PDA

View Full Version : how to be sure a virus/trojan is truely gone



Morgenmuffel
18-08-2006, 05:27 PM
Hi all

I decided to install a program inetcodec.exe i had downloaded ages ago (in exe file format), just as the program finished installing my av picked it up as a virus and put something into quarantine,
so in a mad panic i went to add remove programs inetcodec
but when i tried to uninstall it, it told me i needed to reboot before i could begin uninstalling,
so i rather stupidly did this and once it had rebooted and I went to add/remove progs it told me the same thing
I then opened Internet explorer which was hijacked by
safetyhomepage dot com
I found a mention on the adaware forum of a tool to remove it
smitfraudfix
which seems to have done the trick (everything is back to normal), i also ran CCleaner and adaware and my AV afterwards, to ensure the virus is gone,

My question is, are there any other steps i should take
And is there a way to ensure the virus is completely gone


I am just pissed off at myself as i normally scan all files i download, and i didn't this time and got a virus

Oh and i am a firefox user, i opened IE to see if it had been hijacked ad I thought that would help me find a cure

pctek
18-08-2006, 05:39 PM
Scan with more than just AdAware - you should have Spybot too if you are using this one.

What AV do you have? You can ownload the trial of NOD32 and use it, that will tell you if theres anything left lurking.

gibler
18-08-2006, 05:51 PM
Well if you want to do it properly ... you should reinstall from trusted media and restore files from a backup.

But as it is just some silly ad/spyware run a bunch of tools on your PC (Ewido, Spybot, Adaware). Have a look with Rootkit Revealer, run Hijackthis and check your networking protocols haven't been messed with.

And flail yourself 20 times for running IE. :thumbs:

Oh and download from respectable websites in the future...

vinref
19-08-2006, 12:14 AM
...My question is, are there any other steps i should take
And is there a way to ensure the virus is completely gone


I am just pissed off at myself as i normally scan all files i download, and i didn't this time and got a virus

Oh and i am a firefox user, i opened IE to see if it had been hijacked ad I thought that would help me find a cure

Maybe it is time you investigated Linux or BSD. None of this carry-on with viruses, rootkits, spyware etc. You will have to learn a few new apps, may take you a little while, but from what I read from your posts in general you should not have too much trouble.

A fantastic platform for web programming. Apache/MySQL/PHP blah blah blah is a breeze.

SurferJoe46
19-08-2006, 04:24 AM
True....what Vinref says about Linux being safe from malware...but remember that Linux machines are the "Typhoid Mary" of the puter world...they are not infected, but are carriers of infections to Windows machines.

So......if you DO run Linux, just remember that infecting friends/relatives etc by what you carry is a very large possibility.

I have a Mepis dual booted with XP on one of my LAN'd puters, and running in the Mepis mode it is always getting my other XP puter antivirus a little upset. It is handle-able, but a little eye opener for me to see the rate of cross-contamination I get that way. :dogeye:

Morgenmuffel
19-08-2006, 10:11 AM
Hey Surfer Joe

I think clamshell has an antivirus for linux, to stop you passing viruses on to windows users

As for going the linux Way, i dual boot with mepis also, I have actually investigated it, but a number of my clients use Access for their databases, and I haven't found equivalents for a couple of programs that we need to use, it is holding me back, I have tried crossover office, but that was just painfully slow, i also find the gimp confusing, mind you photoshop throws me as well (I use Firework MX, it is simple and does everything i have ever needed it to do)

Cheers

vinref
19-08-2006, 12:55 PM
Hey Surfer Joe

I think clamshell has an antivirus for linux, to stop you passing viruses on to windows users

As for going the linux Way, i dual boot with mepis also, I have actually investigated it, but a number of my clients use Access for their databases, and I haven't found equivalents for a couple of programs that we need to use, it is holding me back, I have tried crossover office, but that was just painfully slow, i also find the gimp confusing, mind you photoshop throws me as well (I use Firework MX, it is simple and does everything i have ever needed it to do)

Cheers

Yeah, you can use a Linux virus catcher, or passage email through services such as Yahoo, Gmail or Hotmail and let their virus catchers have their way with it.

From my own experience, I have never had any trouble with open source substitutes or alternatives to Windows apps. At the moment, I get infinitely more functionality from BSD than any Windows system I have ever used, especially doing web design and programming. But each to his own.

As for GIMP, there is now (has been for a while actually) GIMPshop, which is just GIMP dressed up to look and feel like Photoshop to help make the move more smooth.

