Jump to content

detection on my friend's pc

Recommended Posts

hi guys i have a pc which runs win 7 ultimate 32 bit

and it has avira personal already installed and no detction was found recently except while installing a game (weeks ago) and it was removed and nothing suspecious or symptoms of a virus appeared recently

but after installing mbam trial this appeared :

Malwarebytes' Anti-Malware


Database version: 7402

Windows 6.1.7600

Internet Explorer 9.0.8112.16421

8/8/2011 02:42:07 AM

mbam-log-2011-08-08 (02-41-23).txt

Scan type: Quick scan

Objects scanned: 149565

Time elapsed: 2 minute(s), 38 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 1

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

c:\Users\GHALI\AppData\Local\Temp\Rar$EX93.544\removewat.exe (HackTool.Wpakill) -> No action taken.

Link to post
Share on other sites

sorry Screen 317 for being so late i know that you are working hard.

but what can i say work work work i got no time for any thing

as here in egypt we work 12 hours plus

any way back to the topic i tried to delete recently (sorry for the delay) so i rescan both full system scan and quick scan and it wasn't there

i also checked ignore list and it wasn't there

does the disk clean up on the (c drive )affects or remove that file?

as i recently applied disk clean up for speed reasons.

i rescaned full scan also by avira sp2 and nothing was found.

thanks again and i'm really sorry for the delay.

Link to post
Share on other sites

  • Staff


Yes the disk clean removes Temp files.

I highly recommend the PRO version of MBAM; with it, it's likely that this issue would have been prevented in the first place.

Now that your computer seems to be in proper working order, please take the following steps to help prevent reinfection:

1) Download and install Javacool's SpywareBlaster, which will prevent malware from being installed on your computer. A tutorial on it can be found here.

2) Go to Windows Update frequently to get all of the latest updates (security or otherwise) for Windows.

3) Make sure your programs are up to date! Older versions may contain security risks. To find out what programs need to be updated, please run Secunia's Software Inspector.

4) WOT, Web of Trust, warns you about risky websites that try to scam visitors, deliver malware or send spam. Protect your computer against online threats by using WOT as your front-line layer of protection when browsing or searching in unfamiliar territory. WOT's color-coded icons show you ratings for 21 million websites, helping you avoid the dangerous sites:

  • Green to go
  • Yellow for caution
  • Red to stop

WOT has an addon available for both Firefox and IE.

5) Be sure to update your Antivirus and Antispyware programs often!

Finally, please also take the time to read Tony Klein's excellent article on: So How Did I Get Infected in the First Place?

Safe surfing,


Link to post
Share on other sites

  • Staff

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.