oo crap...

mike09

OSNN Senior Addict
Joined
30 Aug 2002
Messages
531
i did a norton scan and it found a trojon. the thing is i dont know if i opened the file. is there any way i can tell if i opened the file
 
First of all make sure the virus is gone.

I use my Roxio GoBack history logs to see what happened when it happened. It has helped me from making many of the same mistakes twice.
 
i ran a scan and i deleted all the files that were infected. im pretty sure i got the virus cause i went to the symantec website and i did everything it told me to.
 
Originally posted by mike09
i did a norton scan and it found a trojon. the thing is i dont know if i opened the file. is there any way i can tell if i opened the file

and then

Originally posted by mike09
i ran a scan and i deleted all the files that were infected. im pretty sure i got the virus cause i went to the symantec website and i did everything it told me to.

If you had infected files , this means the virus was active. You must have executed the original file for this to have happened. Dunno how you got it, but this is what it does (or has done to you)

When executed, the PWSteal.Trojan.D performs the following actions:

1. It drops itself into the \Windows\System folder as the Molecule.exe and Molecule.dll files.
2. To enable itself to run at startup, it adds the value

Molecule Molecule.exe /logon

to the registry key

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

3. It installs hook procedures into a hook chain to monitor the system for any keyboard and mouse messages. The keyboard and mouse hook procedures process the messages and pass the hook information to the next hook procedure in the current hook chain. This permits the PWSteal.Trojan.D to intercept any key strokes and any text on the screen.
4. The Trojan drops the intercepted information into a temporary file and sends it out to the virus author's anonymous email address.


A good thing you caught it, bad that NAV did not catch it while running in the background, and that you needed to scan you disc fir it. Are you using up to date antivirus software and definitions? You might want to give AVG a try. It is free!

Oh, did I mention it is FREE!!!

FREEEEEEEE

FREEEEEEEE

\gotta go
 
yes. i have an up to date 2002 NAV with all the definitions.im gonna go through the removal process (just in case u know) well thanks for the help guys.
 
avg rocks! been using it for several months and it's great.

best of all, it's free!
 
i always run a trojan scanner as well as AV just for a little extra protection

btw a couple whitehats i know have been strongly recommending Mcafee AV home edition 7 as the best AV out at the moment
 
also if you have some sort of firewall make sure you know what everything is that connects to the internet, so that way youll know noone can connect to your computer.
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back