Anti-Virus Newbie - Trojan, Malware, Adware found- How do I get rid of these???

[Guest]

[jimt256]

Comodo Software Versions:
Firewall Pro Version 2.4.18.184; Certified Applications Database Version 3.0

BOClean Anti-Malware Updated 3-5-08

Comodo AntiVirus - Build Version: 2.0.17.58

Operating System: Windows XP Service Pack 2
Internet Explorer Version: 7.0.5730.13


What do I do when I find downloader-bcm trojan (netpumper-1.50-setup-0025), generic malware, adware generic 2, adware deskbar on my computer in: Program Files, Documents and Settings, and Windows\system32 folders?

Can I delete these files without hurting my computer?

These files do NOT show up in the Add/Remove Programs program.

Will Comodo Anti-virus remove these? How?

I think I allowed these when the Comodo window kept popping up.

Should I go back in time several weeks before this happened?

I ran PREVXCSIFREE Version 1.1.0.57 software on March 5th and found the mentioned Trojan, Adware Generic, Generic Malware – where BOCLEAN says “Active trojan horse WAS shut down. System safe.”

Shouldn’t these be deleted from the hard drive to make the system safe?
Why didn’t BOCLEAN or Comodo Anti-Virus remove these from my computer?
Shouldn’t these be deleted from the hard drive to make the system safe?
There's no error screen shot available.

I ran Comodo Anti-Virus Scan of My Computer and found two files that were not caught and were on the system two months -- as P2P-Worm.Win32.Polip.a (Disinfection Failed) – so I deleted them from the hard drive.

The following is the report from BOCLEAN:

11/30/2007 01:32:24: SPYSHERIFF28 VARIANT STOPPED BY BOCLEAN!   
Trojan horse was found in memory. C:\PROGRAM FILES\MALWAREALARM\MALWAREALARM.EXE contained the trojan.
Active trojan horse WAS shut down. System safe.

------------------------------
12/01/2007 20:03:38: RSK-MYWEBSEARCH.P MALWARE STOPPED by BOCLEAN!  Trojan horse was found in memory.
C:\DOCUMENTS AND SETTINGS\JAMES THOMAS\DESKTOP\POPULARSCREENSAVERSSETUP2.2.60.11-2.EXE contained the trojan. Active trojan horse WAS shut down. System now safe.

------------------------------
12/19/2007 15:18:01:
Trojan horse was found in memory. C:\ignored contained the trojan. Active trojan horse WAS shut down. System now safe.
------------------------------
02/22/2008 20:47:19: RSK-BHO.BC VARIANT STOPPED BY BOCLEAN!  Trojan horse was found in memory.
C:\PROGRAM FILES\ADSTECHNOLOGY\ADSTECHNOLOGY.EXE contained the trojan. Active trojan horse WAS shut down. System safe.

------------------------------
02/23/2008 03:16:42: NETPUMP2 MALWARE STOPPED by BOCLEAN!  Trojan horse was found in memory.
C:\PROGRAM FILES\NETPUMPER\NETPUMPERIEPROXY.EXE contained the trojan. Active trojan horse WAS shut down. System now safe.


I am concerned that these Trojan, adware and malware files are still on my system (from running PREVXCSIFREE) and I desire to remove them – how do I do it safely and completely?

Thank you for your assistance,

James Thomas

[andyman35]

Hi there.
You need to determine if this spyware is still active on your system,if so deleting files won't help as they have a tendency to just reappear.BOclean has probably blocked any malicious activity,as you know the free version of PrevX CSI will only show malware not remove it.

The best way to see if anything bad is still running is to use Hijackthis,available here:

http://www.download.com/Trend-Micro-HijackThis/3000-8022_4-10227353.html

Once run this'll generate a text report on all running processes on your system.This will then need to be analysed,PrevX offers an online Hijackthis analysis which should show anything bad:

http://www.prevx.com/hijackthis.asp

A scan using a good Anti-Spyware util. such as Superantispyware or AVG should remove anything left on your system.

[3xist]

Topic Locked.

Reason: Out-Dated post.

Josh

[Tags:]