Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

How to verify/validate a machine as clean/safe? [Solved]


  • This topic is locked This topic is locked

#16
Arlin

Arlin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
MBAM scan log --


Malwarebytes Anti-Malware 1.70.0.1100
www.malwarebytes.org

Database version: v2013.02.22.04

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
StarMoore :: MOOREOFFICE-PC [administrator]

2/22/2013 1:13:44 PM
mbam-log-2013-02-22 (13-13-44).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
Scan options disabled:
Objects scanned: 228936
Time elapsed: 1 minute(s), 37 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
  • 0

Advertisements


#17
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Yes use your current copy ensure that you check for updates first .. I will check the link Ta :)
  • 0

#18
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Oops missed your reply ... Are there any outstanding problems ?
  • 0

#19
Arlin

Arlin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
I posted the mbam result log above (post 16). I used the existing install and did update defs (updatd from 2/21 to 2/22 defs) and it looks like no issues.

Does that mean it's clean?


Also, if not too much to ask, I have disk image based backups that I intend to mount in a VM (w/ no network access for safety) and then scan them.
The purpose to identify which backups are dirty (and so should be erased) and which are clean.
This may also give me an idea of how long ago the infection happened.

What is the quickest reliable scan I can use for that?

Secondly, what would you suggest going forward for protecting Win 7 and 8 machines. I've been moving ppl to MSE on Win 7 but there is no scheduler in Win 8 and either way I'd rather your recommendation.
Free is preferred if possible.

Thank you much for all Essexboy.
It's very appreciated.
  • 0

#20
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets see, Antivirus.. I am currently using the RC2 of Avast 8 which is now compatible with windows 8 it includes a scheduler along with a host of other stuff
Avast 8 RC2

Fairly easy to set up (as long as you remember to decline the offer of Chrome browser )
There is a small(ish) video which shows how it is set up and installed along with all the shields in action

music is rubbish mind :), but the engine, definitions and updates are the same for both free and paid for versions. Updates are generally two a day although there are streaming updates which are continuously on to keep it updated, however the band width usage is not noticeable
This can also scan removable drives and backup images especially if you mount them on a VM, then you can play with the AV at the same time

There is also a thread here where users report on their findings

A quick look at the shields that are used, any further questions then do not hesitate to ask
[attachment=63391:Capture.JPG]

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

Run OTL and hit the cleanup button. It will remove all the programmes we have used plus itself.

We will now confirm that your hidden files are set to that, as some of the tools I use will change that
  • Click Start.
  • Open My Computer.
  • Select the Tools menu and click Folder Options.
  • Select the View Tab.
  • Under the Hidden files and folders heading select Do not show hidden files and folders.
  • Click Yes to confirm.
  • Click OK.


: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article and this article.
I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

Posted Image Malwarebytes.

Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programmes on your system need updating and give a download link

If you use on-line banking then as an added layer of protection install Trusteer Rapport

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit
To learn more about how to protect yourself while on the internet read our little guide How did I get infected in the first place ?Keep safe :wave:
  • 0

#21
Arlin

Arlin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
Ok. I think you live Avast 8 for AV ;)
I did cleanup, thank you. You are a workman and a gentleman sir. Quite good.

As far as Java, larry ellison should be tarred and feathered and dragged by pick-up truck through every town square of every village where his crap is slung. Thanks for the links, will go thru them thoroughly.

Re: file hippo - I've been tending to put on Secunia's PSI lately. Looks to me like maybe file hippo's functionality is already rolled in PSI? So do I use this a replacement for PSI, to go alongside or just whichever I like better? thanks.

MBAM - Check
Windows update - Check

Trusteer Rapport - never heard of em. Will know them now, thank you.
  • 0

#22
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
File hippo or PSI either is good :)

Trusteer is mainly for online banking, it ensures that you only go to the right site and checks for keyloggers whilst you are there
  • 0

#23
Arlin

Arlin

    Member

  • Topic Starter
  • Member
  • PipPip
  • 17 posts
It's been a bit under 24 hours. I'm scanning now with MBAM (full scan.) If this comes back with nothing found, is it safe to assume the machine is clean? Or is/are there other scanners I should run as well before the machine can be trusted.


Thanks much for all of your help.
  • 0

#24
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
I killed the files and folders responsible so unless MBAM finds anything you should be good to go :)
  • 0

#25
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 1

Advertisements







Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP