URGENT: Need virus help?

0 votes
asked Feb 20, 2011 by Liam (751 points)
So I decided to scan my PC for viruses because there was a link my friend told me to click on, he said it was a fake av internet pop-up thing but it said URL couldn t be found. But I still scanned my PC, I scanned with Avast! and Malware Bytes, they found nothing. I then scanned with Superantispyware, which found 506 tracking cookies and 25 Trojan.agent/gen-falcomp!  Right im now so scared :/.  I dont know what to do?  Will the people have my information now cause im insure how long these infections have been on!  I need serious advice please?  

PS. I do regular scans with Avast! Free version, how could it miss the infections if the internet pop up is not the cause?

8 Answers

0 votes
answered Feb 20, 2011 by Mab879 (401 points)
First of all tracking cookies are not the scariest things in the world. They are just little files that track how you got to their website and such. These are easily removable.
 
Trojans are VERY VERY VERY VERY bad. They can share a lot of your Information like: whatever you type. Which could bad if type out any password or bank info.

Superantispyware sound a little odd to me. I never heard of it. I use Microsoft Security Essentials. Here is an article from Kat a 5 year MVP. http://www.katarmstrong.com/blog/2007/09/how-to-windows-protection-software/


Hope this helps.
commented Feb 20, 2011 by Liam (751 points)
Thanks for the info.  And oh dear, I dont purchase online and never have done but do you think i should change some of my passwords now like my Email and google account etc?

And Maybe I should change my anti-virus now seeing as Avast! didnt detect anything at all when I scanned with it. Too bad, it's always been good to me until now.
commented Feb 20, 2011 by TheTechDude (76,080 points)
Here is SUPERAntiSpyware http://www.superantispyware.com/ it is really a decent program.  I prefer MalwareBytes over it but it is still go as this scans for other types of issues besides what Malwarebytes does.  They claim to have over 30 million users not sure about that but it is good.
0 votes
answered Feb 20, 2011 by Adam Robson (16 points)
I use Norton 360 which blocks all hacking attempts I have found it to be the best virus protection I have used
commented Feb 20, 2011 by Fedge (176 points)
You should try some other ones in that case. Norton is horrible.
commented Feb 20, 2011 by _GTech (1,311 points)
I'll 2nd that notion, strike to kill norton APPROVED!
0 votes
answered Feb 20, 2011 by PhantomGamers (221 points)
Registered JUST to say this: Robson doesn't know good anti-virus.
Norton is garbage and rarely catches bad viruses.
If you have a Windows Machine use Microsoft Security Essentials and Malware Bytes for best protection.
(since you said you scanned with MBAM I guess you do have Windows though)

But if MBAM came up clean I would say you are fine.
Never heard of Superantispyware so I wouldn't be surprised if all of those were false positives.
As Mab said, tracking cookies aren't dangerous. You can use CCLEANER to remove them.
I can't imagine you would get a virus by just CLICKING a link, assuming you didn't download and run anything from the website... but I guess it isn't unheard of.

As I said though, MBAM is very thorough and if it didn't find anything I wouldn't worry at all.

EDIT: As a matter of fact, if it said "URL Could Not Be Found" that means you didn't load the website at all and have not been compromised.
commented Feb 20, 2011 by TheTechDude (76,080 points)
Here is SUPERAntiSpyware http://www.superantispyware.com/ it is really a decent program.  I prefer MalwareBytes over it but it is still go as this scans for other types of issues besides what Malwarebytes does.  They claim to have over 30 million users not sure about that but it is good.
commented Feb 20, 2011 by PhantomGamers (221 points)
Yeah, I did a Google search on it before I posted.
I wasn't saying it's a bad program, just that the "viruses" it detected were most likely false positives if the other antiviruses didn't pick anything up...
Though that could vary, I've yet to see any virus that MBAM didn't detect though... I've only seen a few that MBAM was unable to REMOVE.

@OP: You can try to upload the files that SuperAntispyware detects to http://www.virustotal.com and see what it says there...
commented Feb 20, 2011 by TheTechDude (76,080 points)
It is most likely a false postive also.  But he/she may just have a never database in Super than MBAM.  Doesn't hurt to be sure.
0 votes
answered Feb 20, 2011 by TheTechDude (76,080 points)
Tracking Cookies are nothing to worry about.  Almost every cookie is tagged as a tracking cookie becuase if you visit a website most post use a cookie that traces what you do on their site.  Almost all of them are harmless but it doesn't hurt to removed them.

The Trojan is bad as it can take information that you type such as what your type in and such.  Do you use this computer for online ordering or online banking?  If you don't then the only thing that it can take is your passwords and I would recommend changing those once you know that your computer it clean.

