Ah your fine its nothing to worry about i always run into site's like that and i love the Avast its great.
semoweb
Junior Poster in Training
50 posts since Feb 2009
Reputation Points: 6
Solved Threads: 1
How likely is it that if a virus somehow managed to initially get past my anti-virus programs, it could further avoid detection by all three virus scanners? Also, if there was a virus on my computer, would it always show up under the running processes listed in Task Manager?
I would say it could be very likely all three could show clean but you could still have something on there. AdAware especially is not the program it used to be. Avast and Spybot both are very good programs but there ARE certain Trojans which are not picked up by those two.No, if there IS a virus or Trojan on the computer it will not always show in the task manager, it would have to be running at the time to show in the task manager. There are some that only run at start up and then shut down. There are others that would only run when specific programs are used and if you don't happen to be using those programs at the time then the infection would not be running and wouldn't show in the task manager. There are some which place themselves into your task scheduler and only run at specified times in order to download more infected files.
You all ready have run two programs which show nothing and that it great, but since Avast did warn you then you know that you were "under attack", to be very safe then I would suggest the following:
download Malwarebytes' Anti-Malware (MBA-M) to your Desktop.
* DoubleClick mbam-setup.exe and follow the prompts to install MBA-M.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform full scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When MBA-M finishes, Notepad will open with the log. Please save it where you can find it easily. The log can also be opened by going to Start > All Programs > Malwarebytes' Anti-Malware > Logs > log-date.txt.
Reboot the computer
Download and run a Full System Scan with HiJackThis . Save the log and post back here with the MBA-M log and the HiJackThis log.
It is better to be safe than sorry.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
No need for another av program, Avast is excellent.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
Your logs look good. Doesn't appear to me that you had anything which would be a password stealer on there. You don't appear to be running a firewall, unless you are running the Windows Firewall.
Now your infections were from downloaded programs...torrent downloads.
One way to avoid this of course is NOT do it. But if you must then one thing you must do is SCAN every downloaded file with your AV program AND MBA-M BEFORE opening.
Another prevention measure is to use the program SpywareBlaster . It is really a MUST have. SpywareBlaster doesn't scan for and clean spyware--it prevents it from being installed in the first place. SpywareBlaster prevents the installation of ActiveX-based spyware, adware, dialers, browser hijackers, and other potentially unwanted programs. It can also block spyware/tracking cookies in IE, Mozilla Firefox, Netscape, and many other browsers, and restrict the actions of spyware/ad/tracking sites.
Download, install, update and enable all. Close the program, that's it. Just check manually for updates weekly.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
I just go through the names given. There are many places online which will give you the particulars of these trojans, what they do, where they come from, etc. Most of the reputable av sites will give this info if you have the file name. Remember, all this has to be known before there can be a good remover developed.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
SpywareBlaster does NOT run in the background, therefore it uses no resources.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
I would say it could be very likely all three could show clean but you could still have something on there. AdAware especially is not the program it used to be.
Actually, Ad-Aware is fantastic, as is MalwareBytes. For best results on either utility, boot your system inSafe Mode, as gives the best hit rate and allows maximum access for the utilities to source and remove probs :)
kaninelupus
Practically a Posting Shark
860 posts since Jul 2009
Reputation Points: 357
Solved Threads: 52
Actually, Ad-Aware is fantastic, as is MalwareBytes. For best results on either utility, boot your system in Safe Mode, as gives the best hit rate and allows maximum access for the utilities to source and remove probs :)
Malwarebytes' should NEVER be run in safe mode UNLESS it is impossible to run in Normal Mode.
Safe mode doesn't let MBAM load all it's drivers which are often necessary for the best detection and removal results. MBAM works in safe mode but is crippled, so if at all possible it should be used in normal mode in an admin account.
MBAM is designed to work in normal mode. It's simply most effective when run this way. Other tools like Spybot Search & Destroy work pretty much the same in normal mode vs safe mode, but MBAM does not and that's the most important thing to remember. Nothing bars you from using it in safe mode, but the results just probably won't be as good as they would if run from normal mode.
MBAM is stronger from regular mode . This is by design as a lot of new malware runs from safemode also so you gain nothing anyway . There are also multiple infections that as part of their first step blow away the entire safeboot keyset
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
Malwarebytes' should NEVER be run in safe mode UNLESS it is impossible to run in Normal Mode.
Sorry, but experience has shown me otherwise. Personally in mostserious cases, tend to run both in normal Admin boot, then re-run in safe mode to finish off.
And yes some malware tries to disable Safe Mode, but there are usually ways to get around it (setting boot in safe mode from MSConfig for starters often still available if the usual F8 option disabled).
kaninelupus
Practically a Posting Shark
860 posts since Jul 2009
Reputation Points: 357
Solved Threads: 52
Normal mode is how you boot your computer all the time. All your drivers are loaded, your anti-virus program and firewall will be loaded and running, display adapters and audio adapters will be fully functional.
In safe mode, you have access to only basic files and drivers (mouse, monitor, keyboard, mass storage, base video, default system services, and no network connections). There also is a safe mode with networking available also, which would allow you to access the internet while in safe mode. Of course this leaves the computer unprotected but at times this may be necessary as there are some infections which will prevent the download and install of clean up tools needed to rid the computer of infection. By booting to safe mode very often these infections cannot start up either and therefore you can download necessary clean up tools.
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
jholland1964
Posting Expert
5,785 posts since Jul 2008
Reputation Points: 725
Solved Threads: 340
kaninelupus
Practically a Posting Shark
860 posts since Jul 2009
Reputation Points: 357
Solved Threads: 52
I have to agree with Judy regarding MBA-M and Safe mode. She is correct in stating that if at all possible it should be run in Normal Windows boot.
Of course, working in Safe Mode does offer advantages for other tools as well as for manual removal.....
Sorry, but experience has shown me otherwise. Personally in most serious cases, tend to run both in normal Admin boot, then re-run in safe mode to finish off.
I believe you have that backwards ;) In serious cases it is often necessary to start in Safe Mode first.And yes some malware tries to disable Safe Mode, but there are usually ways to get around it (setting boot in safe mode from MSConfig for starters often still available if the usual F8 option disabled).
This is bad advice, period. Please see CJ's comments about forcing Safe Mode and why it is a bad idea to do so: http://www.dslreports.com/forum/r18150258-Dont-Force-Safe-Mode-on-Infected-PC
BTW: I do not mean to come off as a hectoring know-it-all ;)
A lot is "lost in translation" in a forum setting. It's just that I've been doing this for a lot of years and have seen a lot of bad advice in "open" forums such as here at Daniweb.
Heck, I've given my share of bad advice in the past - I used to tell people to disable System Restore before beginning the malware cleaning process. Thankfully, my friend Blender at SpywareWarrior was able to talk me out of that ill-conceived notion.... LOL! All she said was: An infected Restore Point is better than none at all.......
Cheers All :)
PP
PhilliePhan
Central Scrutinizer
1,942 posts since Dec 2006
Reputation Points: 184
Solved Threads: 110
It's ok PhilliePhan, some ppl think they know better than the manufacturers :).
crunchie
Most Valuable Poster
20,095 posts since Feb 2004
Reputation Points: 1,142
Solved Threads: 985
