Worried about viruses

carvaggio

Background: Basically I have been doing a long overdue scan of my computer for viruses/malware etc. I should note I haven't had any trouble with my laptop or anything.

I have been using Avast to scan through the computer, largely as it is available for free. I've done several quick scans and a couple of full system scans, with no real problems found (a couple of files labelled as adware, which I moved to the chest). So apparently my computer is clean.

I had a look through the task manager, and nothing was there to worry me (I think). What does slightly worry me is that the task scheduler has an error upon opening (Task BackgroundConfigSurveyor: The task image is corrupt or has been tampered with) how long it has been like this I don't know and having said that I can still schedule and execute tasks successfully.

Also upon shut down I generally have to wait 20 or so seconds for 'Task Host' and another file which includes the acronym AMD to close before the laptop successfully shuts down (it only appears for a split second).

My questions are, is any of this a real cause for concern, should I be happy that my computer is clean? Would a boot scan be preferable?

Is avast a good antivirus system to use? Should I be happy thay my computer has nothing dangerous on it?

Are there any other free resources I should use to re-instill my confidence in my laptop?

As you can see I am clearly not a technological genius, and would be quite worried about doing anything in regedit in case I destroyed my CPU.

Any help/advice would be much appreciated

yoyo

carvaggio wrote: »

Background: Basically I have been doing a long overdue scan of my computer for viruses/malware etc. I should note I haven't had any trouble with my laptop or anything.

I have been using Avast to scan through the computer, largely as it is available for free. I've done several quick scans and a couple of full system scans, with no real problems found (a couple of files labelled as adware, which I moved to the chest). So apparently my computer is clean.

I had a look through the task manager, and nothing was there to worry me (I think). What does slightly worry me is that the task scheduler has an error upon opening (Task BackgroundConfigSurveyor: The task image is corrupt or has been tampered with) how long it has been like this I don't know and having said that I can still schedule and execute tasks successfully.

Also upon shut down I generally have to wait 20 or so seconds for 'Task Host' and another file which includes the acronym AMD to close before the laptop successfully shuts down (it only appears for a split second).

My questions are, is any of this a real cause for concern, should I be happy that my computer is clean? Would a boot scan be preferable?

Is avast a good antivirus system to use? Should I be happy thay my computer has nothing dangerous on it?

Are there any other free resources I should use to re-instill my confidence in my laptop?

As you can see I am clearly not a technological genius, and would be quite worried about doing anything in regedit in case I destroyed my CPU.

Any help/advice would be much appreciated

Its probably fine, give NOD Online Scan a go for another opinion, its free and has very high detection rates

Nick

carvaggio

Ran the online scan you linked, it found 6 infected filed, 5 related to something called hotbar, and 1 related to a file called registrybooster.exe.

All removed/quarantined now fortunately.

Dr.Dre

Yes your computer was infected but its not a virus its spyware. From my knowledge hotbar is spyware but you can download a free trial of spyware docter and it should remove it straight away.

Hope this helps!

carvaggio

Dr.Dre wrote: »

Yes your computer was infected but its not a virus its spyware. From my knowledge hotbar is spyware but you can download a free trial of spyware docter and it should remove it straight away.

Hope this helps!

Will try that!

Would the previous tool not have removed the problem though?

Dr.Dre

carvaggio wrote: »

Will try that!

Would the previous tool not have removed the problem though?

It should have anyway.But there is no harm in running a free scan anyway of a program that deals solely with Spyware to see it there is any traces left behind.:)

KoolKid

Thread Moved!
Probably better suited to Virus & Malware removal.

GarIT

carvaggio wrote: »

Will try that!

Would the previous tool not have removed the problem though?

It was only Avast. Most free antivirus only stop between 60%-80% of malware and let the rest through. A lot of people think that are safe with just an antivirus but there are many threats an antivirus wont stop. You need to go and buy a good internet security package.

ArseBook

GarIT wrote: »

It was only Avast. Most free antivirus only stop between 60%-80% of malware and let the rest through. A lot of people think that are safe with just an antivirus but there are many threats an antivirus wont stop. You need to go and buy a good internet security package.

Really? I haven't bought something like that in at least ten years and have never had a virus. I find that these programs are far more spammy and more hassle than just having to format and re-install the OS in the unlikely event that there's actually a problem.

