I dont know...

if im totally safe from the virus attack that happened recently. Avast has always been able to block any attacks that I have encountered with. But for some reason this time it didnt. I noticed I got attacked because I was on Microsoft Word and the document started acting weird and it totally erased the file completely. I put Avast and did a full system scan and found that it had almost 200 infected files!!! WOW!!!

Though since this is the first time that this has happened to me using Avast, I got scared and didnt follow proper instructions from the tips. So what I did was looked at the scan log where the virus result was and saw all the infected files and put them to move chest. Avast told me then it would have to reboot. So I accepted.

After restart it would seem everything was back to normal, I even did a system restore point to last week (I don’t know if that would help or not) and did another full system scan on Avast and the log looked clear no viruses.
Though I did notice that some of the file names in the scan log where they were suppose to go the chest and I dont see any of those files in the chest. Which seems weird to me.

So I dont know if I’m fully virus disinfected or not. Im currently running Malware Bytes to see if it is totally clean but still not sure.

Any help in this matter would be greatly appreciated and any thing else that I can add here please let me know.

can you post avast log or a screen shot so we can see what was detected?

Ok here it is… I dont even know how to put this any smaller. Also Included is the finished MBAM log which now found no malicious items.

http://i47.tinypic.com/am4l06.jpg

Malwarebytes’ Anti-Malware 1.44
Database version: 3798
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702

9/19/2012 12:20:49 PM
mbam-log-2012-09-19 (12-20-49).txt

Scan type: Full Scan (C:|)
Objects scanned: 272930
Time elapsed: 1 hour(s), 49 minute(s), 58 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

Though I did notice that some of the file names in the scan log where they were suppose to go the chest and I dont see any of those files in the chest. Which seems weird to me.
well as the log say, error not supported

if you look on top of the log where it say “Severity” just in front of the word is a vertical bar …put your mouspointer on it and drag sideways until you can see the full file path …take a new screenshot and post

Ok here it is…

http://i45.tinypic.com/30ikh9k.jpg

seems to be from windows update … i think there have been a couple of similar cases here
possible if you did a scan at the same time as windows updated ?

anyway i will PM essexboy so he can have a look

Was a windows update in progress or had you just updated

I wouldn’t know if it just got updated but I dont think so because that annoying screen telling me that Windows will upgrade would you like to upgrade now or later didnt pop up.
Also I dont think it was a false positive as I said about the document I was working on. The document just went all haywired moving up and down the screen and it totallly deleted my file.
Then recently I tried to search for the document, the comp. found it and when I tried to open it, it told me that it could not open due to it being corrupt.

Also the result of the Error: the result is not supported was before I hit the repair button. For some reason I thought that could help and those messages came up. Before that happened the result was that it was waiting to reboot for further actions (something similar to that).

Lets have a quick looksee then

Download OTL to your Desktop

[*]Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

https://dl.dropbox.com/u/73555776/OTL_Main_Tutorial.gif

[*]Select All Users
[*]Under the Custom Scan box paste this in
netsvcs
BASESERVICES
%SYSTEMDRIVE%*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
/md5stop
CREATERESTOREPOINT

[*]Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
[*]When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
[*]Post both logs

attach the log …not copy and paste …or you have to use 10 posts

Ohhhhh i am sorry… wow thats embarrassing lol…

we all had a first time in this forum. ;D

anyway essexboy have logged out for today so come back tomorrow

Nope looks OK bar one bad programme (Adware stuff)

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL

[*]Under the Custom Scans/Fixes box at the bottom, paste in the following

https://dl.dropbox.com/u/73555776/OTL_Fix.GIF

:OTL
IE - HKU\S-1-5-21-2000478354-1303643608-725345543-1003\..\SearchScopes,DefaultScope = {999CFA8D-6790-42C2-9824-D6C8AF366110}
O2 - BHO: (Fantapper) - {8A86D350-37AB-410A-8531-7D1363F317B3} - C:\Program Files\Brand Affinity Technologies\Fantapper Player\\IEInstaller.dll ()
O3 - HKU\S-1-5-21-2000478354-1303643608-725345543-1003\..\Toolbar\WebBrowser: (no name) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No CLSID value found.

:Files
C:\Program Files\Brand Affinity Technologies

:Commands
[purity]
[resethosts]
[emptytemp]
[CREATERESTOREPOINT]
[Reboot]

[*]Then click the Run Fix button at the top
[*]Let the program run unhindered, reboot the PC when it is done
[*]Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Ohhh ok…

heres the log after quick scan

How is the computer behaving ? Any problems ?

The comp is behaving… no problems what so ever. Thanks for your time and help in getting me through this stressful situation.

No problem, run OTL and press the cleanup button to remove it