cancel
Showing results for 
Search instead for 
Did you mean: 

Help needed with trojans/Viri

margin_walker
Grafter
Posts: 43
Registered: 30-07-2007

Help needed with trojans/Viri

Okay,

Quick backround info: Fiancee loaned laptop to friend, got laptop back. Moaned that the internet was really slow (ebay wasn't showing handbags/shoes very quickly!). Next day had email from PlusNet's abuse department. I went to my connection settings and saw my network traffic was anything up to 1Gb a day - it's normally only 1.5Gb a month!

I knew it couldn't be the Mac so it had to be her laptop (running XP). Ran a virus and spyware scan - result found 16 Trojans so I deleted them all. I've also ordered a router with firewall, but that will take about a week to arrive. Had virus and spyware software running last night, but her laptop can't handle it all running on the-fly (hence the router on order).

So, I know nothing about XP (having always used a Mac) and am not very techie. The machine appeared to be clean last night, then she went online to get emails and probably look at more handbags/shoes/wedding paraphernalia. She must have been online for a few hours, and probably until about 1am. I had a look at the network traffic (on PN website in the member centre - View My Usage) and today's useage is 3.2Mb.

Bear in mind that the computer has only been online for an hour today (maybe less) from midnight to 1am. 3.2Mb seems like a lot to me (although she may have downloaded something)!

Questions:

1) Is is possible that trojans/Viri could still be on the laptop somewhere (even though scans with latest updates say it's clean)?
2) Is there a more accurate way of monitoring usage other than logging on the the Member Centre? Like a small app I can download to keep an eye on network traffic?
3) The laptop has ZoneAlarm on it, is this better than the XP firewall?
4) What other measures can I take?

I will scan the laptop again tonight with Norton and AVG and see if the useage increases by an extortionate amount, but what else can I do? I don't want PN to close my account! Sad
3 REPLIES
margin_walker
Grafter
Posts: 43
Registered: 30-07-2007

Help needed with trojans/Viri

Had another thought - fiancee's friend only surfed internet, didn't download any email and didn't use and CDs/floppy, also didn't plug it into a network or install anything. All of our emails are scanned by PN on the server (a great service!).

Could these nasties have come via the browser (IE)? How do you lock down IE (disable ActiveX thingies and anything else) without compromising your ability to use ecommerce sites?
N/A

Help needed with trojans/Viri

Hello Marginwalker,

To answer your various questions as follows:-

1) Is is possible that trojans/Viri could still be on the laptop somewhere (even though scans with latest updates say it's clean)?

ANS 1. The problem with Trojens "if" what you do have is/are trojens is that conventional virus scanners & spyware often wont detect them correctly if at all. No! for trojens you definately do need a seperate and different tool, I recommend that you download a free 30day trial copy of the highly rated program "Trojen Hunter", whilst this isnt a free program you can use the free trail version to detect correctly the presence of any remaining trojens on your laptop. **Remember normal virus scanners can and often do miss trojens completely this is becuase you have to appreciate that trojens DONT behave like viuses nor replicate like viuses, trojens can be very sneaky & slippery hence a different tool to catch them.

http://www.misec.net/trojanhunter/

http://www.anti-trojan-software-reviews.com/index.htm


2) Is there a more accurate way of monitoring usage other than logging on the the Member Centre? Like a small app I can download to keep an eye on network traffic?

ANS2. Yes! absolutely I use a little application (freeware too!!) called "netmeter" its fantastic and logs daily,weekly,monthly ADSL use both uplink & downlink. In fact its so good you can even set a limit per month and netmeter will tell you if your about to go over your set limit. Highly recommended 10 out 10 brillaint little tool.

http://readerror.gmxhome.de/ (netmeters homepage & free download page).

3) The laptop has ZoneAlarm on it, is this better than the XP firewall?

ANS3. The XP firwall is utterly aweful and will only block inbound connections from the web, secondly its pretty user unfriendly IMO. Personally I disabled XP's firewall completely & never use it now, I installed an early version of the freeware ZoneAlarm several years back, even the current free basic ZA firewall is streets ahead of the built in XP. ZA's firewall has never let me down and is a very good program, its also user friendly and comes with a wizard that helps you install & configure it correctly.

4) What other measures can I take?

ANS4. If you installed ZoneAlarm, & have a good Anti Virus program, & good anti spyware such as Lavasofts AdAware or spyware search & destroy. Then the only other things that you can do practically speaking are to lock down your browsers advanced security settings to protect from things like ActiveX controls and plugins, also you could lock down XP but thats NOT simple it does require an advanced user knowledge (but it can help lots). Apart from the above its down to being careful with how you use the internet itself.

**One final though I have a nice freeware tool that helps get rid of cached internet objects that can accidently get onto your machine after surfing the net, ie. nasties that get into your temp internet folders. I use a program called cleancache which is also excellent again highly recommended.

http://www.buttuglysoftware.com/

Hope this helps Ivan
--------------------------------------------------
F9 FOL Forum Moderator
F9 Broadband Premier 2MB User
Your Forum, Make Your Voice Count!
margin_walker
Grafter
Posts: 43
Registered: 30-07-2007

Help needed with trojans/Viri

Well, if there was a prize for the most comprehensive and helpful answer that would win hands down!

Very much appreciated Ivan. I'll download the software you have suggested and get it all running tonight. It will be interesting to see what TrojanHunter picks up that the others couldn't detect, and that netmeter application will definitely help me see what's going on.

Thanks very much, you've put my mind at rest. Cheesy