BleepingComputer.com: Is my computer safe to use now? How can I double check /Second opinion needed THANKS

Greetings ejhdez,

You are welcome again! We are here to help....

Things are looking good. I suspect we might be parting ways shortly.

Quote

Malwarebytes Anti-Malware will automatically convert to Malwarebytes Anti-Malware Free functionality if you do not pay for the Pro version. You can review the differences here. Bottom line is do nothing and it will take care of itself.

Can you tell me exactly what version of Avast you downloaded and what message you are receiving. Even the free version requires that you register the product within 30 days.


===================================================


ESET Online Scanner

--------------------

I'd like us to scan your machine with ESET OnlineScan

• Hold down Control and click on this link to open ESET OnlineScan in a new window.
  
• Click the button.
  
• For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  
  
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    
  • Double click on the icon on your desktop.
  
  
  
  
  
• Check "YES, I accept the Terms of Use."
  
• Click the Start button.
  
• Accept any security warnings from your browser.
  
• Under scan settings, check "Scan Archives" and "Remove found threats"
  
• Click Advanced settings and select the following:
  
  
  • Scan potentially unwanted applications
    
  • Scan for potentially unsafe applications
    
  • Enable Anti-Stealth technology
  
  
• ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  
• When the scan completes, click List Threats
  
• Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  
• Click the Back button.
  
• Click the Finish button.

===================================================


Rerun Malwarebytes

--------------------

Temporarily disable your antivirus program.

• Please locate your Malwarebytes icon and launch the program
  
• Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  
• If an update is found, the program will automatically update itself. Press the OK button and continue.
  
• If you encounter any problems while downloading the definition updates, manually download them from here and just double-click on mbam-rules.exe to install.
  
• Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  
• Click on the Scan button.
  
• When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  
• Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  
• Make sure that everything is checked and then click Remove Selected.
  
• When removal is completed, a log report will open in Notepad.
  
• The log is automatically saved and can be viewed by clicking the Logs tab.
  
• Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  
• Exit Malwarebytes when done.

Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.


===================================================


Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment.

• ESET log
  
• Malwarebytes log
  
• How is your machine running now?

Hello Oh My!,

I'm glad to hear that my computer is looking better than before. I know I still have to reformat my OS but at least it will be clean. Thank you! My computer is working fine. The only thing I do on it is go online to check your responses to my posts. I don't navigate anywhere else when I go online until it is all clear and safe. Oh My! right now I'm running Avast! Internet Security program version 6.0.1367 virus definition version 120206-0. It says the following: Your protection against viruses and spyware will expire in 10 days. You need to purchase a license to stay protected. I also have installed on my computer, Secunia PSI. Should I keep that? Thank you for your time. Here are the logs for ESET and Malwarebytes.


C:\Documents and Settings\NetworkService\Application Data\Sun\Java\Deployment\cache\6.0\17\5c040b51-42887531 probably a variant of Win32/TrojanDownloader.Agent.YSESGH trojan cleaned by deleting - quarantined





Malwarebytes Anti-Malware (Trial) 1.60.1.1000
www.malwarebytes.org

Database version: v2012.02.06.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
JODY :: EDDYJODY [administrator]

Protection: Enabled

2/6/2012 6:17:27 PM
mbam-log-2012-02-06 (18-17-27).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 230801
Time elapsed: 14 minute(s), 25 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)

Greetings ejhdez,

Secunia evaluates the status of updates needed on your computer which helps in the fight against malware and is recommended by BleepingComputer.

If you plan on reformatting and reinstalling the operating system immediately after the all clear then it is not necessary to uninstall Avast Internet Security and install Avast Free Antivirus. However, if for some reason you would like to change to Avast Free please complete the steps below. It is a little more cumbersome than just the Add/Remove Program but this will give us the best chance of avoiding snags.


===================================================


Replacing Avast Internet Security with Avast Free Antivirus

--------------------

• Download avast! Uninstall Utility to your desktop
  
• Reboot your computer into Safe Mode (Press F8)
  
• Double click on the aswclear icon
  
• On the avast! Software Uninstall Utility select avast! 6 Free/Pro/Internet Security
  
• If the folder path is not automatically listed you can select it by clicking on the "..." button and expanding Select folder to get to the avast folder as is detailed below
  
  
  
  
  
  
  
  
  
  
  
• Click Uninstall then Yes
  
• Once completed you will see "Program was Successfully Removed"
  
• Click Yes to restart your computer
  
• Download the latest version of Avast Free Antivirus and save it to your desktop
  
• Double click the Avast icon to install the program
  
• Be sure to complete the Registration to obtain a free one year license

===================================================


Things I would like to see in your next reply.

• Did you successfully replace Avast (if you chose to do so)
  
• Are you having any issues with your computer?

Good morning Oh My!,

I would like to know your opinion on which antivirus is better. Avast! free antivirus , Avast! Internet Security, or Microsft Security Essential? Thank you so much!

Greetings ejhdez,

In the end it is a matter of personal preference. The first issue is whether you want free programs or you want a paid version. Avast Free and Microsoft Security Essentials are both free. Avast Internet Security ends up requiring payment after the initial trial period.

Personally I use Avast Free and along with other free programs I use I have been quite happy with the results. I do not get viruses

I will be providing some information for you to consider shortly which might help you decide what you would like to do. I am confident these instructions, if properly followed, will provide you the level of protection you are seeking. There is a free way to do it and my instructions will show you the way.

It seems your computer is running well but since you did not mention that I want to double check before I provide that information.

Is all well?

Hello Oh My!,

Thank you, my computer is working well. I'm so happy with this website especially with all the help you have given me. I thought my computer was never going to be the same again. It was pretty scary! Thank you for all your time and your clear, step-by-step instructions. It is truly appreciated . Yes I can really use any advice that you have for me to prevent virus and to better protect myself. Thanks Oh My!!!!

Greetings ejhdez,

That is wonderful news. I am glad we were able to get your computer back to health. Thank you for your kind words. It is truly appreciated.

There is one last step to take to uninstall any leftover tools we used. Then there are the steps I spoke about to help keep your computer nice and clean.


===================================================


All Clean

--------------

Your machine appears to be clean. Please take the time to read below on how to secure the machine and take the necessary steps to keep it clean

Please do the following to remove the remaining tools we used from your PC:

• Delete the tools used during the disinfection:
  
  
  • Press windows key + r on your keyboard at the same time. In the run box type combofix /uninstall, press OK.
    
    
    
    
  • This will remove Combofix and other tools we used from your computer.

Please read the following in order to prevent reinfecting your PC:

• Install and update the following programs regularly:
  
  
  • Outbound firewall.
    If you are connected to the internet through a router, you are already behind a hardware firewall and as such you do not need an extra software firewall.
    A comprehensive tutorial and a list of possible firewalls can be found here.
    
  • AntiVirus Software
    It is imperative that you update your AntiVirus Software on regular basis.If you do not update your AntiVirus Software then it will not be able to catch the latest threats.
    
  • Anti-Spyware program
    Malware Byte's Anti Malware is an excellent Anti-Spyware scanner. It's scan times are usually under ten minutes, and has excellent detection and removal rates.
    SUPERAntiSpyware is another good scanner with high detection and removal rates.
    Both programs are free for non commercial home use but provide a resident and do not nag if you purchase the paid versions.
    
  • Spyware Blaster
    A tutorial for Spywareblaster can be found here. If you wish, the commercial version provides automatic updating.
  
  
• Keep Windows (and your other Microsoft software) up to date!
  
  
  • I cannot stress how important this is enough. Often holes are found in Internet Explorer or Windows itself that require patching. Sometimes these holes will allow an attacker unrestricted access to your computer.
    
  • Therefore, please, visit the Microsoft Update Website and follow the on screen instructions to setup Microsoft Update. Also follow the instructions to update your system. Please REBOOT and repeat this process until there are no more updates to install!!
  
  
• Keep your other software up to date as well
  
  
  • Software does not need to be made by Microsoft to be insecure. You can use the Secunia Online Software occasionally to help you check for out of date software on your machine
  .
  
• Stay up to date!
  
  
  • The MOST IMPORTANT part of any security setup is keeping the software up to date. Malware writers release new variants every single day. If your software updates don't keep up, then the malware will always be one step ahead. Not a good thing.

Some more links you might find of interest:

• Miekies' prevention suggestions
  
• So How did I get infected?
  
• Microsoft - 'Security at home'
  
• Calendar of Updates: See which updates have been released.
  
• How to backup your Data with Cobian Backup: because you never know, when your harddisk might fail
  
• Commonly Used Freeware Replacements: a nice list of freeware programs in all categories, that are regarded as useful by the users of this forum.
  
• osalt: Find (free) open source alternatives to known commercial software.

Thank you for placing your trust in BleepingComputer. It was a pleasure serving you.

Hello Oh My!,

Thank you for all the great tips. These links are great!!! I have some questions I would like to ask you. First, when I back up my data which one works better: Cobian Backup or DriveImage XML? Second, when I reformat my computer do I turn on my windows firewall and quickly go online to Avast! Internet security and to Malwarebytes to reinstall the programs again? I was reading something that said that you need to be well protected before you go online for the first time on a computer. I guess that would apply to me after I reformat my computer. I know that portable hard drives back up files, music and photos only. No programs. So how can I be protected by antiviruses and anti-spyware programs before going online for the first time? Lastly, should I install SpywareBlaster,Mailwasher,MVP Hosts File, Glubble, and EULAlyzer now or after I reformat? By the way my computer is working well. I haven't checked my e-mails or bank account yet because I want to wait and reformat. However, I'm really happy that my computer is well again and I can't stop thanking you for all that you've done. Thanks a million!!!!!

Greetings ejhdez,

BleepingComputer has a tutorial on how to use Cobian Backup. I feel confident recommending this to you.

If you utilize the links I provided for you (like Avast and similar) you should have no worries downloading and installing those programs. They are safe and can provide protection for you as you rebuild the software programs on your computer. I see no need to install the other programs you listed until after you have reformatted. When you install the new operating system I believe one of the steps allows you to activate Windows Firewall. If not you can find the instructions here.

You have been most kind and it is still my pleasure to have helped you.

Thank you sooo much!!!! Have a great weekend!!!!

Thank you and you as well. Good luck with the reformat and reinstall.

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.