Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Am I safe now after removing Seneka Trojan


  • Please log in to reply
3 replies to this topic

#1 CYoung2

CYoung2

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 05 January 2009 - 07:47 AM

I recently got the seneka trojan, and some other msiconf trojan. I think I caught this immediately after the infection since I got a brower redirect to a fake anti-virus site. I followed the advice of this and several other web sites and think I removed all traces of the trojan/virus from my computer. When I was done cleaning, I did full scans several times using all of the following: Malwarebytes, SuperAntiSpyware, Windows Defender, McAfee AntiVirus (which was installed when I got infected), and TrendMicro House call. These all came up clean. I ran complete scans using Malwarebytes, SuperAntiSpyware, and McAfee in SafeMode. All Clean. I used Hijack This to remove related entries and researched each remaining item. Finally, I decided just to restore my C: drive partition to my last Seagate Disk Wizard backup from April of 2008. Assuming the Backup was good, which it did pass Malwarebytes quick scan, and McAfee full scan cleanly. Am I safe?

Edited by CYoung2, 05 January 2009 - 08:11 AM.


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:12 AM

Posted 05 January 2009 - 08:58 AM

I ran complete scans using Malwarebytes, SuperAntiSpyware, and McAfee in SafeMode.

Scanning with MBAM in safe or normal mode will work but removal functions are not as powerful in safe mode. MBAM is designed to be at full power when malware is running so safe mode is not necessary when using it. In fact, it loses some effectiveness for detection & removal when used in safe mode because the program includes a Direct Disk Access (DDA) driver which does not work in safe mode. Further, scanning in safe mode prevents some types of malware from running so it may be missed during the detection process. For optimal removal, normal mode is recommended so it does not limit the abilities of MBAM. Doing a safe mode scan should only be done when a regular mode scan fails.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 CYoung2

CYoung2
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:08:12 AM

Posted 05 January 2009 - 09:07 AM

I know I'm being obsessive, but after running all of these scans in both safe and normal mode, and restoring an uninfected Active Primary C: partition, I should be safe now. Right? I am looking for reassurance. I have anxiety issues. Thanks

Edited by CYoung2, 05 January 2009 - 09:09 AM.


#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,277 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:09:12 AM

Posted 05 January 2009 - 09:34 AM

It depends. Most malware infections download other malicious files so finding one specific piece without knowing what else may have been downloaded makes it difficult to provide the answer you want. There are no shortcuts or guarantees when it comes to malware removal. Sometimes it takes several efforts with different, the same or more powerful tools to do the job. Even then, with some types of malware infections, the task can be arduous. In some instances an infection may have caused so much damage to your system that it cannot be successfully cleaned or repaired. The malware may leave so many remnants behind that security tools cannot find them. In those cases, recovery is not possible and the safest option is to reformat, wipe your drive clean and reinstall install the OS.

Restoring a system to an earlier date may or may not work. Again, it depends. I don't know what the Seagate Disk Wizard backed up at the time. You may be restoring the machine to a date where other malware was present which you were not aware of. Restoring too far back can affect programs and critical updates, making you vulnerable to exploits that have since been patched. If not infected, you may quickly find yourself infected again.

Some infections are difficult to remove completely because of their morphing characteristics which allows the malware to regenerate itself. Sometimes there is a hidden piece of malware which has not been detected that protects files (which have been detected) so they cannot be permanently deleted. For those types of infections, disinfection requires further investigation and the use of more powerful tools than we recommend in this forum.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users