Results 1 to 4 of 4

Thread: Found trojan

  1. #1
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,293

    Found trojan

    I have been using NOD32 Anti Virus for the past two or three weeks. I usually run a scan every day with multiple products. Yesterday, I noticed a suggestion to run an in-depth analysis regularly. Before yesterday, smart scans was all that I thought was needed.

    At the conclusion of an in-depth scan, one virus was reported. This from log - :\Documents and Settings\Fred\Application Data\Skype\fchandler\user16384.dbb - error opening (File locked) [4]
    C:\Documents and Settings\Fred\Application Data\Skype\fchandler\user256.dbb - error opening (File locked) [4]
    C:\Documents and Settings\Fred\Application Data\Skype\fchandler\user4096.dbb - error opening (File locked) [4]
    C:\Documents and Settings\Fred\Application Data\Thunderbird\Profiles\wg0nz0x5.default\parent.lock - error opening (File locked) [4]
    C:\Documents and Settings\Fred\Application Data\Thunderbird\Profiles\wg0nz0x5.default\Mail\Local Folders\Trash »MIME »part000.htm - HTML/Phishing.gen trojan - unable to clean - deleted
    C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat - error opening (File locked) [4]
    C:\Documents and Settings\Fred\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG - error opening (File locked) [4]
    _________________________________
    It appears that this was in an email that I did not open. Regardless, lesson learned. Do in-depth analysis on a regular basis.
    Linux Mint Debian Edition

  2. #2
    Old and Cranky Super Moderator rik's Avatar
    Join Date
    Aug 2003
    Location
    Watching Your every move...
    Posts
    4,638
    Good suggestion efc. I use 2 different AV products and have each set to perform different types of scans at different times also.

  3. #3
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,506
    do you know how these programs are getting in efc?

    If it is through mail attachments you will need to use a program designed to protect email.

    If you are downloading strange files from the internet you may have to realize that your system will be compromised no matter what

    get process gaurd if that is the case.

    I hate to tell you but there are trojans out there that are clones of the big trojans only these are peronalized and no anti-virus program will detect these or uninstall them unless someone with the exact same private trojan turns it in to an anti-virus company.

    these trojans seem to be getting into your system through social engineering.

    I have also seen auto-run cd's planted to include a trojan. so you put the cd in your computer and windows auto-install the program on the copied cd as well as the trojan and you will never know.

    anyway...

    I know you know what your doing but dang!
    ------------------------------------------------------------



  4. #4
    Titanium Member efc's Avatar
    Join Date
    Sep 2002
    Location
    North Central Arkansas
    Posts
    2,293
    I know egghead. I don't think the trojan was actually activated since I do not open attachments from anyone. The log show that it was in one of my trash mailboxes where it couldn't do any harm.

    Your points are right. The reason I started this thread was to show that even with multiple protection you are still vulnerable to attack. Everyone, be careful out there.
    Linux Mint Debian Edition

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •