When is enough, enough?

Happy New Year to all!
Hi, I’m a new member and if I’ve posted in the wrong group, I am sorry. I wasn’t certain where my questions would fit. The closest answer I’ve found after a morning of searching and reading was one by Pondus in the virus/worms section.
I recently acquired a nasty little thing called recycler. I spent an entire week ridding myself of it and in the process perhaps a few essential things I must have needed to carry on as usual. I ended up opting to simply wipe out my system and reinstall windows XP. It made more sense to cut my losses and simply start over again. Albeit with a good deal more paranoia and new found respect for how quickly things can go south on me. It also gave me time to research and I decided to use Avast, I didn’t trust my other antivirus any longer.
Pondus essentially said, I hope, never use two antivirus apps at the same time, use anti-malware, toss in a nice little McShield for good measure and it should be a good start. At least for the very inexperienced, like me. I pray that was the message I took from the post. Cause that is exactly what I’ve put in so far.
Question 1: Am I going into over kill by also adding an app called AdFender?
I promised myself a treat if I could get through the mess I had and that would be to try an ad blocking program. One specifically geared for ads and a downright killer. Just in case that recycler virus came in on an ad on some site.
Question 2: What is a URL:Mal?
This should be a relatively clean pc, I’ve added only Avast, Anti-malware, McShield, Winrar, Firefox, Calibre and a VLC Media player. Where could I have picked up that URL:Mal? I have connected several USB sticks to my pc where I kept my back up files and other essential stuff. Would or could that be the source?
Thank you all for being so patient and helpful. I’m determined to be part of the solution and not the problem with these nasty bugs out there.

  1. Adfender is an ad blocker and does not conflict with avast.
    Most of us use AdBlock Plus for this purpose.

  2. Not knowing what the pop-up said it is difficult to know.
    Did you click on the “more details” button in the pop-up?
    URL:Mal usually means a malicious URL. Generally avast blocks these infections.

  3. Did you run a “full system scan” before you did the reformat?
    If you did what was found or was anything at all found?

  4. Pondus knows what he’s talking about. Avast with MalwareBytes and MCShield make good partners.
    For a one time charge of $25 gets you a lifetime license to MBAM Pro. Purchase it before MBAM
    releases v2.0 or else it will be an annual charge.

  1. URL:Mal “Malicious URL blocked” – avast! Network Shield has blocked a harmful site. :slight_smile:

Item # 1:…yup, looks like they all are getting along nicely. I’ll google the AdBlock Plus or visit tucows and grab it up. Love those cows.

Item #2:…I thought I had snagged what it said but I can’t find it. On careful reflection…what bob3160 states in his response could very well be what had happened. I just neglected to note if it was incoming or outgoing. I honestly couldn’t remember…and so far has not returned. I just saw a post in the virus group mentioning it and it triggered my memory of that incident. I’m on defcon level 3 until I can stand down after my infection. So I asked what it was. Since I don’t see it in any logs I’m going to assume it was incoming and I just missed the connections.

Item #3…I’m not certain what exactly is a full system scan. You guys are sooo good at this. I pulled everything out I wanted and followed microsoft’s steps for a complete windowsXP home ed. install. Prior to the reinstall I had used malware to locate and isolate the recycler bug followed by using RogueKiller, aswMBR version 0.9.9.1771, and combofix rounded it out. Probably where I started getting in trouble. Managed to rid recycler eventually by changing my trash to immediate disposal after I became convinced it was staying in the garbage and popped back on it’s own the first couple of times.
By using one of those apps I also tossed something vital to windows and could only access in safe mode which is where I tossed my hands up and decided to ‘clean’ up everything with the reinstall.
So I had nothing in her other than what would come from the factory. I didn’t even need to defrag. I did do a disc check via the admin tools in the system and the first thing I installed was Avast followed by Malware. I had them both run as full a scan as possible. Only thing found was a smart browser pack of stuff I quarantined…and that was only when scanned after I installed Firefox and winrar. I’m pretty ticked at Firefox right now. But all in all it looked good. I intend to do scans after every two or so changes to my system. Maybe I can catch stuff ahead of trouble.

Item #4…yup, I agree. Pondus directions were sensible, direct and indeed, of immense help. But then again, you all are that way. His posts I glommed were just workable for me…and for that I’ll thank him when I can. :wink: I just got worried maybe I was installing possible future problems.

You, kind sir, have my deepest gratitude. I am a fan.

If you are using v2014.9.0.2011… GUI>click “scan”>select from drop-down options>click “full scan”>click “start”
Just use the default settings as they are plenty good. :slight_smile:

Bless your heart, Para-Noid. Thank you.
I am indeed using v2014.9.0.2011. Just completed another full scan, plugged in my external hard drive this time and added it to read it in the settings in case the default didn’t. Lo and behold it found a Win32 Downloader-TBH [adw] infection in a file I had stored in my external that I haven’t had a chance to play with yet. Obviously, I will forego playing with it now. :wink:
Two other instances also in the Virus Chest say Win32: Malware-gen. Both files, I am fairly certain, are only suspicious because of what they are. In any case none of them are important to me. I’ll delete them shortly.
May I ask what are the differences between ‘fix’ and ‘repair’? Would it be the levels of how the program approaches the problem?
Also it’s occurred to me that adding a ‘snip’ to your quote earlier about getting MBAM Pro was rude. I apologize. I’m more interested in saving up for the Avast Premier for the moment. I do thank you for the heads up, though. You all are terrific. I feel more in control and at peace now with what I need to do to be safe.
It’s a pleasure to read through all the available posts. There’s so much in them to learn from. So I thank everyone who has had troubles and questions and those who’ve had answers…they are not wasted.

