Dealing with trojan

Status
Not open for further replies.
droplister

droplister

New member
Aug 23, 2007
1,233
21
0
NYC
I ran a file not really thinking with the right head

it started running a .exe so I
trash the file
Run 3 antivirus
-Windows Defender(lol) finds 1 thing
-Spybot S&D finds 14 things
-Malwarebytes AntiMalware finds 29
Here is a log of malwarebytes http://droplister.com/mam.txt
I restart and run the 3 again and nothing is found.
I was offline for the second scan.

I go to log on to paypal and my password is changed.
I reset it and canceled a $3,500 payment to @yahoo.com.ph

This is all on my new laptop.

While using my older laptop just the other month my domain inflation.us was stolen by someone in the South Pacific and I suppose through a similar trojan or this might be left over carnage of that first "security breach"

But now it's got me all paranoid. I've changed many a password as I find sites I have presence on. I don't want to close my paypal account, but I might for peace of mind go crazy and close it out and the bank account connected to it.

How can I be sure I have gotten rid of the trojan, since the laptops fairly new should I just reinstall vista?

It's like being slowly molested.

I even came across someone using my dp account to shill bid: obvious shill bidding is obvious


Any advice in how to take care of trojans, or handle securing identity and accounts appreciated.


Longer winded version of above here but it says about the same thing.
 


Best way to feel 100% safe is to reinstall Vista. I personally wouldn't do anything else.
 
If you still suspect that you still have a Trojan, reinstall your OS ASAP. It was funny not that long ago I was reading an article that the average XP installation (before service packs) could have spyware on it (no fault to the user) within like 4 min. Forgot where I saw that. If you where really paranoid, getting something like an Ubuntu Live disk and booting into that to do sensitive work is probably your best bet at not having your stuff snuffed out. It's pretty hard core but still an option.
 
I don't think you need to format or reinstall, just do the following:

1. Download Zemana Antilogger - This is without a doubt the best keylogger protection software I have come across, it blocks just about every known method of keylogging (including kernal hooks). The only downside is that it's like $30 but you do get a free 30 day trial.

2. Download Avira Antivir - Voted as the best free antivirus and it's heuristics are very sensitive so even if the trojan on your computer hasn't been discovered by the antivirus companies chances are Avira will still be able to detect and remove it.

3. Download Comodo - One of the best software firewalls, and it's free!
 
considering how important the information on your computer is compared to the normal user. (you = making money vs. grandma = checking email) You really have greater security requirements. I'm on windows right now, but you are much safer on linux or mac, even if only for the reason that nobody targets them like windows is targeted.

There are free online virus scanners, etc.
Encryption !! this is something you should do no matter what. I actually keep all my passwords, logins, websites, etc on a thumb drive encrypted. http://www.keepassx.org
Does it take an extra minute yes. but it's so much more secure the storing everything in your browser. Auto log in is a dangerous thing.

Yes. Reinstall. It sucks, sorry. Antivirus / spyware, etc. are reactive programs. The problem has to be there, then the companys have to become aware of it, then they update, then you update, then you scan. It takes a while before all of your problems are found. And, if somebody writes a virus to attack you personally, it's never going to be found. (if you think this won't happen, compare the money in all of your accounts at one time they could get enough info to compromise, and compare that to what the average income for a family for the whole year is, for a majority of the world.) chart on bottom
 
The links posted helped a lot. Going to reinstall I suppose.

I've been looking into encryption. Right now I'm using a program called eraser that overwrites things you delete x amount of times. Eraser

So encryption coupled with eraser. And a fresh start on the os. And less clicking of things. I should do alright.

thanks guys
 
Hello friend,

It smart to regular periodic create backup image of hard drive so can quickly restore if operating system break or receive nasty virus. Acronis TrueImage or Ghost of Norton is good.

System restore in window no always get rid of virus. I create backup image on usb hard drive external for measure of safety.

I store big video files and music files one hard drive and os and programs on other hard drive. This allow back up image of drive with os to be small. Mine around 30 gb. This allow restore to be less then 30 minutes.

Good luck bro
 
Haha, problem with trojan, RATs, downloaders, etc. are that your anti-virus, firewall etc. crap is not going to hold them if the person behind it has even few braincells. They are easy to crypt and inject into another files so your anti-virus can't recognize them. You can also bind them with another file so basically every executable file you download from the internet could have RAT, trojan or downloader binded into them. And when your anti-virus software asks, does Firefox have permission to make this connection, what are you going to click? :)

Another scary scenario is that you know those programs that create a crypted file where you store your files in and then you crypt the file with 256bit encryption etc. Well, it doesn't do much good if the RAT is monitoring your keystrokers. It's pretty easy to write keylogger that saves the window title and keystrokes made so you can automatically parse stuff you want from the log files.

And it doesn't stop there. Have you heard about so called drive-by pages. These are pages that contain exploits and when you load them, you don't even know that you just downloaded and executed some file. They are based on different plugins, 3rd party programs, etc. But the point is that there's hundreds of those exploits and you don't get any alerts or notifications when you hit the page.

This isn't some scenarios that MIGHT happen, I know for a fact that these are happening every day. You can buy fully undetected binder/crypter for $150 that's updated every time it gets detected. You can buy a program that generates drive-by pages with various exploits for $100. And all RATs, downloaders, keyloggers, etc. are freely available all over internet that you just put your own settings and you are ready to infect. You can find source codes if you want to do your own.
 
AVG Internet Security (must buy) along with Ccleaner does the trick for me.
 
Status
Not open for further replies.
Top Bottom