Avast WEBforum
Other => Viruses and worms => Topic started by: sweets on February 16, 2010, 11:12:52 PM
-
On January 11th I got a virus detected notice while on line. I did nothing about it then but on Feb 4th I did a scan and detected JS:Downloader and not knowing what to do I immediately stuck it in the Virus Chest. My computer seems to be working fine but i don'y know what to do with or to the virus. Will you please help? I don't want to reinfect or delete any necessary files. I'm using Windows XP Home edition version 2002 IE 5, Avast edition 4.8 Home edition Thank you
File Name: go [1].htm FileID: 4 Virus Description: JS:Downloader JL[Trj]
C:\Documents and Settings\Stewart\Local Settings\Temporary Internet Files\Content.IE5\V3RNJ...
-
I did a scan and detected JS:Downloader and not knowing what to do I immediately stuck it in the Virus Chest.
You did correct. this is probably from an infected website you have been surfing, so i would think this is safe to delete but leave it in the chest for some weeks before you do
Check your computer for Malware with
Have you tried Malwarebytes Antimalware http://filehippo.com/download_malwarebytes_anti_malware/
after install click UPDATE and run cuick scan, click on REMOVE SELECTED to quarantine anything found
SUPERAntiSpyware http://filehippo.com/download_superantispyware/
Are cookies really spyware and are they dangerous?
http://www.superantispyware.com/supportfaqdisplay.html?faq=26
If anything is found come back and post the scan logs here
-
If I delete the infected file as you say after several weeks, how can I be sure I'm not getting rid of something critical to my computer? Is there something I can do to clean the infected file in the Virus Chest and revert it back to it's status before the infection, without unleashing it on my computer? I'm using a dialup connection, so any downloads will be slow, maybe you can direct me to some sites with small downloads for malware cleanup.
-
If I delete the infected file as you say after several weeks, how can I be sure I'm not getting rid of something critical to my computer?
That is why you wait several weeks to fiend out before you delete
The file is not working now when in chest/quarantine, so if your computer miss it, it will tell you
but this was found in Tempfile/IE
Not all files can be cleaned, and this file is not somthing you had in you computer, it is comming from the outside/internett
so your computer want miss it
Clean, Quarantine, or Delete?
http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm
-
Thank you.
Can you recommend any small malware apps that I can check my system with, (I use dialup), or should I just go with the ones you recommend above?
Also, if I'm not experiencing any problems, do you think I need to follow the steps at aumha.net, and report any hijackthis logs there?
-
Try the ones i recomended, MBAM is the top dog,
you can also try HitmanPro http://www.surfright.nl/en/hitmanpro it is very light but you must be online when scanning, the free version only have 30 days of removal (read all the info on the web site)
If you still have problems or not sure you are clean, then you should follow the guide from essexboy,
post the logs and let him look at it, he is the malware expert
http://forum.avast.com/index.php?topic=53253.msg451454#msg451454
-
Do you know of any small apps that can clean/check the computer of malware, less than 1 MB of RAM, I use dialup service, thanks
-
The following was found on scanning with the malwarebyte's anti-malware app. Please look over and tell me what to do next. Thank you
Malwarebytes' Anti-Malware 1.44
Database version: 3756
Windows 5.1.2600 Service Pack 2
Internet Explorer 6.0.2900.2180
2/18/2010 2:07:25 PM
mbam-log-2010-02-18 (14-07-17).txt
Scan type: Quick Scan
Objects scanned: 121530
Time elapsed: 6 minute(s), 0 second(s)
Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
C:\WINDOWS\system32\cpnprt2.cid (Trojan.Agent) -> No action taken.
-
Prevx file info: CPNPRT2.CID
http://www.prevx.com/filenames/2891452574668740412-X1/CPNPRT2.CID.html
You should scan again and then click on REMOVE SELECTED to quarantine the infection
-
Yes I have removed it already to quarantine. But should i then delete it altogether?
