Is my computer safe?

Hi,

So yesterday I was browsing the internet, when I entered a website that I thought was safe (it was the website of a book publishing company). However, it seems that I was immediately redirected to a webpage playing music, showng a picture of The Joker from Batman with a headline that said “Hacked by Khan”. I was quite surprised and mildly shocked, but exited immediately. My McAfee virus detector then popped up, saying that it had detected a virus and that it was removed. However, after looking online I decided to download avast and run a full system check. The avast scan revealed a virus called “HTML:Defacement-N [Trj]”, which was then put in the avast virus chest.

I am the most tech-savvy person in the world, and I therefore ask: Is my computer safe now, or should I take further measures? What happens with the virus in the virus chest, and do anyone of you know any specifics on the “HTML:Defacement-N [Trj]”?

Thanks in advance

HTML:Defacement-N [Trj]
Means website is hacked, and the hacker ad a signature ... often there is no malicious code there, but it happens

what was the URL ?

do you have avast and McAfee installed now? … there can only be one

Why Using Multiple Antivirus Programs is a Bad Idea https://blog.kaspersky.com/multiple-antivirus-programs-bad-idea/2670/

Uninstalling a third-party antivirus software https://www.avast.com/faq.php?article=AVKB11#artTitle

if you want a extra scanner use Malwarebytes (free or pay) it can run alongside your AV
for USB protection use free MCShield http://www.mcshield.net/ fully automatic / install and forget

What happens with the virus in the virus chest,
[b]Avast 2015: Using the Virus Chest[/b] https://www.avast.com/faq.php?article=AVKB21#artTitle

Clean, Quarantine, or Delete? http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm

The URL was: (www.)spartacus.no/index.php?ID=Bok&ID2=627 (and for anyone reading i would NOT recommend entering it, as it might still be infected).

As for McAfee, I still have that, but it doesn’t seem to have be a problem with both programs at the moment.

I am still puzzled though: Is my computer safe? Should I delete the infected file in the virus chest, or should I just leave it?

EDIT: I didn’t know how to break the link, but I put “www.” in parantheses instead, so that you can still see the URL.

Should I delete the infected file in the virus chest, or should I just leave it?
As it is comming from the web and not your computer it is not something your computer will miss (if so you should have noticed when it was moved to quarantine) so you may delete Files in chest can not harm your computer, i usually let them stay there for a week or two before i delete

Scan result for spartacus https://sitecheck.sucuri.net/results/www.spartacus.no/ no detection

URL is blacklisted by yandex, also blocked by Opera browser
https://www.virustotal.com/en/url/8d5e0b19ac49eb7616fb313fa3a16da0af696b052c6c006cf7450fa65e8ec3f4/analysis/1449164271/

Snort filter alert warning http://urlquery.net/report.php?id=1449164612560

Njord,

break the link so that people can not click on it.
We do not want people to visit a (potential) malicious website.

Blacklisted
http://www.web-malware-removal.com/website-malware-virus-scanner/?url=www.spartacus.no
https://www.virustotal.com/en/url/aa8447b304c06a6302325498cc89c90e8efb5a732f07cad937b95c21fa3b3ec9/analysis/1449164353/

IDS :
http://urlquery.net/report.php?id=1449164518963
http://urlquery.net/report.php?id=1449164562027

Thanks for all the answers, however I have one last question.

When reading online, I got the impression that malware infecting your computer could quickly attach itself to other files. My answer is therefore, should I feel safe now that avast has put this infected file in the virus chest, or might there still be malware roaming free on my computer? Is the full system scan a 100 % certain, or can viruses still be hiding on the computer?

There is no such thing as 100% detection.
Think about it as a disease for humans.
First there is the disease and only than doctors can try to find a cure for it.

If you want a checkup follow the instructions in the sticky at the top of this forum.

Ok, thank you. I’m going to assume that everything is okay now, as this seems most likely.
One final question: When running the full system scan, there are always some files that can’t be scanned, and for most of them this it says that this is because the file is protected by a password or something like that. Does this pose a security threat or is this normal?

https://blog.avast.com/2014/02/28/how-do-i-handle-files-that-avast-cant-scan/

Why assuming and not checking ?
A check won’t hurt :wink:

I guess I thought I wouldn’t get a 100 % answer then either. But if you recommend it I will do it. I’m not sure which pinned thread you’re refering to though. Is it this?

https://forum.avast.com/index.php?topic=14433.0 ?

https://forum.avast.com/index.php?topic=53253.0

So I just ran the Farbar Recovery Scan Tool, attached are the FRST.txt and Additions.txt logs.

Running two AV’s may give you problems

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

CreateRestorePoint: FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08] [not signed] Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f RemoveProxy: EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe

https://dl.dropboxusercontent.com/u/73555776/FRSTfix.JPG

Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S0].txt as well.

All the “Get Windows 10” entries can also be deleted.
The OP is already on W10 :wink:

and maybe windows.old if not already done http://www.howtogeek.com/223821/what-is-the-windows.old-folder-and-how-do-you-delete-it/

I’m sorry, but I’m having troubles finding the FRST.exe on my computer. I found a folder called “FRST” in Windows (C:), but it doesn’t contain FRST.exe, only subfolders called “hives”, “logs”, “Quarantine”. How do I find the FRST.exe, and when found, is it sufficient to save the notepad-document in the same folder?

when you download file(s) where do you save them?

default is usually download (nedlastinger) folder

Yes you’re right, it was in the download folder. I was under the impression that only pictures and documents were saved there. So can I just save the notepad file in the downloads folder, or should I make a folder for frts.exe and the notepad file to be in?

you can try run it from there …

if problems move frst.exe and fixlist.txt to desktop and run from there