Need help with quarantined virus

[mae]

My McAfee software, running on Windows Vista on Peoplepc in a real-time scan alerted me: Exploit-URLSpoof.gen (Trojan) Quarantined

It is located in:
C:\ProgramFiles\PeoplepcAccelerated\temp\http_cache\_0000_2

I connected to McAfee Website and tried to download McAfee Virtual Technical Application, but I could not, and when I tried a live chat, I was unable to download the Assist starter program needed to communicate.

If this Trojan is quarantined, can I delete it? Is it really a virus or just thought to be a potential threat by McAfee?

Very uncertain how these security softwares work...Popup, allow...do not allow? I guess I need to read up on this to understand what I should allow and not allow.

Please give any expert advice as to what you think I should do. My computer is just a few weeks old and I do not want to mess it up. (Acer computer )

Thanks!!!

 

[kimsland]

Yes you can safely delete any Virus from the quarantine folder (or just leave it there, as it is safely put away now)

But I might add that McAfee is not the best Antivirus (IMHO)
If your computer were mine, I'd uninstall it straight away (probably the day I got it)
Then run the McAfee Removal Tool (seeming like Norton, McAfee never fully uninstalls normally)

Then install (the definitely much better) Avira free AntiVirus

Have a look at:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
Because if you had McAfee for a while, it's possible you could still have more infections (McAfee's not real good finding them )

 

[mae]

Looking into recommendations....

Thanks for the recommendations. I want to follow the links you sent me and follow up on this. I know I shouldn't be without virus protection, so I must make a choice if I should delete McAfee and add the other.

I'll probably have more questions once I proceed forward.

 

[kimsland]

I like tech questions
Especially the twisted ones where users\members say, if I do this, and then this happens, what will happen with that. That type of thing

 

[mae]

Generic Malware.a! zip

I am keeping McAfee for the time being. I will explore other options (as recommended) when I have better figured out how all this malware/virus detection software works.

Today, another TROJAN was stopped and removed automatically from my computer. I foolishly went to open an e-mail supposedly from americangreetings.com - but, I should have know better because it wasn't signed and showed the image on the card, but said I had to open the attachment to find out what friend had sent it. (I should have known!) Anyway, McAfee caught it and removed it:

Generic Malware.a! zip

Everytime I open a window, I get the dialog box: Both secure and insecure items can be opened, do you want to open both? (paraphrased)

Yes No

I had been checking off Yes, should I always check off No? And then if something that doesn't appear on my screen that I need, - then check yes?

I cleaned my temporary file - but did not choose the permanent solution (regarding the previous Trojan listed on my first thread message above. I did not permaently clean my cache and temporary internet files (where the Trojan was quarantined because then some registries would have been wiped out.)

The more I'm reading about this....the more I'm getting confused. It's seems a little bit of knowledge won't do....you need to get into this computer stuff more and more in order to keep up with things and to not be duped.

(It's getting more complicated than filling out your taxes...including all schedules.)

Just "school" me some more about these security threats. I want to be careful before I remove McAfee and then download one of the other programs that are suggested above.

Thanks!

 

[kimsland]

No problems, you'll have to do an online Antivirus scan though, as McAfee is quite bad at finding Viruses, there may be some still there.

By the way I wouldn't keep it, but that's just me. Mind you it is the MS preferred Antivirus (but certainly rates as one of the lowest protection softwares)

Run Kaspersky Online AV Scanner

In order to use it you have to use Internet Explorer.
Go to Kaspersky and click the Kaspersky online scanner box button.

Note for Internet Explorer 7 users: If at any time you have trouble with the accept button of the licence, click on the Zoom tool located at the right bottom of the IE window and set the zoom to 75 %. Once the license accepted, reset to 100%.

• Read the Requirements and limitations before you click Accept.
• Allow the ActiveX download if necessary.
• Once the database has downloaded, click Next.
• Click on "My Computer"
• When the scan has completed, click Save Report As...
• Enter a name for the file in the Filename: text box and then click the down arrow to the right of Save as type: and select text file (*.txt)
• Click Save - by default the file will be saved to your Desktop, but you can change this if you wish.

Attach the report into your next reply

Note for users who cannot press the "Accept" button ie greyed out
Download the Windows Installer Cleanup Utility package http://support.microsoft.com/kb/290301

 

[mae]

Need to download Java

Thanks Kimsland...

I went to download Kaspersky Scan, but realized I have to download Java 1st. That shouldn't mess up my computer, should it?