Thank you, Bob. Plain, simple and perfect. My deepest regards to a teacher. :wink:

@Tish,
Most files can’t be repaired.
If you right click on the files in the chest, one of your options is to report that file to
Avast as a false positive.
Doing so will let the guys in the Virus Lab check the file and, if determined to be a false positive,
remove it from the detection. You’ll then be able to select “Restore”.
Files in the chest can’t harm your computer so there isn’t any reason to hurry up and remove them from there.
If after submitting them to the virus lab and then having waited a reasonable amount of time, recheck their status.
If they are still being detected as a virus, then you can always remove them at that time. :slight_smile:

it means the URL or IP is on a blacklist for whatever reason …there can be many, does not have to be infected
you can check urls here www.urlvoid.com

Clean, Quarantine, or Delete? http://antivirus.about.com/b/2007/03/11/clean-quarantine-or-delete.htm

His posts I glommed were just workable for me...and for that I'll thank him when I can.
your welcome ;)

Thank you, Bob,
Very helpful considering I have a good idea of what these items are. The first is what appears, after I googled it, to be either a screen saver or some sort of script. I’ve never gone looking for a script, nor would I recognize one if it smacked me upside the head, it’s probably some sort of screen saver…maybe…either way I am not emotionally wedded to it and it would be just another extra needless job for the Lab.
The second is what I’ll consider a learning experience into using something I nicked off a rapidshare host I found using a google tips and tricks book I had and grabbed thinking I’d try to use. You get what you pay for. Since I hadn’t paid for it…I’ve learned not to play with things and places I have no business with. In all fairness it should go. 'Sides it’s properties says it’s unrepairable.
Finally the last thing sorta breaks my heart to part with. But it too needs to go. It’s only purpose is for something I’d need to plead the fifth for. I might hang on to it because I like the concept behind it even if I feel wicked.

But I thank you again, because I’m learning. You’re a wonderful teacher, Bob. :slight_smile:

There you are! My heroes…all of you. Thank you…for the links…for your time and mostly for the wisdom and knowledge you share. ;D

@ Tish
Not sure if it has been mentioned, but you may want to hide your Email from the forum.
Settings/ uncheck allow users to email me.
Nasty reality is Email Harvesters for Spamming purposes.
Just saying. :slight_smile:

On behalf of my fellow forum members…You’re welcome! 8)

Remember…

  1. Put in chest.
  2. Send to virus lab.
  3. Re-scan at a later date.
  4. Restore if safe. :slight_smile:

Be kind to Bob3160…he can send you on a wonderful ocean cruise!!! ;D Sorry Bob…couldn’t help myself! Happy New year!

The cruises are over I’m afraid. Happy New Year to you also. :slight_smile:

Aye, I’ve corrected that. Thank you Bob. I admit I initially thought a visible email address was sorta odd. Considering the purpose of the site. I assumed it was locked and secure. What better place to study what the the opposition is up to…the old keep your friends close but your enemies closer sorta thing. I concluded in error that perhaps it was there so one could perhaps be spanked in private rather than publicly. Not that I’ve ever regarded being spanked as a bad thing…but there are some souls that are highly sensitive and I’m sure you’ve met a few. :wink: I just fell on the wrong side of my own argument this time, yet again. Tells you why I don’t dream of going to Vegas or play lotto.
May I ask another question? What do you know of the program called Hot Spot? Does the protection I have with the current apps I have make Hot Spot redundant? Or would Hot Spot interfere with what I have? The thought of masking my IP feels good, I admit.
Oh, and don’t worry about feeling obligated to send me on a cruise anywhere. :slight_smile: I saw The Poseidon Adventure the first day it opened in the theaters. It assured me I had no future in the Navy or as a pirate.

Thank you for the welcome and I will always remember your advise. I promise. I just need to learn more so I won’t have the need to follow them often. Again…My deepest gratitude. ;D

@Tish
Unless you’re using public WiFi, Hot Spot isn’t really needed and will probably slow you down.
Might be nice to keep handy for the times you aren’t on your home and secure network.
schmidthouse deserves the credit for hiding your email address. :slight_smile:

Did you manage to set SP3 installed and fully update your Patches from the Windows site ?

.

Albeit with a good deal more time to research and I decided to use Avast, I didn’t trust my other antivirus any longer

May one ask what program you did have?

Pondus essentially said, I hope, never use two antivirus apps at the same time
,

I see on many of the Malware removal specialist forums that people have (unwisely) run two ore more antivirus prograsm on their machins then wondered why they had gotten infectedd !!

You need one anitvirus program and run it in Real time, plus a good but not overpowering selection of antimalware programs
That said, how is your machine currently?