Avast has detected both Win32 Malware-gen and Win32 Trojan-gen. I have run full scan, quick scan, boot scan, and Avast can’t seem to remove. Sometimes it is able to remove (delete or move to chest) infected files, but sometimes not. Also, I have found that as long as I am connected to the internet, something is downloading more viruses on my computer. In the last few days I have only connected long enough to download updates to virus removal tools. I am unsure as to whether MBAM has removed the problem, but I don’t really want to reconnect to the internet and contract more viruses.
I am hoping someone can read the logs and tell me what I still need to do.
MBAM:
Malwarebytes’ Anti-Malware 1.46
www.malwarebytes.org
Database version: 4277
Windows 5.1.2600 Service Pack 3
Internet Explorer 8.0.6001.18702
7/5/2010 9:55:18 AM
mbam-log-2010-07-05 (09-55-18).txt
Scan type: Quick scan
Objects scanned: 129457
Time elapsed: 10 minute(s), 38 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 1
Registry Values Infected: 2
Registry Data Items Infected: 0
Folders Infected: 4
Files Infected: 4
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\BILEVSE (Rogue.RegTidy) → Quarantined and deleted successfully.
Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Malware.Trace) → Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\reader_s (Malware.Trace) → Quarantined and deleted successfully.
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
F:\Documents and Settings\Bryan\Application Data\BILEVSE (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Application Data\BILEVSE\RegistryConvoy2009 (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Application Data\BILEVSE\RegistryConvoy2009\Backup (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Application Data\BILEVSE\RegistryConvoy2009\Backup\Registry (Rogue.RegTidy) → Quarantined and deleted successfully.
Files Infected:
F:\RECYCLER\S-1-5-21-448539723-796845957-839522115-1004\Df108.exe (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Local Settings\Temp~nsu.tmp\Au_.exe (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Application Data\BILEVSE\RegistryConvoy2009\Backup\Registry\20100610203524.reg (Rogue.RegTidy) → Quarantined and deleted successfully.
F:\Documents and Settings\Bryan\Application Data\avdrn.dat (Malware.Trace) → Quarantined and deleted successfully.