Morgenmuffel
19-08-2006, 01:12 PM
Hey Vinref

What do you do your coding in in linux

I use the much maligned dreamweaver (in windows), simply because
I like syntax colouring,
I like the integrated ftp,
i like the debug function as i always forget to close a bracket

I did as recently as last month do a search for linux editors, but i didn't find any that had those features integrated
the other feature i really want is autoindent (a linux editor I used years ago had it, and it was bloody handy)

My main worry is the image editing capablilies, i freely admit i haven't used the gimp in a couple of years, but from what i remember the interface was horrid, I really dont like all the floating tools, same reason i don't like photoshop
Anyway I've got a recent version of gimp for windows here so i will test it out and see if it has improved

Cheers

vinref
19-08-2006, 01:51 PM
Hey Vinref

What do you do your coding in in linux

I use the much maligned dreamweaver (in windows), simply because
I like syntax colouring,
I like the integrated ftp,
i like the debug function as i always forget to close a bracket

I did as recently as last month do a search for linux editors, but i didn't find any that had those features integrated
the other feature i really want is autoindent (a linux editor I used years ago had it, and it was bloody handy)

My main worry is the image editing capablilies, i freely admit i haven't used the gimp in a couple of years, but from what i remember the interface was horrid, I really dont like all the floating tools, same reason i don't like photoshop
Anyway I've got a recent version of gimp for windows here so i will test it out and see if it has improved

Cheers

I use the much maligned text editing using vi, although I almost always modify stuff written by someone else such as OSWD (http://www.oswd.org/) and CMS templates - I use Drupal (PHP) mostly, but have tinkered with Joomla (PHP), Bricolage (Perl), Plone (Python) and Django (Python). I have learnt vi pretty well, and have ways to track down bugs myself, and I try to do code re-use as much as possible to save on errors. I use MySQL and PostgreSQL, and Apache and Lighttpd. All are quick and intuitive to install and are all open source.

There are "professional" html editors like Bluefish (http://bluefish.openoffice.nl/index.html), but I get by with vi. It seems like you do stuff from scratch?

I use sftp, ssh and scp that are integral to BSD on the command-line to upload/download/modify to servers, either local or remote. I am quite familiar with my system, so it only takes a few keystrokes to get it all done. Some of these are starting to sound arcane, but they are suprisingly easy to learn and use.

Definitely have a look at GIMPshop (http://plasticbugs.com/?p=241).

TGoddard
19-08-2006, 02:07 PM
True....what Vinref says about Linux being safe from malware...but remember that Linux machines are the "Typhoid Mary" of the puter world...they are not infected, but are carriers of infections to Windows machines.

So......if you DO run Linux, just remember that infecting friends/relatives etc by what you carry is a very large possibility.

I have a Mepis dual booted with XP on one of my LAN'd puters, and running in the Mepis mode it is always getting my other XP puter antivirus a little upset. It is handle-able, but a little eye opener for me to see the rate of cross-contamination I get that way. :dogeye:

Sure you can carry files with viruses and things on them, but so can a CD. Linux computers form part of the "vector" pool for passively transmitted malware, including such creations as DVDs, floppy disks, and network switches. Note, however, that in today's world it is the self-spreading malware that does the most damage and such malware is spread only by infected hosts.

Dual boot is an interesting situation if you use shared partitions. It means that a file could get to your Windows partition without arriving over the network as far as Windows is concerned. If you transfer a bunch of files to a Windows partition, remember to scan them when you next start Windows.

The point is to be aware that friends may be running systems thousands of times more vulnerable than your own. Although most users won't need to pay much attention to this, it may be an idea to use something like ClamAV if you transfer a lot of files between Windows machines (i.e. if you run a mail server).

TGoddard
19-08-2006, 02:18 PM
Hey Vinref

What do you do your coding in in linux

I use the much maligned dreamweaver (in windows), simply because
I like syntax colouring,
I like the integrated ftp,
i like the debug function as i always forget to close a bracket


I use Kate (the KDE Advanced Text Editor) for this. It syntax highlights many different languages, supports loading over FTP using the FTP KIO slave (just type ftp://blah.com/... in the open dialog. It will prompt for username and password and can save these in the KWallet encrypted password store). It doesn't have fancy inbuilt debug stuff that I know of.

I absolutely loathe Dreamweaver. I've been using DW8 for a site recently and it has generated a whole series of problems including failing to download the latest version of a file before applying a template/lib item update, missing out bits of code in those updates, sticking library items including table components in the wrong place in the code (not where I manually placed the library item tags), and the check in/check out system is simply useless.



I did as recently as last month do a search for linux editors, but i didn't find any that had those features integrated
the other feature i really want is autoindent (a linux editor I used years ago had it, and it was bloody handy)


This can be used in Kate (or most editors) by setting your default indentation settings. You can use tabs or any number of spaces and can use multiple indentation conventions.




My main worry is the image editing capablilies, i freely admit i haven't used the gimp in a couple of years, but from what i remember the interface was horrid, I really dont like all the floating tools, same reason i don't like photoshop
Anyway I've got a recent version of gimp for windows here so i will test it out and see if it has improved

Cheers

I quite like the GIMP although organising the windows can be annoying. I always use a separate virtual desktop for the GIMP to set it all out nicely.