GIMP Virus

YoshiMonsta

YoshiMonsta

Yoshi! Yoshi!
I believe that downloading GIMP has given me a virus. I downloaded it and saw that certain words had links on the boards, and when the cursor went over them an ad would pop up (mostly relating to GIMP). I had disabled Pop-ups, so I went on Malwarebytes and saw that I had some 250 viruses and got rid of them. I then did a full scan and discovered I had 6 more. I got rid of those as well, and yet, and the GIMP still had certain words linked. After research I discovered that GIMP is not the problem, but the website I was on must have developed a Trojan. Do you guys know of any way to help?
 
This wouldn't have happened if you were on the main GIMP site. Either you were on a fake site, or your Security is awful.
 
Did you download your gimp program off of here? Because if you did, it shouldn't cause any problems.
 
We asked you a question and you didn't respond where you got your GIMP from. I asked you if you got your GIMP from the site I linked to just in case you have a false positive. At least answer our questions if you want us to help you.

As for clearing trojans, I did a search and found these

http://www.bleepingcomputer.com/tutorials/how-to-remove-a-trojan-virus-worm-or-malware/

http://www.wikihow.com/Get-Rid-of-Trojan-Horses

http://www.combofix.org/what-is-trojan-horse-virus-and-how-to-remove-it-manually.php

http://www.ask.com/question/how-do-i-remove-the-trojan-virus-from-my-computer

http://support.microsoft.com/kb/129972/en-US
 
This is another classic example of why it is crucial to be descriptive of your problems
 
The copy of GIMP from the official site is clean, so if you downloaded it from there then that was not what infected your system.

What I use on my system to keep it clean is Avast! Antivirus (free, just need an email address to register it), which checks for threats in real time, so if you open a reported website they'll stop you from accessing it. They also do your standard antivirus stuff, like scanning for issues and whatnot. However, there is another feature in it that, for me, is very good at removing deep infections such as trojans, and that is the Boot Time Scan. What this does is scan your system when it first starts up, before Windows starts up, and thus scans before the malware can wake up and start hurting your system.

What I would suggest is:
  • If you can get access to another computer, then download the Avast! installer and put it on a USB stick. Then, while in Safe Mode, use the USB stick to transfer the installer to your computer and then install the antivirus. If you can't get access to another computer, open Windows in Safe Mode (with Networking) and download it using your regular computer, then install.
  • Once it is installed, go to the 'Scan' tab
  • Select 'Boot Time Scan' from the dropdown
  • Click 'Settings'
    • In 'Areas to Scan' select 'All Harddisks'
    • In 'Heuristics Sensitivity
    select 'High'
  • Click 'Okay'
  • Click 'Start' to schedule it for the next time you restart your computer
  • Restart your computer
  • Wait for it to finish scanning

When that's done and you find any infections, send them to the virus chest. The virus chest is like quarantine, so anything in there won't affect your system. The advantage here over deleting the files is that sometimes antivirus programs will flag a file that isn't dangerous, and if you send them to the chest you can undo the action, whereas you can't retrieve a file if they are deleted.


Anyway, give that a go and see if that helps at all. If not, respond with what happened and we'll work out something from there.

Good luck.
 
War Doctor said:
Yoshi 2.0 said:
I guess I'm not getting help here.
Click to expand...
Wow we try to help you and you shoot us down? Rude, much?
Click to expand...
You're not really offering advice, but rather, scolding the user for doing this (which is already done) and not tackling the problem itself.
 
Hypochondriac Mario said:
War Doctor said:
Yoshi 2.0 said:
I guess I'm not getting help here.
Click to expand...
Wow we try to help you and you shoot us down? Rude, much?
Click to expand...
You're not really offering advice, but rather, scolding the user for doing this (which is already done) and not tackling the problem itself.
Click to expand...
I said, either he was on a different site from the main one, or his security was awful. That's usually the point as to where he says "Well I might have gotten it from a different website" or "Yeah, my security is a bit outdated" or even "No, I got it from the main site, and my security's fine"

If I was scolding him, I'd be telling him off, not asking what he might have done, but simply saying "That was very stupid of you. Go to bed, you naughty boy." And as for 'tackling the problem', he didn't exactly offer up the right advice. Aside from telling us the virus name, he didn't tell us the site he downloaded it from, or whether his Internet security is, or what browser he was using, etc., things that are often common questions whenever you get a virus.

Since he didn't offer up the common knowledge, then I had to improvise.
 
I actually did fix it, everything except for when I open a new tab, it automatically brings me to search.conduit.com. The ads popping up I found was an installed add-on called Tidy Network, which I deleted from my add-on list.
 
1. Open Firefox 2. On the address bar, type – about:config in the URL. Press Enter. 3. You will be warned about Warranty. Click on “I’ll be careful…” 4. On the Filter dialog box type – search.conduit 5. It will display all related entries. Right-click on Preferences Name and Reset.
Click to expand...
 
that conduit thing seems to be a popular add-on that comes with free software.

Basically each I time I download anything my search engine gets reverted to conduit.

Sux.
 
You must log in or register to reply here.
Back