GarIT

ArseBook wrote: »

Really? I haven't bought something like that in at least ten years and have never had a virus. I find that these programs are far more spammy and more hassle than just having to format and re-install the OS in the unlikely event that there's actually a problem.

Yeah, usually your fine, the 20% they let through are usually the less common ones. Most people are fine with a free one but some people aren't. I'd always air on the side of caution I rather pay for something that gives 90%-100% protection, especially when you can get things like Comodo that only cost €50 for 3 years and offer a €500 gaurentee if your pc gets infected.

If you have some time go onto YouTube and do a search for Languy99 then look at his most recent video for whatever security you use, you'll probably be surprised.

carvaggio

GarIT wrote: »

It was only Avast. Most free antivirus only stop between 60%-80% of malware and let the rest through. A lot of people think that are safe with just an antivirus but there are many threats an antivirus wont stop. You need to go and buy a good internet security package.

It was actually the NOD Online Scan that I used, (having previously scanned with Avast).

I am a bit cautious of the anti-spyware I was previously told about here, some of the feedback I have found doesn't seem overly complementary, though it's always hard to judge on the internet. However if it is really deemed necessary I will give it (or something similiar) a go.

GarIT

carvaggio wrote: »

It was actually the NOD Online Scan that I used, (having previously scanned with Avast).

I am a bit cautious of the anti-spyware I was previously told about here, some of the feedback I have found doesn't seem overly complementary, though it's always hard to judge on the internet. However if it is really deemed necessary I will give it (or something similiar) a go.

I meant what you used originally. NOD is actually a fairly good paid product, only the online version is free.

There's no need for anti spyware you should just get an internet security package it will have it all in one. If you went down the road of doing it all separately youd be looking at getting, and antivirus, anti spyware, anti adware, anti rootkit, anti keylogger and a few other things. Its just not worth the effort really.

Dr.Dre

GarIT wrote: »

I meant what you used originally. NOD is actually a fairly good paid product, only the online version is free.

There's no need for anti spyware you should just get an internet security package it will have it all in one. If you went down the road of doing it all separately youd be looking at getting, and antivirus, anti spyware, anti adware, anti rootkit, anti keylogger and a few other things. Its just not worth the effort really.

em i dont believe you are correct sir.

Its spyware she has and nothing else.There is no need to be talking about keyloggers and rookits when avast will block them itself.

I have avast and installed a keylogger to see would it remove it and it did straight away.

Im not entirely sure what you mean by this 20% that anti virus lets through

@carvaggio , All you need to do is run a trial version of a anti spyware program(spyware docter being the No.1 out there) and it will remove every bit of spyware.

Thats the only problem that you have to deal with.Avast will look after everything else!

yoyo

carvaggio wrote: »

Ran the online scan you linked, it found 6 infected filed, 5 related to something called hotbar, and 1 related to a file called registrybooster.exe.

All removed/quarantined now fortunately.

Thats fine, your system should be good now, no need to start paying for an anti-virus/Malware program, if you really want to remove Avast and install Microsoft Security Essentials but I think your fine as it is, Hotbar is a older type of spyware, usually installed with P2P applications (Like Imesh, Kazaa etc) and it could have just been traces of what has been found previously left over

Nick

carvaggio

Thanks for the advice everyone!

GarIT

Dr.Dre wrote: »

em i dont believe you are correct sir.

Its spyware she has and nothing else.There is no need to be talking about keyloggers and rookits when avast will block them itself.

I have avast and installed a keylogger to see would it remove it and it did straight away.

Im not entirely sure what you mean by this 20% that anti virus lets through

@carvaggio , All you need to do is run a trial version of a anti spyware program(spyware docter being the No.1 out there) and it will remove every bit of spyware.

Thats the only problem that you have to deal with.Avast will look after everything else!

All you know they are infected with is spyware, it's always better to check there not infected with anything else. The 20% of viruses let through is found from extensive testing. Spyware Doctor has high sales but that doesn't make it good. Last time we tested it we used 300 samples of malware and it only found 11. SuperantiSpyware is a lot better choice.

Last time we tested Avast it let 44% of the malware tested through. Id agree with the other poster if your switching to security essentials as it has the highest detection of any free product, around 82% I think.

