How can I be sure if I am still infected with "Win32/Small.CA" virus".

Page 4 of 10 FirstFirst ... 23456 ... LastLast

  1. Posts : 8,608
    Windows 7 Ultimate 32bit SP1
       #31

    Download Security Check by screen317 from here http://screen317.spywareinfoforum.org/SecurityCheck.exe or here http://screen317.spywareinfoforum.org/
    Save it to your Desktop.
    Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
    A Notepad document should open automatically called checkup.txt.
    Please post the contents of that document.

    Also,

    Download CKScanner from here http://downloads.malwareremoval.com/CKScanner.exe
    Save it to your desktop. <=== IMPORTANT
    Doubleclick CKScanner.exe and click Search For Files.
    After a very short time, when the cursor hourglass disappears, click Save List To File.
    A message box will verify that the file is saved.
    Double-click the CKFiles.txt icon on your desktop and copy/paste the contents in your next reply.

    Please post the .txt logs from both scanners.
      My Computer


  2. Posts : 207
    Windows7 Pro x64
    Thread Starter
       #32

    1. From my Home PC (Win 7 x64)
    a) Checkup.txt

    Results of screen317's Security Check version 0.99.54
    Windows 7 Service Pack 1 x64 (UAC is disabled!)
    Internet Explorer 9
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    Microsoft Security Essentials
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    Malwarebytes Anti-Malware version 1.65.1.1000
    JavaFX 2.1.1
    Java 7 Update 9
    Adobe Flash Player 11.4.402.287
    Adobe Reader X (10.1.4)
    Mozilla Firefox (9.0.1)
    Google Chrome 21.0.1180.83
    Google Chrome 21.0.1180.89
    Google Chrome 22.0.1229.79
    Google Chrome 22.0.1229.92
    Google Chrome 22.0.1229.94
    ````````Process Check: objlist.exe by Laurent````````
    Microsoft Security Essentials MSMpEng.exe
    Microsoft Security Essentials msseces.exe
    Malwarebytes' Anti-Malware mbamscheduler.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 5%
    ````````````````````End of Log``````````````````````


    b) ckfiles.txt - looks suspiciously small (!)

    CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
    scanner sequence 3.MN.11.SHAPAC
    ----- EOF -----
      My Computer


  3. Posts : 207
    Windows7 Pro x64
    Thread Starter
       #33

    2. From my WinXP Pro laptop

    a) Checkup.txt

    Results of screen317's Security Check version 0.99.54
    Windows XP Service Pack 3 x86
    Internet Explorer 8
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    AVG Anti-Virus Business Edition 2012
    Antivirus up to date!
    `````````Anti-malware/Other Utilities Check:`````````
    SUPERAntiSpyware
    Malwarebytes Anti-Malware version 1.65.1.1000
    CCleaner
    Adobe Flash Player 10 Flash Player out of Date!
    Adobe Flash Player 10.3.183.7 Flash Player out of Date!
    Adobe Reader 9 Adobe Reader out of Date!
    Mozilla Firefox (9.0.1)
    ````````Process Check: objlist.exe by Laurent````````
    AVG avgwdsvc.exe
    AVG avgtray.exe
    AVG avgrsx.exe
    AVG avgnsx.exe
    AVG avgemc.exe
    Malwarebytes' Anti-Malware mbamscheduler.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C:: 18% Defragment your hard drive soon! (Do NOT defrag if SSD!)
    [b][u]

    b) ckfiles.txt

    CKScanner 2.1 - Additional Security Risks - These are not necessarily bad
    c:\program files\adobe\adobe dreamweaver cs5\configuration\taglibraries\html\keygen.vtm
    scanner sequence 3.NA.11.DOAPNH
    ----- EOF -----
      My Computer


  4. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #34

    The performance of the computers will improve once you defragment those disks, but wait until Jacee has helped you clean out the malware.

    Be careful of that keygen on the XP laptop!
      My Computer


  5. Posts : 3
    Windows 7 Home Premium 64bit
       #35

    If I saw any sign of any virus I would immediately pick my Acronis CD, boot my PC from the CD and reinstall an image of the C: drive. An Acronis image of the C: drive is a single compressed file in .tib format.

    You don't need to buy Acronis to create an image of C: or to reinstall the image whenever you want or to create a bootable Acronis CD. You can do all 3 tasks with the free trial version.

    Therefore I don't understand why people are trying to solve virus problems. Instead trying to solve them you can just reinstall a C: image that you have created the first day you installed windows.

    The result is very much like formatting your C: drive and then reinstalling windows and all the programs. However the difference is with Acronis it takes me only 2 minutes to do it for windows 7 using Acronis 2013.

    Another big advantage of drive imaging is that you can use it as an optimization tool to create the perfect settings for every piece of software on your computer without any disadvantage of aging. The way you do this is to record changes that you make in various programs, such as windows, word, excel, photoshop. Just keep a simple list in notepad. Then when the list is long enough, go back to the first day of windows using Acronis and re-apply all the changes to the fresh windows and other programs and take another image. This way the windows in your image file will always be less than one day old.

    Of course you need to keep all your documents and your firefox and thunderbird profiles in the D: drive and you can encrypt the D: drive if you want to protect your files and passwords against theft.
      My Computer


  6. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #36

    @vincenso - go back and read post #8
      My Computer


  7. Posts : 3
    Windows 7 Home Premium 64bit
       #37

    Golden, I had a look at shiphen's message in #8 and I also ready DavidW7ncus' message in #6 where he suggests drive imaging.

    I think the OP is doing something something wrong. Maybe he is not dividing his data from his C: drive or if he does, he is not going back to day 1 to take new c: backups.

    From #8:
    shiphen said:
    My problem is that as I dont know when the infection happened, I am now unsure whether these backups have been infected.
    That's why I suggested that the system image should be taken the first day windows was installed. If this is not the case then C: should be re-formatted and windows re-installed and all the programs installed and Acronis image taken. The free trial version is enough. It is a no brainer. It takes me 62 seconds to reinstall a C: image of windows 7 on a i5 computer with SSD.

    As you can see, the method I'm suggesting would solve OP's problem. You should not take a backup of your system from time to time. The backup should be taken on day 1 of windows and any changes to the backup file should be done after you reinstall the backup and go back to day 1 thus keeping the backup always less than 1 day old.
      My Computer


  8. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #38

    I agree about the imaging......Macrium is also popular here.:)

    Unfortunately, however, it doesn't help the current situation. He is in good hands with Jacee - she knows her stuff, so hopefully he can get to a situation where he can have something reasonably clean to work from, rescue his data and then consider a clean install/imaging strategy if its warranted.
      My Computer


  9. Posts : 3
    Windows 7 Home Premium 64bit
       #39

    I'm new here. The above was my first message. Before I wrote in this topic I also read a topic by Layback Bear about zbot infection and I was also surprised by that topic as well because the OP seems to be experienced. My general feeling is that very few percentage of members do the drive imaging the correct way, by going back to day 1 and keeping your image file less than a day old. This anti-aging strategy is good for both security and performance.

    I just wanted to share how I do drive imaging and when you do it that way there is never a need to fix anything.
      My Computer


  10. Posts : 19,383
    Windows 10 Pro x64 ; Xubuntu x64
       #40

      My Computer


 
Page 4 of 10 FirstFirst ... 23456 ... LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 04:24.
Find Us