So, questions are:

1. Is it safe to download Java from Java site linked to through Microsoft?

2. Kapersky says I should disable McAfee while being scanned. Does that also mean while I am downloading it? I have Peoplepc dial-up and that would leave me without anti-virus for a while - will that be okay?

3. After I download the Kaspersky AntiVirus, can I run it offline, or should I be online?

Thanks....!!! Your help is very much appreciated.

 

[kimsland]

Have a look at:
UPDATED 8-step Viruses/Spyware/Malware Preliminary Removal Instructions
Because if you had McAfee for a while, it's possible you could still have more infections (McAfee's not real good finding them )

Best to follow the 8-Step guide in full
Java update is also in there.

By the way, if you're able to take it somewhere that has high speed Internet, that would be ideal
Dial-up is going to be a pain to do downloads and updates, mind you McAfee's updates are usually quite big, so you may be use to it.

 

[mae]

Question about Fine-Tune software

Deleting this message = superfluous. Will not post again until run virus scan. Thx.

 

[kimsland]

What?

What worries me more is that you actually wrote all that rubbish

Anyway please don't reply until you have done what is asked (a few times now)

 

[mae]

ran kaspersky online av scanner

Ran kaspersky online av scanner. Followed directions - however not able to attach report. Trojan found - I think it is same one as that quarantined by mcafee.

Ques. - I am going to download a trial of kaspersky and uninstall mcafee.

Do I have complete security if I have kaspersky, i.e., firewall protection, antispyware, antiadware, antimalware, anti-spam, etc.?

thnx

 

[kimsland]

Then install (the definitely much better) Avira free AntiVirus

Just install Avira, as stated on Post #2

 

[mae]

scan report

Uninstalled McAfee. Ran McAfee Removal Tool. Downloaded Avira and ran scan.

Reported: Avira AntiVir Personal
Report file date: Wednesday, April 01, 2009 05:39

Scanning for 1284893 virus strains and unwanted programs.

Beginning disinfection:
C:\Program Files\Acer GameZone\Alice Greenfingers\AliceGreenfingers.exe
[DETECTION] Is the TR/Agent.786432.J Trojan
[NOTE] The file was moved to '4a3c689e.qua'!
C:\Program Files\Acer GameZone\Chicken Invaders 3\CI3.exe
[DETECTION] Is the TR/Agent.1150976.I Trojan
[NOTE] The file was moved to '4a06687b.qua'!
C:\Program Files\Acer GameZone\Jewel Quest Solitaire\aJewelQuestSolitaire.exe
[DETECTION] Is the TR/Agent.1085440.A Trojan
[NOTE] The file was moved to '4a38687c.qua'!
C:\Program Files\Acer GameZone\Turbo Pizza\TurboPizza.exe
[DETECTION] Is the TR/Agent.1343488.H Trojan
[NOTE] The file was moved to '4a4568a7.qua'!
C:\Program Files\Acer GameZone\Zuma Deluxe\Zuma.exe
[DETECTION] Is the TR/Agent.1294336.F Trojan
[NOTE] The file was moved to '4a4068a7.qua'!
C:\Program Files\PeoplePC\Toolbar\PPalCleanUp.exe
[DETECTION] Contains recognition pattern of the ADSPY/PeopleP.40684 adware or spyware
[NOTE] The file was moved to '4a346883.qua'!
C:\Program Files\PeoplePC\Toolbar\PPalFinish.exe
[DETECTION] Contains recognition pattern of the ADSPY/PeopleP.40008 adware or spyware
[NOTE] The file was moved to '4cbd09f4.qua'!


End of the scan: Wednesday, April 01, 2009 06:12
Used time: 29:25 Minute(s)

The scan has been done completely.

15211 Scanned directories
322426 Files were scanned
7 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
7 Files were moved to quarantine
0 Files were renamed
2 Files cannot be scanned
322417 Files not concerned
2709 Archives were scanned
4 Warnings
9 Notes
77378 Objects were scanned with rootkit scan
0 Hidden objects were found

Most of these were games that came with my computer or parts of Peoplepc Internet carrier software. I had them quarantined.

I will go back to step 2 above and finish doing the 8-steps as recommended.

Is there anything I should know about the above scan? (I did not include all of report because it was toooo long.)
Thx.

 

[kimsland]

No nothing to "know about"

Except your agreeableness that Avira Antivirus is much better than McAfee
The proof is in the pudding as it were.

Please continue on from above