dcsimg
Page 2 of 2 FirstFirst 12
Results 11 to 15 of 15

Thread: Trojan in Startup Folder

  1. #11
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,190
    I think that NullDevice and Und3ertak3r have given you good advice. Your problem is slightly different from the usual trojan scenario in that it was installed by someone with PHYSICAL ACCESS to your machine.

    As Und3ertak3r suggests, they would probably have had to turn things off to do this.

    I think that it would be wise to check ALL your AV and firewall settings to make sure that they are both properly activated. If you don't, you may be leaving yourself vulnerable to an external attack.............there is nothing like dealing with a known problem for lulling people into a false sense of security?

    Cheers

    EDIT: Just had a thought.............if this guy has had access to your box with full rights, who knows what else might be there...........maybe you only found what he wanted you to?.................depends how good/bad he is


  2. #12
    Check out this Tutorial I wrote. If the AV software still cant find the trojan, and there is one running, the tutorial should show you how to find it.

    Grinler

  3. #13
    sorry i couldn't respond to these posts(out of town) but i already tried everything and my computer is secure, thanks for all your help!

  4. #14
    Flash M0nkey
    Join Date
    Sep 2001
    Posts
    3,447
    glad the problem is sorted but for anyone else in the same kind of situation I thought I would expand upon what nihil said
    there is nothing like dealing with a known problem for lulling people into a false sense of security?
    Alot of people will plant a server somewhere easy like your start-up folder with it set on the default port to lul you into a falso sense of security basically what they are counting on is you finding that one server and thinking thats it and removing it while they have several others planted in more obscure places on your pc.......there are a hundred and one ways of getting a prog to run and start-up so it is always a good idea even if you think you have found the cause of infection to do a full AV scan - also make sure you change all passwords etc as they may have already been captured.
    Before doing the scan check your AVP settings to make sure they have not been altered - it is very simple to set an AVP to ignore certain files or folders or to not run background checks - these should be done on a regular basis - You may d/l something which tests clean which could contain a very recent virus not yet detected by your program - but hopefully when you update it would be able to pick up on it.....but if your AVP is not set to do routine background scans of all files then you may never know.......schedule them for certain times when your computer will be on but you want be using it.

    basically common sense stuff

    Anyways am out

    v_Ln

  5. #15
    thanks, hope the helps out people in similar situations... now lets think... why did he want access to my PC... hmmm... lol nvm

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •