Virus alerts gone, do I require HJT?

[FlameChampion]

Hey all!

I was infected with a virus a few days ago (thats what I get for letting my little cousin roam unsupervised). I think he opened a .exe file that my AntiVir failed to prevent from spreading viruses.

Heres the programs I had then:

AntiVir FREE Edition up to date
Spybot w/o Teatimer up to date

Those two programs and smart browsing kept me Virus/malware free my whole life. When I was infected, the laptop immediately restarted and virus warnings were appearing everywhere. One by the clock, desktop wallpaper (which just turned out to be an oversized image window) and from the system tray. I immediately unplug the internet and ran complete scans of AntiVir several times. Each time removed different viruses. I ran Spybot several times as well and noticed dozens of spywares just raided my system. After a while, both scanners turned up empty but the Virus Alert by my time was still there (as well as various start menu and My Computer HDD icons missing).

I read on other sites about SUPERantispyware and gave it a shot. It found more gunk that Spybot failed to detect and cleaned those out. I ran it several times until it came up clean. I also used MAlwarebytes Rogueremover but they didn't detect anything. My Alerts was still there.

I found this site via Google and checked out the "read before posting" thread with the programs. Nothing in my Add/Remove Programs; SUPER still came up blank; Up to date Java; BUT Malwarebytes Anti Malware found a lot more gunk left over!

After a quick scan with that program and a restart my Virus Alerts vanished! Everything returned back to normal. I scanned again with all the programs, turned System Restore on and off to clear that, and gave Anti-Malware a complete scan and everything was gone.

So I would like to give a BIG thanks to evilfantasy for that wicked thread.

What I would like to know is that with my alerts gone, and computer seemingly clean, should I still post my logs and HJT log?

[CBMatt]

I'm glad to hear that evilfantasy's thread has helped you so much.  Thanks to him, I think we have one of the best pre-removal guides available.

However, nothing is foolproof and there is always a chance of something being left behind.  It sounds like you're in pretty good condition now, but go ahead and post a HijackThis log and one of us will take a look at it so we can see if there's anything questionable still lurking around.

[FlameChampion]

Here is my current HJT log

[recovering disk space -- attachment deleted by admin]

[CBMatt]

Looks clean!  However, you may want to fix this entry if you didn't set the IE restrictions yourself...

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

This could be something that one of your infections did.  If you did this, then don't worry about it.  Another thing...you don't have a firewall running.  This could very well be how you got infected.  Windows XP SP2 comes bundled with the Windows Firewall, but its protection is subpar.  You should get a more advanced free firewall such as Comodo, ZoneAlarm, or Kerio/Sunbelt.  Just find the one you like, download it, disconnect from the internet, disable Windows Firewall, install your new firewall, and restart.  Once you've done that, you'll be much safer!

[FlameChampion]

Thanks a lot! I didn't change that setting.

I thought of getting a firewall but I only have 1GB of RAM and I didn't want to waste resources since never got infected before.

After this I think I will reconsider.

[evilfantasy]

At least consider installing these programs, they use little or no resources and can go a long way in helping you stay safe.

To prevent unknown applications from being installed on your computer install WinPatrol 2008
* Using Winpatrol to protect your computer from malicious software

I suggest using SiteAdvisor. SiteAdvisor rates sites on business practices and spam. Safety ratings from McAfee SiteAdvisor are based on automated safety tests of Web sites.

SpywareBlaster - Secure your Internet Explorer to make it harder for ActiveX programs to run on your computer. Also stop certain cookies from being added to your computer when running Mozilla based browsers like Firefox.
* Using SpywareBlaster to protect your computer from Spyware and Malware
* If you don't know what ActiveX controls are, see here