Dr.Dre

GarIT wrote: »

All you know they are infected with is spyware, it's always better to check there not infected with anything else. The 20% of viruses let through is found from extensive testing. Spyware Doctor has high sales but that doesn't make it good. Last time we tested it we used 300 samples of malware and it only found 11. SuperantiSpyware is a lot better choice.

Last time we tested Avast it let 44% of the malware tested through. Id agree with the other poster if your switching to security essentials as it has the highest detection of any free product, around 82% I think.

Yes, but the only problem we are talking about here is spyware.;)

I mean sure malware can be a problem but for carvaggio it is not malware that is causing the problem but spyware.

I agree with you when saying malware software is needed but its moving onto a whole different topic.What i mean is the problem right here right now is spyware not malware.

carvaggio

I did get one strange find tonight, though I suspect it was largely my own fault, as I was installing malwarebytes while running a scan with avast. It suggested that a mbam.??? file may have had something to do with a rootkit, I deleted it and uninstalled malwarebytes, just in case.

Then I performed a boot scan, which didn't turn up anything. Oddly enough I can report my computer is shutting down more smoothly (and is slightly more speedy while starting up).

Having read this http://www.pcadvisor.co.uk/reviews/security/3251319/avast-free-antivirus-5-review/

I'm happy enough with avast.

GarIT

carvaggio wrote: »

I'm happy enough with avast.

Watch this and you definately wont be

https://www.youtube.com/watch?v=yRNJXT9FilE

Also the PC Advisor review is old and was for the last version of Avast malware has advanced a lot since then.

GarIT

LIGHTNING wrote: »

Spyware is form of malware!

Everything is malware, its a broad term that describes anything that causes harm on your computer. I think he meant it was spyware as opposed to other malware.

GarIT

carvaggio wrote: »

I did get one strange find tonight, though I suspect it was largely my own fault, as I was installing malwarebytes while running a scan with avast. It suggested that a mbam.??? file may have had something to do with a rootkit, I deleted it and uninstalled malwarebytes, just in case.

That's called a false positive, Avast detected something as malware when it is not. PC Advisor even said Avast has "good-but-not-top-notch malware detection" why settle for good? If you do your banking online your definitely not safe with avast or any free product.

Kepti

GarIT wrote: »

If you do your banking online your definitely not safe with avast or any free product.

I don't agree with this. It's unreasonable to imply that paying money will automatically make you safe. There's no need for a home user to pay for antivirus.

GarIT

Kepti wrote: »

I don't agree with this. It's unreasonable to imply that paying money will automatically make you safe. There's no need for a home user to pay for antivirus.

I'm not saying you'll be safe but some of the paid ones are a lot better than free ones. If you go for something with I.D. protection like Norton or safe run for browsers and a virtual keyboard like kaspersky your going to be a lot safer. Or if you got Comodo pro they gaurentee any money lost. It's nearly like an insurance policy for online activities. For €25 euro a year I can't see a reason not to go for it.

I'm not trying to imply anything, if you paid €60 for McAfee you would have protection that is a lot worse than most free products.

I remember a bout a year ago there was a woman that broke down crying in my shop because someone stole over €20,000 from her bank when she used her laser online, and she had avg free on her computer. I was talking to her a few months later and she had been told that she wouldnt get a penny back unless the speific people were caught and brought to Ireland. If she had of had Comodo they would have paid her back for her losses.

Kepti

GarIT wrote: »

I'm not saying you'll be safe but some of the paid ones are a lot better than free ones. If you go for something with I.D. protection like Norton or safe run for browsers and a virtual keyboard like kaspersky your going to be a lot safer. Or if you got Comodo pro they gaurentee any money lost. It's nearly like an insurance policy for online activities. For €25 euro a year I can't see a reason not to go for it.

I'm not trying to imply anything, if you paid €60 for McAfee you would have protection that is a lot worse than most free products.

I remember a bout a year ago there was a woman that broke down crying in my shop because someone stole over €20,000 from her bank when she used her laser online, and she had avg free on her computer. I was talking to her a few months later and she had been told that she wouldnt get a penny back unless the speific people were caught and brought to Ireland. If she had of had Comodo they would have paid her back for her losses.

