Solved virus removal help needed

Looks good. How's the computer running now?

Lets get an online scan done now. Please do an online scan with Kaspersky Online Scanner

Click Accept, when prompted to download and install the program files and database of malware definitions.

• Click Run at the Security prompt.
• The program will then begin downloading and installing and will also update the database.
• Please be patient as this can take several minutes.
• Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
• Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
• Click View scan report at the bottom.
• Click the Save Report As... button.
• Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

**Note**

To optimize scanning time and produce a more sensible report for review:

• Close any open programs.
• Turn off the real-time scanner of all antivirus or antispyware programs while performing the online scan.

Note for Internet Explorer 7 users: If at any time you have trouble viewing the accept button of the license, click on the Zoom tool located at the bottom right of the IE window and set the zoom to 75%. Once the license is accepted, reset to 100%.


Post the Kaspersky log here.

 

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, September 29, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, September 29, 2008 22:08:47
Records in database: 1274872
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\

Scan statistics:
Files scanned: 99107
Threat name: 2
Infected objects: 3
Suspicious objects: 0
Duration of the scan: 03:26:55


File name / Threat name / Threats count
C:\QooBox\Quarantine\C\WINDOWS\system32\1x4ALCYr.exe.vir Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\QooBox\Quarantine\C\WINDOWS\system32\1x4ALCYr.exe_.vir Infected: Trojan-Downloader.Win32.Agent.ahdb 1
C:\QooBox\Quarantine\C\WINDOWS\system32\pXr4570R.dll.vir Infected: Trojan-Downloader.Win32.BHO.pe 1

The selected area was scanned.

 

Excellent! Click Start>Run and type ComboFix /u then hit Enter to uninstall ComboFix and remove the files it has quarantined. This action will also reset the System Restore points, removing any infected files there as well.
Verify the C:\Qoobox and C:\ComboFix folders were removed, as well as the C:\ComboFix.txt file.
Delete the folder C:\rsit
You can delete any other logs that were created/saved too.

Download ATF Cleaner by Atribune and save it to your Desktop.

• Double click ATF-Cleaner.exe to run the program.
• Check the boxes to the left of:
  
  
  • Windows Temp
  • Current User Temp
  • All Users Temp
  • Temporary Internet Files
  • Prefetch
  • Java Cache
  • Recycle bin
  
  
• The rest are optional - if you want it to remove everything check "Select All ".
• Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Reboot


That should wrap things up. Computer performing as it should?

 

wow thanks! my computer's running quite well now...the problems it had haven't occurred so far now.

thank you very much for your help!

 

Glad to hear it. You're very welcome!

Geri has posted some very helpful information and recommendations regarding future protection in the following link.

http://www.windowsbbs.com/showthread.php?t=67958

Surf safe!