT log in your next reply
Note: Do not mouseclick combofix’s window while its running. That may cause it to stall.

Click here to download HJTsetup.exe

[*]Save HJTsetup.exe to your desktop.
[*]Doubleclick on the HJTsetup.exe icon on your desktop.
[*]By default it will install to C:\Program Files\Hijack This.
[*]Continue to click Next in the setup dialogue boxes until you get to the Select Addition Tasks dialogue.
[*]Put a check by Create a desktop icon then click Next again.
[*]Continue to follow the rest of the prompts from there.
[*]At the final dialogue box click Finish and it will launch Hijack This.
[*]Click on the Do a system scan and save a logfile button. It will scan and the log should open in notepad.
[*]Click on “Edit > Select All” then click on “Edit > Copy” to copy the entire contents of the log.
[*]Come back here to this thread and Paste the log in your next reply.
[*]DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.

You can either copy and paste the requested logs or attach them to your next reply. (copy and paste will require multiple posts)

mountpoint.txt
combofix log
HJT log

3

Do not install two antivirus at the same time. You can use on-line scanners for that…

I suggest:

  1. Disable System Restore and reenable it after step 3.
  2. Clean your temporary files.
  3. Schedule a boot time scanning with avast with archive scanning turned on.
  4. Use AVG Antispyware; SUPERantispyware and/or Spyware Terminator to scan for spywares and trojans. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.
  5. Test your machine with anti-rootkit applications. I suggest AVG or Trend Micro RootkitBuster.
  6. Make a HijackThis log to post here or, better, submit the RunScanner log to to on-line analysis.
  7. Immunize your system with SpywareBlaster or Windows Advanced Care.
  8. Check if you have insecure applications with Secunia Software Inspector.