|
Posted by B.W. on September 1, 2007, 8:58 pm
If you were Registered and logged in, you could reply and use other advanced thread options
I have had in the past on my laptop three different Trojans (all the WIN 32
varieties). With the help of the experts from this very useful Newsgroup I
have been able to remove them.
As I have been unable to set up the free version of Avast to automatically
perform a daily schedule to run a scan, I run a scan once a week manually.
My question is, if one of these Trojans has been on my PC for a week before
being detected what kind of damage may it have done to my computer. When I
did a search to find out what kind of problems they may cause (so could not
be on the look out for specific kinds of behaviours) I could not find any
information. So once this has happened can you ever be certain your PC has
not been compromised and is clean? The only change I seem to notice
recently is a slight slow down in operation, but then it could be my
imagination.
TIA
B.W.
|
|
Posted by Leythos on September 1, 2007, 10:13 pm
If you were Registered and logged in, you could reply and use other advanced thread options
bwaller@aapt.net.auxxx says...
> My question is, if one of these Trojans has been on my PC for a week before
> being detected what kind of damage may it have done to my computer.
The amount and type of damage is unknown without having the PC before
you've "cleaned" it.
A "cleaned" PC is only suspected of being Clean no matter what/how you
clean it. The only clean system, after a compromise, is a wiped and
rebuilt system.
--
Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free@rrohio.com (remove 999 for proper email address)
|
|
Posted by B.W. on September 1, 2007, 10:18 pm
If you were Registered and logged in, you could reply and use other advanced thread options
B.W.
> bwaller@aapt.net.auxxx says...
>> My question is, if one of these Trojans has been on my PC for a week
>> before
>> being detected what kind of damage may it have done to my computer.
>
> The amount and type of damage is unknown without having the PC before
> you've "cleaned" it.
>
> A "cleaned" PC is only suspected of being Clean no matter what/how you
> clean it. The only clean system, after a compromise, is a wiped and
> rebuilt system.
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999free@rrohio.com (remove 999 for proper email address)
|
|
Posted by Robert Moir on September 2, 2007, 5:15 am
If you were Registered and logged in, you could reply and use other advanced thread options
> You mean reformatting the hard drive?
That's the only way to guarantee it's clean, yes. Of course, you may well
decide that the odds of it being clean are in your favour enough, and that
it would be very inconveniant to rebuild the machine and hence take your
chances, and you may well be right if you do that too, but if we're talking
about guarantees...
|
|
Posted by Kayman on September 2, 2007, 5:33 am
If you were Registered and logged in, you could reply and use other advanced thread options > You mean reformatting the hard drive?
>
Yes, that is what he meant. It's the only way to be 99.99% sure :)
As an alternative for the inexperienced you may wish to scan with:
SuperAntispyware - Free
http://www.superantispyware.com/superantispywarefreevspro.html
Ad-Aware - Free
http://www.lavasoftusa.com/products/ad_aware_free.php
http://www.download.com/3000-2144-10045910.html
Spybot Search & Destroy - Free
http://www.safer-networking.org/en/download/index.html
After the software is updated, it is suggested scanning the system in Safe
Mode.
How do you boot to Safe Mode?
By pressing/tabbing F8 (or F5 on some keyboards) during re-boot.
Alternatively:
click onto Start==>Run, type "msconfig" (without quotation marks), click OK.
Then click onto BOOT.INI tab and 'check' /SAFEBOOT then OK and click
Restart. To go back to Normal Mode, you must access the System Configuration
utility again and click the General tab then click/check the radio button
'Normal Startup'- load all device drivers and services'.
A description of the Safe Mode Boot options in Windows XP
http://support.microsoft.com/default.aspx?scid=315222
For viral malware...
Download David H. Lipman's MULTI_AV.EXE from the URL --
http://www.pctipp.ch/downloads/dl/35905.asp
To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close
Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }
NOTE: You may have to disable your software FireWall or allow WGET.EXE to go
through your FireWall to allow it to download the needed AV vendor related
files.
C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in
Normal Mode. This way all the components can be downloaded from each AV
vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot
the PC.
You can choose to go to each menu item and just download the needed files or
you can download the files and perform a scan in Normal Mode. Once you have
downloaded the files needed for each scanner you want to use, you should
reboot the PC into Safe Mode [F8 key during boot] and re-run the menu again
and choose which scanner you want to run in Safe Mode.
It is suggested to run the scanners in both Safe Mode and Normal Mode.
When the menu is displayed hitting 'H' or 'h' will bring up a more
comprehensive PDF help file.
http://www.ik-cs.com/multi-av.htm
Additional Instructions:
http://pcdid.com/Multi_AV.htm
Good luck :)
|
| Similar Threads | Posted | | ? about Trojans | July 16, 2005, 7:14 am |
| TROJANS!!!! | August 9, 2006, 10:36 am |
| Trojans SBI | October 30, 2007, 10:18 am |
| Trojans(?) | January 13, 2008, 3:34 pm |
| Re: Trojans? Spy-ware? Oh my! | June 15, 2007, 7:01 pm |
| Re: Trojans? Spy-ware? Oh my! | June 15, 2007, 8:09 pm |
| Trojans and TCP view | January 24, 2008, 2:33 pm |
| The Cleaner finds RAS trojans, I can't find them on harddrive | November 19, 2007, 2:52 am |
| Norton Enterprise AV - scan missing viruses, trojans, keyloggers, rootkits, etc??? | April 12, 2007, 6:33 pm |
|
XML site map