Avast WEBforum
Other => Viruses and worms => Topic started by: Canucked on October 03, 2013, 06:50:23 PM
-
Hey all,
I'm brand new here , so just looking for some advice, anything answer would be greatly appreciated. So Avast did a quick scan and found a couple infections: Win 32:InstalleRex-Z [PuP]- This one infected two different files. Win32:DomalQ-AK[PUP] - This one three different files. Win32:Installer-U [PUP]-1 File. Win32:Adware-BCK [Adw]-1 file infected. Win32:SearchProtect-A [PUP] and lastly Java:CVE-2011-3544-JT [Expl].
After they were found I moved them to the Virus Chest, and then did a boot Scan. I also downloaded and ran CC-Cleaner (I was looking though a couple different threads and it was mentioned that it may be useful to do this, so i did). After all of this I ran another scan and Avast didn't pick up anything else. It all started when I downloaded Handbrake, I wanted to convert some MKV files to AVI, but I think I downloaded it from the wrong site, after I downloaded it it added a bunch of other programs , like a VFC tool bar search and right away I thought there wasn't something quite right about it. Anyway, sorry for all the info, I'm a little green lol. I just want to know if there is anything else I should do, or can do, just to ensure everything has been properly taken care of.
Any advice would be great, and you all seem so helpful on here.....So thanks a bunch in advance. :0)
-
Follow this guide and attach logs, when done malware removers will be notified:
http://forum.avast.com/index.php?topic=53253.0
When finished used tools will be removed. ;)
-
the logs needed are AdwCleaner / Malwarebytes / OTL
-
Hey guys,
Thanks for the Help! I've attached most of the logs, just one missing.
-
Here's the Adware Log :)
-
Looks like AdwCleaner killed it dead. Are you experiencing any problems ?
-
None that I can tell. It seems to be running much better now, is there anything I should be on the lookout for?
-
The main thing is to read the Avast blog about how you get these extras http://blog.avast.com/2013/07/09/shady-practices-of-free-download-servers/
In that case methinks I will send you on your merry way :)
Subject to no further problems :)
I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems
Now the best part of the day ----- Your log now appears clean :thumbsup:
A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:
Run AdwCleaner and select uninstall
Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.
Clear Restore Points
Go Start > All Programmes > Accessories > System tools
Right click Disc Cleanup and select run as administrator
When it pops up at the first prompt select OK after it has done some calculations the tabs will appear
Select More Options tab
Press Sytem Restore and Shadow Copies Cleanup button
: Keep Java Updated :
WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article (http://www.forbes.com/sites/eliseackerman/2013/01/11/us-department-of-homeland-security-calls-on-computer-users-to-disable-java/) and this article (http://www.nbcnews.com/technology/technolog/us-warns-java-software-security-concerns-escalate-1B7938755).
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser (http://www.geekstogo.com/2600/how-to-disable-java-in-your-web-browser/) and How to unplug Java from the browser (http://krebsonsecurity.com/how-to-unplug-java-from-the-browser/))
Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
Malwarebytes (http://www.malwarebytes.org/mbam-download.php).
Update and run weekly to keep your system clean
Download and install FileHippo update checker (http://www.filehippo.com/updatechecker/) and run it monthly it will show you which programmes on your system need updating and give a download link
If you use on-line banking then as an added layer of protection install Trusteer Rapport (http://www.trusteer.com/Products/Trusteer-Rapport-for-Online-Banking)
It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit - Microsoft Windows Update (http://windowsupdate.microsoft.com)
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ? (http://www.geekstogo.com/forum/topic/225044-preventing-malware-and-safe-computing/)Keep safe :wave:
-
Right on!! Thanks Essexboy. I downloaded Trusteer Rapport, and File Hippo.
I'm just wondering if I have Malwarebytes installed, and Avast...will they confilct? Could I run into trouble having both of them installed at the same time?