What further needs to be done? The Prevx program found no threats at this time. Thank you
-
@ sweets
Order the Windows XP Service Pack 3 CD to get the system up to SP3 level as Windows XP Service Pack 3 has been available for over a year and a half plus it provides many Critical Updates and performance improvements:
https://om2.one.microsoft.com/opa/Validation.aspx?StoreID=7b7aa929-bd0a-487a-bc7e-df7631fee660&LocaleCode=en-us&JavaScriptOn=yes
IE8 is more secure than IE6 and has a lot better performance:
http://www.microsoft.com/windows/Internet-explorer/default.aspx
Go to PROFILE then Modify Profile then Forum Profile Information then Please select your country: then in Signature: put information about your system if you like just like my signature.
In Account Related Settings select Hide email address from public to prevent scammers and spammers harvesing your email address.
Go to Secunia Online Software Inspector then run it to see what other applications are vulnerable:
http://secunia.com/vulnerability_scanning/online
-
YoKenny,
Do you think that it is necessary to go to Windows XP SP3 and IE8? Aren't I just opening up a new can of worms and taking up valuable HDD space? Thanks
-
You aren't opening a new can of worms, the can is already open.
-
Are you saying SP2 & IE6 are now unreliable?
Also I still use a dialup connection. Thanks
-
Yes we are, not just unreliable but more vulnerable to exploit.
Google and a number of other companies are pushing to block access to their sites and services for users of IE6.
-
Are you saying SP2 & IE6 are now unreliable?
Also I still use a dialup connection. Thanks
As you are on dial-up get the CD from Microsoft to take the system up to SP3Order the Windows XP Service Pack 3 CD to get the system up to SP3 level as Windows XP Service Pack 3 has been available for over a year and a half plus it provides many Critical Updates and performance improvements:
https://om2.one.microsoft.com/opa/Validation.aspx?StoreID=7b7aa929-bd0a-487a-bc7e-df7631fee660&LocaleCode=en-us&JavaScriptOn=yes
What country are you in?
-
I got a friend with broadband to download it for me, save it to CD and that was that. The full SP3 is over 300MB, it is less for an on-line install but still too great for dial-up.
This was the URL I used http://www.microsoft.com/downloads/details.aspx?familyid=5B33B5A8-5E76-401F-BE08-1E1555D4F3D4&displaylang=en (http://www.microsoft.com/downloads/details.aspx?familyid=5B33B5A8-5E76-401F-BE08-1E1555D4F3D4&displaylang=en), it is still valid.
-
I'm having someone download and make CD's for me of Service Pack 3 and Internet Explorer 8. What precautions do I need to take before installing them? Do it offline, shut down Avast, firewall, create a restore point before installing each one, what else ? Thank you
I'm using Windows XP Home Edition version 2002
-
All I did was to ensure I was off-line, I didn't shutdown avast, there shouldn't be a need to do so, but that is a personal choice. I would certainly scan the CD first before using it.
Same thing on the firewall (you didn't say which you use) as when you install new stuff, it will make note of that so essentially you would need it on, again down to personal choice.
Making a new restore point before each installation is wise, I would also suggest that you do the SP3 one first (don't believe you can install IE8 before it) and reboot if it doesn't asks for it (I believe it will) and then install IE8 and reboot.
-
I'm using Windows firewall, but if I do the install offline does it amke a difference if I turn off the firewall? Any other tips to the install? No need to shut down Avast either? Thanks
-
The windows XP firewall isn't worthy of the name as it is like a firedoor that will only protect from file if you happen to be on the right side of the door. So turning it off wouldn't make a blind bit of difference as it isn't recording anything about what is on your system.
Whilst the windows XP firewall is usually good at keeping your ports stealthed (hidden) it provides no outbound protection and you should consider a third party firewall.
Any malware that manages to get past your defences will have free reign to connect to the internet to either download more of the same, pass your personal data (sensitive or otherwise, user names, passwords, keylogger retrieved data, etc.) or open a backdoor to your computer, so outbound protection is essential.