I know what SuperAnti-Spyware is and it is not a bad program that I use sometimes on computers to ensure that they are clean.

Here is what you should do:
<ol>
<li>Download the lastest virus database for Avast and then run a Boot-Time scan using it.  Comment back with/if it finds something.
<li>Update Malwarebytes by going to the Update tab then run a Full-Scan.  Comment back with/if it finds something.
<li>Update SuperAnti-Spyware and run a full scan with that.  Comment back with what it finds.
<li>Go here http://www.eset.com/online-scanner and use the online scanner here.  Comment if it finds something.
<li>Make sure that you have the latest Service Pack and security updates for your operating system here: http://www.update.microsoft.com/
</ol>
If nothing else has been found then you should be good and safe.  Your Anti-Virus program is one of the best free ones the only other one that I even recommend is Microsoft Security Essentials ( http://www.microsoft.com/security_essentials/ ) which is good but Avast is more advanced.  This is coming from someone that personally tests different anti-virus from paid to free to see which is the best.  
<br>
If you have to be 100% sure then is formating and reinstalling.  This is for the more bad cases of virus but can be done.  If you are still concerned after following this then comment back and I will go into details about how to go about this.
commented Feb 20, 2011 by Liam (751 points)
Thanks, I'm going to follow your steps. As it is 3am here, i will tell you the results of the boot-time scan as soon as I wake.  Thanks for all of your support :D.
commented Feb 20, 2011 by TheTechDude (76,080 points)
No problem.  This is what I am good at, is taking care of virus problems, so I am glad to help.  Need anything else just ask.
commented Feb 20, 2011 by TheTechDude (76,080 points)
How is it going?
commented Feb 20, 2011 by Liam (751 points)
It went fine, I had to do some other things before starting the scans which is why it has took me so long.

The Avast! boot-time scan found 1 PUP.
Malware Bytes found nothing.
SuperAntiSpyware only found tracking cookies.
The ESET scanner is still running but its at 75% with nothing found yet.

So I suppose It's all good. Though I wish I wouldn't have deleted the supposed 'Trojans' which SuperAnti-Spyware picked up because I could have seen if the ESET scanner picked them up.
But I do think that it's very likely that they were false positives, I did a scan with Malware Bytes and Avast! before scanning with SuperAntiSpyware and they found nothing so I'm kinda lost here.

Do you reckon I should change my passwords or just leave it and have it that they were fake positives?
commented Feb 20, 2011 by TheTechDude (76,080 points)
I am thinking that they were false positives also but it doesn't hurt to be sure.  I would say that it doesn't hurt to change your passwords.  That way you don't have any worry now that the possible threat has been taken care of.
commented Feb 20, 2011 by _GTech (1,311 points)
I'll add to this excellent post by saying this...

Formatting Disc & Reinstalling OS = Fasted Solution PERIOD!

Hard Drive Image Backup of course is the easiest & fastest solution to do this with, and should always be used FIRST, because reinstalling your OS may NOT be an option depending upon which edition of Windows License you have.  (OEM is not allowed to be fresh installed btw, fact)

Restore, which is something the OEM MFGs put on your computer, almost all Laptops and Netbooks have this feature now, specifically a Destructive Wipe Restore, is a fast way to remove viruses and problems as well..

Backing up your data BEFORE you do any of the above mentioned is the FIRST STEP in this entire process, always.
commented Feb 20, 2011 by Liam (751 points)
Thanks, The Tech Dude. I really appreciate your help, your tips were really useful. I could not thank you enough!  This is why I come to this community first when I have a problem, because I know that there will be great people out there to help!  Thanks again!
commented Feb 21, 2011 by TheTechDude (76,080 points)
@_GTech:  I agree with everything you said.  Reinstall is most of the time the fastest solution.  But I don't like to tell people to do that immediately especially in Liams' case where it was most likely a false positive.  Also, I would like to tell you that you can do fresh installs with OEM licenses, I have done it for clients before.

@Liam:  You are welcome.  I am glad to have helped you.
0 votes
answered Feb 20, 2011 by Ozy360 (31 points)
It may be worth doing a hijackthis scan and posting you're log onto their forums. Please change you're passwords, turn off system restore temporarily before you scan you're system with you're chosen software. I recommend microsoft security essentials and malware bytes.
commented Feb 20, 2011 by PhantomGamers (221 points)
Why would you change your passwords BEFORE you discover the virus and remove it?
What purpose does that achieve?

I agree 100% that if you FIND the virus and REMOVE it that you should change your passwords, but there is no use in posting it onto their forums and immediately changing your password before you neutralize the situation.