-
I'm just wondering if I have Malwarebytes installed, and Avast...will they confilct? Could I run into trouble having both of them installed at the same time?
usually not ....every one in here use that combo ;)
do you use removable device ?
if so, add usb protector. MCShield http://www.mcshield.net/
-
if avast and MBAM should conflict, there is a guide here how to exlude
Section K Set Exclusions for Malwarebytes' Anti-Malware in Avast! Antivirus
http://forums.malwarebytes.org/index.php?showtopic=10138&page=1&#entry417798
-
I think the only removable device I use would be my phone, but only really connect it to my PC to download music onto it, or to charge it.
I use Utorrent a lot, and I've noticed ever since I installed Malwarebytes, I keep getting this message "Blocked a potentially harmful site", or something like that, pop up every once in awhile on my desktop. Looks like it's caused by utorrent
Is that normal?
-
I think the only removable device I use would be my phone, but only really connect it to my PC to download music onto it, or to charge it.
I use Utorrent a lot, and I've noticed ever since I installed Malwarebytes, I keep getting this message "Blocked a potentially harmful site", or something like that, pop up every once in awhile on my desktop. Looks like it's caused by utorrent
Is that normal?
explained here...
Oh, the Sites You Will Never See http://blog.malwarebytes.org/development/2013/05/oh-the-sites-you-will-never-see/
-
Nice! You guys are awesome!
Thanks for taking time out of your day to help :)
-
So now my Avast Icon has disappeared, and when I click on the shortcut on my desktop..Avast won't load up.
Anyone know why? :o
-
Are you getting error messages?
If so can you post a screenshot if possible?
-
try avast repair
controlpanel > ad/remove programs > avast > uninstall > repair option ....wait a minute and reboot
-
Nope, not getting any error messages. I rebooted and after that the avast icon came back.
But!!
A couple things happened.....
I couldn't open a couple programs..like windows media player, and chrome. And my PC seems to be lagging like crazy...it probably took about 4 min from the time my background pic showed up on my screen until my start menu and all the little icons loaded...
It seems to me that something ain't right.
Any suggestions??
-
And..
This may be a stupid question..but should I disconnect from net?
I have two roommates in the house and...we all share the same connection. If my PC is still infected, could it affect their computer too??
-
Could I have a fresh OTL scan please. Is sharing enabled or are all the systems isolated
-
Here's the fresh OTL logs.
I've also noticed that when I start my computer up this little DOS windows pops up, and the last time it had something about a Beyond 2020 Professional browser. I seen this on my computer but i'm not sure how it got here, as far as I know I didn't download it. And since yesterday I've lost about 6 GB's somehow, not sure where they went I haven't downloaded or installed anything, but an updated version of Quicktime and a breaking bad episode...and that wouldn't of taken up that much space.
Not sure if you need to know all this, but heck I figured it couldn't hurt
-
Oh!
And I don't think sharing is enabled, but how would I check just to make sure?
-
Browser 20/20 appears to be a data base tool http://beyond2020.com/index.php/news/27-beyond-20-20-releases-professional-browser-and-publisher-s-edition-7-1
File sharing (although it refers to win 7 it is the same for Vista) http://www.it.cornell.edu/security/howto/filesharingwin7.cfm/#file
I can see no infection on the system so it may just need a quick tidy up and defrag. You may also want to disable some of the Acer start up programmes
Clear Cache/Temp Files
Download TFC by OldTimer (http://oldtimer.geekstogo.com/TFC.exe) to your desktop
- Please double-click TFC.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
- It will close all programs when run, so make sure you have saved all your work before you begin.
- Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion.
- Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean.
-
Alright so I did everything you told me to do, and everything was good for a week or two. But now my computer keeps freezing on me. Windows failed to load , did start up repair and resore point, windows loaded after that but now its completely froze . It's fu#ked!! lol. Can anyone help?
-
What is the hard drive on your computer ? As this sounds like it is going south