Originally posted by mike09
i did a norton scan and it found a trojon. the thing is i dont know if i opened the file. is there any way i can tell if i opened the file
and then
Originally posted by mike09
i ran a scan and i deleted all the files that were infected. im pretty sure i got the virus cause i went to the symantec website and i did everything it told me to.
If you had infected
files , this means the virus was active. You must have executed the original file for this to have happened. Dunno how you got it, but this is what it does (or has done to you)
When executed, the PWSteal.Trojan.D performs the following actions:
1. It drops itself into the \Windows\System folder as the Molecule.exe and Molecule.dll files.
2. To enable itself to run at startup, it adds the value
Molecule Molecule.exe /logon
to the registry key
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
3. It installs hook procedures into a hook chain to monitor the system for any keyboard and mouse messages. The keyboard and mouse hook procedures process the messages and pass the hook information to the next hook procedure in the current hook chain. This permits the PWSteal.Trojan.D to intercept any key strokes and any text on the screen.
4. The Trojan drops the intercepted information into a temporary file and sends it out to the virus author's anonymous email address.
A good thing you caught it, bad that NAV did not catch it while running in the background, and that you needed to scan you disc fir it. Are you using up to date antivirus software and definitions? You might want to give
AVG a try. It is free!
Oh, did I mention it is FREE!!!
FREEEEEEEE
FREEEEEEEE
\gotta go