It is some considerable time since I did install SP3 on my other system that I can't recall if I took any other measures some will say you should disable your AV others think it is unnecessary, so there is no real conclusive you must do this. I can't recall what what MSes view on this was/is, probably to disable.
-
Should I install SP3 and IE 8 online or offline, since I'm getting the CD from a friend?
Should I run Microsoft's free Windows XP scanner (online) before installing SP3?
-
Personally I installed them off-line, because they are likely to ask for a reboot after installation.
I don't know which Microsoft's free Windows XP scanner (online) you mean, if a compatibility checker, that won't hurt, but any other I don't know what the benefit might be.
-
The online XP scanner was at the Microsoft website for the SP3 download.
And what about the install, online of offline, how should i do it?
-
I can't give you specific advice only what I have done or what MS suggests if anything, the decision has to be yours.
-
:) sir/madam before installing sp3 check the compatibility of your system hardware and software ;) because if not compatible then you cannot run a thing. and will be blame to antivirus because it is crawling ;) or some program never run at all!
-
sorry bong i don't understand your english, could you clean it up a bit? thank you
-
@ sweets
What I did with my XP Pro system when I got the SP3 CD if I remember.
* I booted the system with no Internet access
* Loaded the CD
* Followed all the prompts and Shutdown
* Connect to the Internet then reboot
* Open IE then go to Tools then Windows Update then make sure all remaining updates are applied.
-
I can't do the Windows updates cause I use dialup and they would take forever. So I'm just going to load SP 3 from the CD as you did, and then install IE8 from another CD I'm getting, aseting a restore point before each event. Do you think that will be ok??
-
After the SP3 CD install the additional updates should not be that many.
-
Hi sweets,
For third party software patch policy automation use this scanner: https://secunia.com/vulnerability_scanning/personal
Then you are secure from all sides, and continue to scan with it to be better harnased against latest vulnerabilities, exploits and holes,
polonus
-
Because I have dialup service, I stopped downloading & installing Windows Updates a long time ago. Beginning with, "Critical Update for Office XP on Windows XP Service Pack 2 (KB885884)", a 4.3 MB download, & every update thereafter.
Therefore, would it be unwise to install via disc, Service Pack 3 & Internet Explorer 8, unless and until, I download every critical, cumulative and security update before them, there are dozens and dozens including ones for Service Pack 2 and Internet Explorer 6 ?
-
You might like to have a look at the MS info here, (http://support.microsoft.com/kb/950717) Steps to take before installing SP3.
I recently had to format and reinstall Windows. The disk I have has SP2 on it. I had SP3 as a downloaded folder, backed up elsewhere, and applied it as part of the reinstall, prior to going online.
Worked a treat.
In effect, it is almost a new operating system. You won't actually notice any difference to speak of, but there is absolutely no need to get the updates you have missed prior to the release of SP3, but since SP2. The chances are that SP3 might supersede some of those, anyway.
So what I am saying is, to answer your question, no, it would not be unwise. It would be wise. Do it. Windows will catch up with the changes as required.
You will have a lot of updates to install following SP3, regrettably. Dozens of MB.
There's no real way round it if you want to remain patched, unless you can get a friend to load all of those on to a CD or flash drive, also.
-
If I'm going to require dozens of MBs of install after the SP3, then why even bother with the SP3? It's an impractical situation with a dialup dinasour like me! Almost forcing me to make the switch to high speed, which I won't do since I only use the computer for email.My computer is working fine without it.
-
Its called security.
Well if you don't install SP3, prepare to be ditched by MS come July 13th as there will be no more security updates for XP SP2 or lower. Only XP SP3 will continue to be supported.
I'm on dial-up and provided you keep on top of it it isn't a huge issue, a pain yes, but the longer you leave updates the more painful it is and the more vulnerable your system is.
-
I think they ditched the few remaining dialup customers along time ago. I wrote them an email but have yet to get a meaningful response, just the usual, "I will be doing my very best to help".