Hi peeps

I think I have a Trojan in my laptop... I have F Secure Anti virus and am doing a scan at the moment, as looking at the logs it reads 'disinfected' as the status.

Anyway... doing another scan now. It seems to have erased all my cookies (have to log into FB, BD GH etc) which scares me quite frankly.

Any help much appreciated!!!!!!!!!!

BB x

you could try a free virus scanner see if that picks it up

But I am using a scanner? :/ It found it yesterday and disinfected it - whatever that means...

BB x

well that means it should have removed it :)

You've bought condoms? :p


I'd suggest that an anti virus alone isn't enough, and that something like Spybot/Ad-aware or both would be worthwhile additions.

Trojans.....reminds me of my naughty days with NetBus/BackOrifice.....happy days ;)

My PC has got Avast anti-virus on it, and then I have Malware bytes and Superantispyware to clean up the rest.

You can download a boot CD and run a full system scan independent of your OS if you really choose, something like clamAV etc... I actually had to do this recently with a friends PC as she'd screwed it up so much i couldn't sensibly use AV scanners on the live OS.

Something like this:
http://www.demonoid.com/files/details/1943912/8045512/

I wouldn't be too quick to "disinfect" or delete anything straight away in case it's a false positive - check what it is flagging up first. For some reason, today, my AVG antivirus decided that CPU-Z and the Sync-Toy installer were viruses and wanted to delete them. Both were downloaded from trusted sources and are programs I've been using for years. A while back, Avast decided that my Folding application was a trojan and tried to kill it.

Sometimes, AV applications get a bit overzealous with their heuristics and start trying to kill things you don't want them to kill. I would check what it is that F-Secure wants to "disinfect" before letting it do so. If it's something you don't recognise, then let it do it's stuff, if it's something you recognise and trust then tell it to ***k off.

I too would recommend a Spyware application, I tend to use adaware and Spybot as a double whammy - I'll normally check with both once a week just to be safe.

Hmm... are any of those free Knip?

Just a bit worried that all my cookies have been cleared.

Computer is running a bit slow and fan is on constant, but I am assuming thats because it is scanning..

BB x

Hmm... are any of those free Knip?

Just a bit worried that all my cookies have been cleared.

Computer is running a bit slow and fan is on constant, but I am assuming thats because it is scanning..

BB x

Ad-aware and Spybot both are, and they're one of the first things I install on a new build.

Ad-aware and Spybot both are, and they're one of the first things I install on a new build.

Likewise. There are certain applications I install on every new build and the above mentioned are two of them :)

Likewise. There are certain applications I install on every new build and the above mentioned are two of them :)

I'm guessing we differ on AV though.
I use AVG free, you?

As already said, both of mine are free.

I can get you links if you want, although im sure the other ones Stan and APOL have mentioned are just as good as well.

Downloading adaware now. Though I know which site it was that had the trojan. I don't think it was a pop up ad either.

It was the website of a club in London - a big club... tried to access it through work aswell and of course didn't get very far :p called them today to tell them.

BB x

Downloading adaware now. Though I know which site it was that had the trojan. I don't think it was a pop up ad either.

It was the website of a club in London - a big club... tried to access it through work aswell and of course didn't get very far :p called them today to tell them.

BB x

I'd urge you to download Spybot too, as they seem to compliment each other. Some things that one prog will miss are picked up by the other, and vice versa.
One isn't enough IMHO. Just my 2 cents.

Thanks Apol, I actually got sidetracked and am DLing spyware doctor.

Just hope they don't pick each other up as viruses!

BB x

Edit: 3 infected files found so far :(

malwarebytes is very good.

Thanks Apol, I actually got sidetracked and am DLing spyware doctor.

Just hope they don't pick each other up as viruses!

BB x

Edit: 3 infected files found so far :(

Only three?
Give it time :D

malwarebytes is very good.

Tis. This thread has reminded me to run my scans this week.

I'm guessing we differ on AV though.
I use AVG free, you?

I prefer Avast free but am equally happy to install AVG free.

Having said that, Avast tends to throw up less false positives so I think I'll be sticking with that from now on. Been using it for about 5 years now with very few problems.

I'd agree i've had less problems with viruses since I got rid of AVG and switched to Avast (based on Stans recommendation a while back)

I'd agree i've had less problems with viruses since I got rid of AVG and switched to Avast (based on Stans recommendation a while back)

Payment in kind will be gratefully accepted when next we meet ;)

Payment in kind will be gratefully accepted when next we meet ;)

Oh go on then! :p

Oh go on then! :p

:woot:

I switched to Avast after almost a year of AVG telling me the free version was no longer supported. Then it stopped updating. So out it went nd Avast has been happily running ever since.

Does Avast get rid of 'infections'

Spyware Doctor reckons 7 threats and 996 infections :/

Is there anything free that will get rid of them? Otherwise its a trip to the purple shop tomorrow.

BB x

The two I mentioned earlier will yes.
http://www.superantispyware.com/

http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

wow Mei that is a lot of infections :shocked: doesn't beat our record at work though ;D

Thanks Knips! :) DLing superantispyware now.

Should have listened to you the first time!!

BB x

No worries, when its done go in the options (usual right click jobby) and set it so it doesnt scan every day (because theres not really a need and it can slow the PC down a bit when its doing it) and make sure you get it to check for updates before you run the first scan.

ITs scanning right now, but thanks for the tip :)

You got PM btw knipless...

BB x

Remember....

When scanning, turn off system restore first and then boot into safe mode to do it.

Otherwise they could all just come back again.

Oh Lord.

How the monkeys do I do that?!

BB x

you running XP or Vista?

XP!

BB x

Turn system restore off:

http://support.microsoft.com/kb/310405

To start in safe mode, press F8 when the machine is booting and select "Safe Mode" from the list :D

Personally i choose comodo over both AVG and avast now days, the free comodo internet security package offers free updates, regular scanning and real time scanning, as well as total granular control down to the finest details. Its the one i install everywhere now days. Makes the other free software look like toys. Anyway if you want to do something properly after you've faffed up i still think its a much better idea to run a bootable liveOS environment and sort it out from there. Just to make sure the infections aren't skwing results which they very easily can...

Turn system restore off:

http://support.microsoft.com/kb/310405

To start in safe mode, press F8 when the machine is booting and select "Safe Mode" from the list :D

And keep hitting it til it gives you the option for safe mode.

XP!

http://img401.imageshack.us/img401/4749/347.png!


I find Malware Bytes reaches the parts other programs can't reach. It certainly found a DNS trojan the other day that brought down our student internet! Adaware and Spybot passed it by.

http://img401.imageshack.us/img401/4749/347.png!


I find Malware Bytes reaches the parts other programs can't reach. It certainly found a DNS trojan the other day that brought down our student internet! Adaware and Spybot passed it by.

Another vote for MalwareBytes. It got me out of a pickle a few months back when my mother-in-laws PC got completely taken over. She lost all access and a new 'user' account was in complete control. After a lot of hacking to get back in as an admin it was Malware alone that finally cleaned the system.

Am having to DL MalwareBytes now.

Been scanning for 2hrs and superantispyware found 800something threats, went to process and disinfect and got this:

ARRGGHH!

http://img95.imageshack.us/img95/6555/failw.jpg

:(

BB x

Got a call from IT Manager today.

"Hi ML er what were you doing accessing the network on sunday morning?"

I is confused :huh: ... I don't remember doing the VPN thingybob, but I checked for someone's number on my webmail as was meeting her at the Race for Life ... so told her.

But am thinking, webmail isn't linked to the network? more specifically the H: Drive - my personal drive?

After thinking about it for the rest of the day. I realised what could have happened - don't know if I should come clean though :p she is probably ****ting herself that the firewalls aren't doing their job.

BB x

Webmail will be linked to your network account and therefore linked to your H: drive but accessing webmail wouldn't access your H: drive.

Ooo... you gave me another idea Burbs... my personal folders are saved in my H: Drive, but saying that, I can never access those personal folders on webmail...

My thinking is that I synced my phone to my laptop and them 'charged' my phone via usb connection at work... doh!

That means there's a Trojan on my Diamond? :(

BB x

Personal folders as in email personal folders? It'd make sense that you can't access them by webmail since webmail will only give you access to stuff stored within the Exchange server - everything outside it (archives, PST files, OST files and so on) won't be available.

It's possible that there is a Trojan ON the Diamond but not possible (as far as I know) that the Diamond HAS a Trojan. What I mean by that is that the Diamond can act as a USB hard drive so if you plugged it into your PC then the Trojan could be copied onto the Diamond but the Diamond itself isn't infected. Does that make sense? I did a crap job of explaining it.

Yes, a trojan could store the files it needs to run there, just like some trojans do with USB drives now. In that case, your phone is a 'carrier' that can allow the trojan to pass from one PC to another, but it's not 'infected' itself.

Oh **** my friend put a new ROM on the Diamond the other day :/ better email him!

BB x

Edit: so Mark, do you mean I don't have to copy/paste any files from my phone to the computer to transfer the Trojan?

Very unlikely it would be a result of an upgrade to the ROM. It's much more likely the trojan simply copied some files to the phone.

As for the other question - Not necessarily, no. When you put a CD into a computer, the software on the CD can start automatically. I think USB storage devices (including phones) can do the same, which is how the trojan would get out.

Best thing you can do is to get your IT bod to unplug your computer from the network, boot it into Safe Mode, and perform a full virus scan. There's nothing to stop them performing a virus scan on your phone too - just be a bit careful about what it deletes.

Very unlikely it would be a result of an upgrade to the ROM. It's much more likely the trojan simply copied some files to the phone.

Nah, didn't mean that sorry... meant that my friend might have received the trojan while my phone was connected to both his lappy and desktop... oops :o

BB x

Oops indeed! :eek:

I do wonder why AntiVirus software isn't catching it, however. Is it that new? :dunno:

Yes but it may have transferred to my phone ages ago and harboured on my work computer for goodness how long.

BB x