Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Is my system now secured?


  • Please log in to reply
11 replies to this topic

#1 FiretrucksInTheNight

FiretrucksInTheNight

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 02 June 2012 - 11:48 AM

Hi there,

I admittedly do not scan my computer very regularly, so it wasn't a massive surprise when I did it yesterday that I discovered a virus. I should probably mention I use Avast. The virus description was "Win32 Trojan-Gen", and it was removed successfully without any real problems. From here I felt a little paranoid and then went and did a little research on the internet and ended up downloading MalwareBytes, and running a scan. It found something called "Relevant Knowledge", which again was easily removed.

What I am curious about is, when I have looked up these things on the internet, I have been met with pages of people having difficult getting rid of both these things, whereas they disappeared from my system with relative ease. I should also mention that there were no real symptoms of any of these two viruses existing. So I am wondering if they are totally gone, and I just got lucky that they were easily dealt with.

Since then (due to my paranoia) I have also ran CCCleaner, which removed lots of unused files, Spybot and SuperAntiSpyware, which both deleted tracking cookies.
And then on top of that I did another full scan on both Avast and MalwareBytes. Maybe that is overkill but I wanted to check after I had rebooted my laptop.

So basically what I am asking is, is my system now properly secure? Or is there anything else anyone would suggest to use to double check. Am I safe once again to log into websites using usernames and passwords (I changed all my passwords for all accounts I operate on a different laptop after discovering the virus and have left the contaminated laptop isolated since).

Thanks for any help, it will be greatly appreciated from someone who isn't entirely sure on the whole security thing.

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 02 June 2012 - 01:06 PM

Well can you post the avast log along with the logs from Super Anti-Spyware and Malwarebytes.


What options did you use in CCleaner?

#3 FiretrucksInTheNight

FiretrucksInTheNight
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 02 June 2012 - 03:17 PM

My technological wizardry shines through...
Logs no longer exist as I used CCleaner after the scans which found the infections.
Which isn't really a great help to anyone at all.

Generally, would my laptop be okay to use now that the infected files have been removed after scanning using 4 different types of software?
I'm more a bit concerned of the fact that there were zero symptoms and everything was going as smooth as always, does this mean there was something more sinister going on underneath the surface?

Just don't really know alot about this stuff and was looking for some kind of resolution from an expert that my problems would hopefully be away.
Apologies for not having the logs anymore, and if no one can help any without them then thanks anyway I'll just need to head on forward presuming everything is okay (although I've not came down from my state of paranoia enough yet to do so)

#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 02 June 2012 - 04:10 PM

Well without knowing what the infection, there is no certainty that the system is secure or not.

If you suspect things have changed refrain from using CCleaner, and infact I would completely remove it.

#5 FiretrucksInTheNight

FiretrucksInTheNight
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 03 June 2012 - 02:52 PM

My mistake I actually checked Avast again and the records are still there although i'm not sure what logs you are talking about for it. It is literally just this :

Posted Image

I shall refrain from using CCleaner from now on then thanks, i just saw a lot of recommendations on other sites to use it.

And the log for MalwareBytes was just a notepad that said one file had been found (and it was in the same place as the trojan avast found) and it was said PUP.RelevantKnowledge. Sorry this is probably very vague, my system seems to be running fine and having no problems and nothing out of the ordinary, I literally was just wandering if there was any other ways of checking, for example a new scan you could suggest I do that I will then post the logs for.

I understand that without knowing the infection that you can't really help, but all that Avast says is Win32:Trojan-Gen

#6 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 03 June 2012 - 03:22 PM

For what its worth: http://processchecker.com/file/DWPDownloader.exe.html

#7 FiretrucksInTheNight

FiretrucksInTheNight
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 03 June 2012 - 03:40 PM

So what does this mean exactly? It wasn't ever a virus?

#8 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 03 June 2012 - 03:47 PM

Nope it wasn't.

#9 FiretrucksInTheNight

FiretrucksInTheNight
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 03 June 2012 - 03:49 PM

Is it common for things to show up as viruses that are not then?
Also thank you for putting up with my lack of technological knowledge and constant bombardment of questions.

#10 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 03 June 2012 - 03:57 PM

This is what we in the security business like to call a False Positive.

Bombardment of questions helps all involved and since this is a online forum, it helps all those that participate.

#11 FiretrucksInTheNight

FiretrucksInTheNight
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:01:29 AM

Posted 03 June 2012 - 04:05 PM

Okay well thanks a bunch, I suppose this does explain why there was no symptoms at all, and if anything this led me to use MalwareBytes and discover that annoying bit of malware, and from now on i'll be a lot more careful on the web and scanning more frequently.

You were a great help, my confidence in using my laptop is now back.

#12 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:06:29 AM

Posted 03 June 2012 - 04:32 PM

I would use Malwarebytes every couple of weeks and make sure adobe flash and java remain updated.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users