DTP


 
Lively discussions on the graphic arts and publishing — in print or on the web


Go Back   Desktop Publishing Forum > General Discussions > The Corner Pub

Reply
 
Thread Tools Display Modes
Old 07-07-2007, 10:08 AM   #1
dthomsen8
Member
 
dthomsen8's Avatar
 
Join Date: Aug 2005
Location: Philadelphia, PA 19130
Posts: 2,158
Default Virus Consequences

My wife's WinXP Home computer was infected with a virus, PMpatch, and the AVG virus checker detected the infected modules and moved them to a virus vault or deleted them.

I am supposing that the deletion of these modules means that the underlying programs won't work. For example, PicasaMediaDetector.exe and Nerocheck.exe are among the modules that were deleted. I suppose that the proper response is to reinstall these two programs. I would post the screen capture, but I don't think attachments work yet.

Am I correct in my suppositions? No, I don't have backups for this computer, but I think maybe I should start doing that, too.
dthomsen8 is offline   Reply With Quote
Old 07-07-2007, 10:14 AM   #2
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Quote:
Originally Posted by dthomsen8 View Post
My wife's WinXP Home computer was infected with a virus, PMpatch, and the AVG virus checker detected the infected modules and moved them to a virus vault or deleted them.

I am supposing that the deletion of these modules means that the underlying programs won't work. For example, PicasaMediaDetector.exe and Nerocheck.exe are among the modules that were deleted. I suppose that the proper response is to reinstall these two programs. I would post the screen capture, but I don't think attachments work yet.

Am I correct in my suppositions? No, I don't have backups for this computer, but I think maybe I should start doing that, too.
A more rigorous approach would be to backup all data, wipe the disk clean, and reinstall windows from scratch. Before you do that (or decide to do that or not), it would be a good idea to run a complete scan (all files, not just "executable" files!) with not just AVG but another virus scanner as well - one may find what another doesn't.

How on earth can a computer get infected when you have anti virus installed that obviously is able to detect it? Double check your setting to see whether it's set to be able to catch the nasties before they actually infect.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Old 07-07-2007, 03:05 PM   #3
Steve Rindsberg
Staff
 
Join Date: Nov 2004
Posts: 6,742
Default

>> How on earth can a computer get infected when you have anti virus installed that obviously is able to detect it?

Hmm. OK, how about this:

- New virus is released, spreads quickly
- Virus attacks your computer
- AVG hears of the virus, releases update that can detect it
- You get update on your computer, AVG does a scheduled scan and reports the infection

   
__________________
Steve Rindsberg
====================
www.pptfaq.com
www.pptools.com
and stuff
Steve Rindsberg is offline   Reply With Quote
Old 07-07-2007, 06:11 PM   #4
dthomsen8
Member
 
dthomsen8's Avatar
 
Join Date: Aug 2005
Location: Philadelphia, PA 19130
Posts: 2,158
Default Plausible scenario

Quote:
Originally Posted by Steve Rindsberg View Post
>> How on earth can a computer get infected when you have anti virus installed that obviously is able to detect it?

Hmm. OK, how about this:

- New virus is released, spreads quickly
- Virus attacks your computer
- AVG hears of the virus, releases update that can detect it
- You get update on your computer, AVG does a scheduled scan and reports the infection
That seems like a plausible scenario to me. AVG does not provide any information about the virus in its references, but I am not sure what that means. Perhaps I should be asking AVG about it.

This is my wife's computer, and she plays games, gets lots of email, and goes to web sites I would never stumble upon.

I did manage to install a new ATI Radeon Xpress 200 driver, dated 2007, but it was not an easy job. I downloaded on my own computer and transferred the downloads to her computer using a USB flash drive.
dthomsen8 is offline   Reply With Quote
Old 07-08-2007, 09:46 AM   #5
Steve Rindsberg
Staff
 
Join Date: Nov 2004
Posts: 6,742
Default

If most of her usage is internet/mail with little or no installed software, you might want to get everything sorted out and set up to taste, then make a disk image with Disk Image, Ghost, Acronis or the like.

Then you could just wipe out the infected system and revert to a known-good image at any time later.

She'd lose any new bookmarks/emails and such since the most recent image was taken but that's about all.