I mean, we don't even know if you (you=OP) have a virus.
I do know this though, if you DO have a virus you had it before you clicked that link since it never wound up loading. (-> URL could not be found)
commented Feb 20, 2011 by Ozy360 (31 points)
Sorry dude, I didn't clarify... Change you're passwords from a clean system so that if someone has gotten you're login details you prevent them getting access and locking you out by changing the passwords.
0 votes
answered Feb 20, 2011 by _GTech (1,311 points)
Download Spybot Search & Destroy  and  Malwarebytes' these two programs can remove A LOT of malware.

Malware can disable your Virus protection...

Run Spybot First (by itself) AFTER you update it first..  (Check For Problems)

(Super Antispyware & Spyware Doctor are also good scanners)

Then press the Fix Selected Problems button...

Then you may need to restart your computer...

Next run Malwarebytes (after you get on your desktop) after you update it, do a FULL SCAN...

IMPORTANT: one very important trick in order to get to a working computer is to boot into Safe Mode With Networking...  Press F8 (constantly) after you see the Bios Picture when you first start up your computer, select Safe Mode With Networking and press Enter.. (log onto your account)

The reason this works is, the minimal services are loaded, and often many services & processes are not loaded (the ones secretly placed in startup too), so you may get much better performance in safe mode and increase your chances of removing the malware & viruses off of your computer..

http://www.malwarebytes.org/

http://www.safer-networking.org/en/download/

One of The Best Windows Online Scanner (meaning you run it through the browser) on the Internet is called One Care Live Safety Scanner and it can be found here at:  onecare.live.com  (This catches what most other scanners DO NOT!)  (ESET is great too!)

The Best Virus Scanner (You must install your old one first ALWAYS) is Microsoft Security Essentials which can be found here.  http://www.microsoft.com/security/pc-security/mse.aspx

***Remember the more scans you use, the great chance you have of removing ALL of the problems!***
commented Feb 20, 2011 by TheTechDude (76,080 points)
You need to update your virus removal process.  First of all, anyone that says the best anti-virus is a free one is not right.   Second of all, Spybot is old and doesn't catch virus anymore the two be one currently are MalwareBytes and SUPERAntiSpyware.  Third of all, the online scanner (Live OneCare) is being shutdown the online scanners are not that good especially that one a good online scanner is ESETs'.
commented Feb 20, 2011 by _GTech (1,311 points)
Super Anti-Spyware & ESET are good, indeed, and by no means are your or my recommendations wrong, they can use which ever they want, personally I run 6-10 scans on a computer using different scanners to ensure they are clean, and this includes root kit detectors as well.

The more thorough a user is at looking for the problems the greater chance they have of finding and removing all of the problems a computer has, Spybot Search & Destroy may be old but does not mean it's ineffective, by any means..  It has many features that other scanners do not which includes a start up editor and other features in the Advanced Mode setting, something to be noted.
commented Feb 20, 2011 by TheTechDude (76,080 points)
I agree with using multiple types of scanners to be safe.  Spybot at least for me in my testing find almost nothing where as MBAM and SUPER find most if not all of it.  I used to use Spybot all the time and wish it was better.  Whatever works for you.
commented Feb 20, 2011 by _GTech (1,311 points)
MBAM = #1 Malware Scanner :D
commented Feb 20, 2011 by TheTechDude (76,080 points)
I agree. <br>
0 votes
answered Feb 20, 2011 by chiefnoobie (86 points)
You did the right thing.  Super anti spyware is pretty good, I think you are probably getting false positives.  It seems you have already used Malware bytes which is very good so if that says you don't have anyting I think you will be OK.  However if you wish to try another free one it can't hurt.  AVG free is good, also Comodo internet security is meant to be a pretty good free program.

Also if your computer isn't doing strange things like having pop ups keep appearing on screen or crashing it is probably OK.

Tracking cookies are harmless as well
0 votes
answered Feb 20, 2011 by jebug29 (476 points)
Tracking cookies are just internet cookies. They are nothing. And SuperAntiSpyware is crap. It has WAAAAAAY too many false positives. If you were worried that you have a fake antivirus, but there is no fake AV coming up on regular startup, and the link wasn't found (Those things don't stay on the web for long, which stinks for virus testers), then you probably don't have any viruses. I mean, two antiviruses find nothing, and those two are trusted very much and they find almost all harmful viruses, such as fake AV's, and SuperAntiSpyware finds, all of a sudden, 25 trojans, it's hard to believe that they are positives.
commented Feb 20, 2011 by Liam (751 points)
I thought the same but ah well, I'm still following The Tech Dude's tips so that I know for definite that I am safe.
Welcome to Q&A, where you can ask questions and receive answers from other members of the community.
...