Glad that helped.
If you don't mind posting the scan report, just copy and paste it to notepad, save somewhere, and upload it as an attachment. (See "additional options" on the forum, at the bottom right of the reply window.)
If you'd rather not, I suspect it isn't a big deal if all is running well. But know that although you are probably OK, there is no guarantee that the removal is 100% successful, maybe 99 or 98, something like that. (That's a bit of a caveat.
I actually can't guarantee it even if you do post the scan report, but if anything leaps out I would maybe spot that further action might be indicated.)
That said, a "second opinion" scan, using updated SAS and Spybot would probably go a long way to reassure. This is pretty standard after any malware removal. Get three independent clean scans, means you're probably OK, particularly if one of those three is by MBAM or SAS.
There are all sorts of advices and tutorials all around the web on how to secure a Windows system. Opinion can vary a bit. The below is probably a composite of other opinions I've read, plus what I've found works for me.
-1) Layered protection.
This means having a number of applications or protocols in place, that each guard or immunize a particular element of possible attack/vulnerability. It is pointless, ad sometimes contra-indicated to have more than one application covering the same area. So you wouldn't have two software firewalls, for example. Or two AV's.
What most users would hopefully have would be something like:
- a hardware firewall, or router. Should include the current state of the art encryption if using wireless. (I believe that is currently WEP2.) The hardware firewall is optional, but many users consider it a worthwhile investment. (I don't use one.)
- a software firewall. Windows XP has one built in, but it only guards inbound. It's good at what it does, but I would want (and do have) a two way firewall, that will ask for connection permission whenever an unknown or unauthorised application tries to connect outbound. Think of that as a safety net. If something nasty gets into the system, the control on outbound connection is your last chance to stop it downloading reinforcements. Or sending your CC details out.
- an antivirus, running in realtime. You have Avast. It's darned good, out of the box. No setting changes are needed, but it is very configurable. (Example, I have mine set to check for updates every hour. Overkill, but does no harm.)
- a demand scanner or three. MBAM, SAS, S&D, and the like. As you see, good for removal, if something the AV doesn't detect gets in.
What I also recommend is:
- Keep Windows, and all the software installed up to date. Often vulnerabilities are discovered in applications, and patches released for same. MS are quite good at this. But other applications maybe not so. Go to
www.secunia.org, and do an online scan (requires an ActiveX install, IIRC) which will indicate if there is any known vulnerable software installed. ( I have the Secunia PSI installed, and it constantly monitors applications, comparing with a large database at Secunia of known updates/vulnerabilities.)
- Set the browser to prompt for the running of scripts. Especially third party scripts. This can prevent hacked webpages visited from installing crap, by electing not to run all content on the page. Surprising how many websites come with "extras". Doesn't have to be a porn site, either. All it needs is for the hosting software to be out of date, or poorly maintained/set up. If you use Firefox, get the "noscript" and Adblock plus" add-ons.
- Use the "immunize" feature in Spybot, OR use a hosts file, OR SpywareBlaster. Prevents known bad sites from loading.
- Backup your important data regularly. If you ever have to format and re-install Windows, you'll be glad.
- Last but not least, learn what not to click on. Don't post your email address on a public forum. Don't open attachments via email, unless you are expecting them/know the sender. Don't click on any old invite posted to a profile on a social networking site. If something looks a bit dodgy, Google it. And if there are other users who will not adopt those protocols, make them use a limited user account, and password-protect your own account. Wouldn't hurt to password-protect the admin account, either. (There is a special procedure. I've done it, but forgotten the exact steps. Google it.)
There's heaps more. Those are a few of the ones I find have served me well. Caution: You can really get into this. End up trying out all sorts of things to guard your computer. Forget the original reason you wanted a 'pooter in the first place.
