Can I Use The Same Removal Steps As Before???

Discussion in 'Malware Help (A Specialist Will Reply)' started by Dekade, Jan 13, 2016.

  1. Dekade

    Dekade Sergeant

    A short while back the malware forum helped me with a PUP issue.

    http://forums.majorgeeks.com/index.php?threads/checking-before-i-delete-pups.296008/

    I now have a new build and I am wanting to keep it as clean as possible. I am wanting to install a PDF editor program. My choices of programs all seem to have "Ghostscript" as part of their install. I cannot get solid confirmation from the web regarding the safety of Ghostscript. Yesterday I posted a thread in MG Software, but , as of yet no one has replied.

    So, thus my following question. If I install a program with GhostScript and find that the GhostScript itself also brings with it some malware - then can I basically follow the same steps as the above linked thread to start and/or complete a cleaning? After installing the program I plan on doing a Malwarebytes scan to find out if any infection has taken place.

    In fact, I guess I should actually install Malwarebytes 'before' installing the software that contains GhostScript.

    Also, should I start a new thread, aside from this thread, if I find any signs of Malware from the install of any software containing GhostScript?

    Thanks for any advice and guidance.

    Dekade
     
  2. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    You should install Malwarebytes first then scan whatever downloaded PDF editor program before installing it. You could even upload the file to VirusTotal for scanning.
    No - do not start another thread. In the case of a suspected malware infection, this is ALWAYS the starting point to receive help, as noted under the heading of this forum.
    READ & RUN ME FIRST Malware Removal Guide (incl. spyware, virus, trojan, hijacker)
     
  3. Dekade

    Dekade Sergeant

    Using those two methods before installing - do they provide a different type of return of information than what my AVAST AV would? I always do a dedicated scan with AVAST on anything I download; even if AVAST does a scan during the download itself. Using AVAST Free.

    My apologies for impatience. No disrespect meant.
     
  4. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Why are you wanting to scan with Malwarebytes after first scanning with AVAST? To get another opinion of the scanned file, correct? VirusTotal scans the file with 55+ different av/am tools. ;)
     
  5. Dekade

    Dekade Sergeant

    No, I simply read your words in a different manner than what you intended. Just a misread on my part.
     
  6. Dekade

    Dekade Sergeant

    I appreciate the link to "Virus Total". Thank You.
     
  7. Dekade

    Dekade Sergeant

    I did use VirusTotal for the PDFill executable file/Suite. Attached are my results. Obviously there are two issues at the top. My lack of knowledge on Trojans etc. doesn't allow me to 100% conclude the integrity of this program. Any input or further evaluation??

    I also used VirusTotal for the Ghostscript v8.63. Interestingly enough the Ghostscript turns up as not being a threat!! Sure surprised me.

    All of the above being said and considered - Is the whole setup safe to install??? Yes, I realize that PDFill shows trojans - can they be managed by removal before installing or would post installation be too late - and my Win 7 Pro fresh OS install is then compromised??

    I think I know what your replies would be but still requesting confirmation and assurance on how to proceed.

    Thanks,

    Dekade

    VirusTotalGhostscript.png VirusTotalPDFill.png
     
  8. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    I would consider a software safe to install, if only 2 of 55 AV scanners alerted on it @VirusTotal. :)
     
  9. Dekade

    Dekade Sergeant

    Thank you for your advice. However, in final questioning ... Should I try to hunt down those 2 specific viruses after the install - or - just leave all well enough alone??

    Kind Regards,

    Dekade
     
  10. dr.moriarty

    dr.moriarty Malware Super Sleuth Staff Member

    Unless you scan with the individual anti-virus programs that detected something they didn't like about PDFill.exe (and therefore assigned their own names for the infection), you won't find either.

    http://i268.photobucket.com/albums/jj5/drmoriarty/AV%20appls%20detecting%20PDFill.exe%20as%20infected_zps7bchommi.png

    ;) Treat the results from those 2 anti-virus programs as False Positives and move on.
    That should put an end to your concerns.
     
  11. Dekade

    Dekade Sergeant

    That, I understand. Thank you for all your help. I will now move on and come back if I get into any trouble. Thanks forum.
     
    dr.moriarty likes this.

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds