possible virus backdoor tidserve!inf!

oxters

Hello

I am very non-techie and am hoping someone can help me here.
I recently forwarded an e-mail fat lady calendar to a friend and he tells me that he got the above virus on his computer. A real techie person identified it and took some time to remove it for him.
I am on windows XP with the free version of AVG for protection. I have carried out searches on my files for backdoor etc and nothing comes up. I am not experiencing any problems myself but I didn't get any warning etc when I opened the e-mail. I have carried out scans and deleted temp files/ cookies etc.
Before I go scaring everyone else I sent it to, can anyone tell me how to find out for sure if I have the virus?

Thank you

thomas01155

Download this http://www.malwarebytes.org/mbam.php then install it then run a quick scan and remove everything it finds after post the logfile back here. I recommend using Avira AntiVir instead of AVG http://www.filehippo.com/download_antivir/

thomas01155

Upload the file onto here to see if its infected http://www.virustotal.com/

oxters

manythanks for the advice. Is that free software or do I have to pay for it?

thomas01155

Both Avira and Malwarebytes are completely free .

oxters

thomas01155 wrote: »

Both Avira and Malwarebytes are completely free .

Sorry to be such a dummy, but the link gives me this:

Activating the full version unlocks realtime protection, scheduled scanning, and scheduled updating. It is a one time fee of $24.95.


Do I just click on download and I get the free version please?

thomas01155

Yup you just press download ^.^ the paid version just unlocks some extra things but you don't need those.

Marty_J

Almost every day, someone who uses AVG is on here saying they have a virus. It really is pretty bad. I wish Martin would stop recommending it to people.

Browntoa

you cannot allow for people foolishly clicking on Links and downloading stuff, see just as many threads on here with Nortons etc on here , not only AVG

oxters

thomas01155 wrote: »

after post the logfile back here.

Did you mean me to do this?

Malwarebytes' Anti-Malware 1.32
Database version: 1625
Windows 5.1.2600 Service Pack 3
06/01/2009 21:25:28
mbam-log-2009-01-06 (21-25-28).txt
Scan type: Quick Scan
Objects scanned: 54363
Time elapsed: 10 minute(s), 5 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 2
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\!!9522b3fb-7a2b-4646-8af6-36e7f593073c} (Adware.Coupons) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Trymedia Systems (Adware.Trymedia) -> Quarantined and deleted successfully.
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\cpnprt2.cid (Adware.Agent) -> Quarantined and deleted successfully.

I have deleted the infected files but none of them said "backdoor tidserve!inf!
Is it safe to assume I don't have it?

oxters

Browntoa wrote: »

you cannot allow for people foolishly clicking on Links and downloading stuff, see just as many threads on here with Nortons etc on here , not only AVG

But I didn't click on a link, I just opened the e-mail, read the content and forwarded it to some friends, one of whom alleges he got the virus from it!