I don't think the Comodo guarantee is as cut and dried as you believe.

"Personal Internet and Identity Coverage – if your identity is compromised, this coverage provides reimbursement for certain expenses and lost wages up to $15,000"

It appears to only apply in the Unites States. You can read the details here:
https://accounts.comodo.com/docs/cis/Chartis_Summary_of_Benefits_Comodo_Security_Solutions.pdf

GarIT

Kepti wrote: »

I don't think the Comodo guarantee is as cut and dried as you believe.

"Personal Internet and Identity Coverage – if your identity is compromised, this coverage provides reimbursement for certain expenses and lost wages up to $15,000"

It appears to only apply in the Unites States. You can read the details here:
https://accounts.comodo.com/docs/cis/Chartis_Summary_of_Benefits_Comodo_Security_Solutions.pdf

Ok, we sell Comodo and they say everything is the exact same here as it is there, but I'm not really bothered getting into a big discussion defending myself on my knowledge of something so simple as computer security.

Kepti

GarIT wrote: »

Ok, we sell Comodo and they say everything is the exact same here as it is there, but I'm not really bothered getting into a big discussion defending myself on my knowledge of something so simple as computer security.

Your claim that the woman who broke down crying in your shop would have been reimbursed her €20,000 by Comodo looks to be flat out wrong. No need for a big discussion, but could you point me to something that backs up that claim?

This is what the $15,000 (€10,000) covers.

BENEFITS
We shall pay you for the following:

a) Costs
i. Reasonable and necessary costs incurred by you in the United States for re-filing
applications for loans, grants or other credit instruments that are rejected solely as a result of a
stolen identity event;
ii. Reasonable and necessary costs incurred by you in the United States for notarizing
affidavits or other similar documents, long distance telephone calls and postage solely as a
result of your efforts to report a stolen identity event and/or amend or rectify records as to your
true name or identity as a result of a stolen identity event;
iii. Reasonable and necessary costs incurred by the insured for up to six credit reports from
established credit bureaus (with no more than two reports from any one credit bureau) dated
within 12 months after your knowledge or discovery of a stolen identity event.

b) Lost Wages
Actual lost wages earned in the United States, whether partial or whole days, for time reasonably
and necessarily taken off work and away from your work premises solely as a result of your efforts
to amend or rectify records as to your true name or identity as a result of a stolen identity event.
Actual lost wages includes remuneration for vacation days, discretionary days, floating holidays,
and paid personal days but not for sick days or any cost arising from time taken from self-employment. Coverage is limited to wages lost within twelve months after your discovery of a
stolen identity event.

c) Legal defense fees and expenses
Reasonable and necessary fees and expenses incurred in the United States by you with our consent
for an attorney approved by us for:
i. Defending any civil suit brought against you by a creditor or collection agency or entity acting
on behalf of a creditor for non-payment of goods or services or default on a loan as a result of a
stolen identity event; and
ii. Removing any civil judgment wrongfully entered against you as a result of the stolen identity
event.

Why not install an application layer firewall and set rules accordingly to your behavior.

If any malware makes an attempt to call home, this action can then be stopped in its track.

GarIT

Kepti wrote: »

Your claim that the woman who broke down crying in your shop would have been reimbursed her €20,000 by Comodo looks to be flat out wrong. No need for a big discussion, but could you point me to something that backs up that claim?

This is what the $15,000 (€10,000) covers.

I thought she would have gotten some of it back anyway but them seem to have themselves fairly covered there. I'd still always go for a paid av over a free one. I get Kaspersky and NOD32 free so I just use Kaspersky anyway. Comodo sent us posters advertising the $500 gaurentee for harm to your computer. They all said €500 so someone asked about it and Comodo said they will honour a €500 pc gaurentee here.

Oh and the woman was crying because it was supposed to be for college for her 3 kids and she was actually buying books when it happened. We get cases like that in all the time but usually there for a lot less money, the people are always fairly upset though, and there's usually nothing we can do other then tell them that next time they should use a better av/security package.

GarIT

NoDrama wrote: »

Why not install an application layer firewall and set rules accordingly to your behavior.

If any malware makes an attempt to call home, this action can then be stopped in its track.

Is that not a bit complicated for a novice user?