   
__________________
Steve Rindsberg
====================
www.pptfaq.com
www.pptools.com
and stuff
Steve Rindsberg is offline   Reply With Quote
Old 07-09-2007, 07:04 AM   #6
George
Member
 
George's Avatar
 
Join Date: Feb 2005
Posts: 1,036
Default

Quote:
Originally Posted by dthomsen8 View Post
Perhaps I should be asking AVG about it.
Good luck!! I had the paid version, but getting technical support turned out to be very technical. And other technicalities started, so I went to Antivir/Avira. And I don't have to pay for it, as a non-profit. It's rated safer, but I always wonder who gets paid to write the reviews. So far it works smooth.

http://www.free-av.com/

It has a technical support forum.

http://forum.antivir.de/index.php


George
George is offline   Reply With Quote
Old 07-09-2007, 07:17 AM   #7
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Quote:
Originally Posted by dthomsen8 View Post
My wife's WinXP Home computer was infected with a virus, PMpatch, and the AVG virus checker detected the infected modules and moved them to a virus vault or deleted them.
Are you sure it was called that? The only hit Yahoo! comes up with when I search for that name (+ virus / infection) is your post here!

If the files were moved to a vault, scan them with another virus checker (like the excellent free AntiVir) and see what that comes up with.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Old 07-09-2007, 07:54 AM   #8
dthomsen8
Member
 
dthomsen8's Avatar
 
Join Date: Aug 2005
Location: Philadelphia, PA 19130
Posts: 2,158
Default Vault, then Deleted

Quote:
Originally Posted by iamback View Post
Are you sure it was called that? The only hit Yahoo! comes up with when I search for that name (+ virus / infection) is your post here!

If the files were moved to a vault, scan them with another virus checker (like the excellent free AntiVir) and see what that comes up with.
AVG moved the infected files to a "vault" and then deleted them. I ran a complete test with the AVG updates this morning, and no problems were reported.
dthomsen8 is offline   Reply With Quote
Old 07-09-2007, 07:58 AM   #9
dthomsen8
Member
 
dthomsen8's Avatar
 
Join Date: Aug 2005
Location: Philadelphia, PA 19130
Posts: 2,158
Default Installed Software

Quote:
Originally Posted by Steve Rindsberg View Post
If most of her usage is internet/mail with little or no installed software, you might want to get everything sorted out and set up to taste, then make a disk image with Disk Image, Ghost, Acronis or the like.

Then you could just wipe out the infected system and revert to a known-good image at any time later.

She'd lose any new bookmarks/emails and such since the most recent image was taken but that's about all.
She has MS Office 2003 installed, plus some games and a Spanish tutoring program. I have not had any virus infections after the first one, but I am running the AVG virus checking program and looking at the results.

Perhaps I might try one of the other "free" virus checking programs being suggested here.
dthomsen8 is offline   Reply With Quote
Old 07-09-2007, 09:20 AM   #10
iamback
Member
 
iamback's Avatar
 
Join Date: Oct 2005
Location: Amsterdam, NL
Posts: 4,894
Default

Quote:
Originally Posted by dthomsen8 View Post
AVG moved the infected files to a "vault" and then deleted them. I ran a complete test with the AVG updates this morning, and no problems were reported.
Weird, normally there is a choice between moving to the vault OR removing (or even attempting to "heal"); what's the use of moving to the vault first and then removing? If that was a configuration choice, I'd suggest it's not a good one: it won't give you the chance to re-scan with the same or another program: false positives can and do occur.

   
__________________
Marjolein Katsma
Look through my eyes on Cultural Surfaces (soon!), My ArtFlakes shop and Flickr.
Occasionally I am also connecting online dots... and sometimes you can follow me on Marjolein's Travel Blog
iamback is offline   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Unintended consequences (Quark) ktinkel The Corner Pub 5 02-21-2006 02:47 AM
Moving domain e-mail consequences? ktinkel Web Site Building & Maintenance 16 12-23-2005 09:46 AM


All times are GMT -8. The time now is 04:34 PM.


Powered by vBulletin® Version 3.8.9
Copyright ©2000 - 2017, vBulletin Solutions, Inc.
Contents copyright 2004–2014 Desktop Publishing Forum and its members.