PDA

View Full Version : How can I check if I have not picked up a trojan or keylogger, etc.?



adifrank
2009-02-27, 23:59
Hello.
I have a general question....

Sadly, I know very well (through personal experience) the symptoms of having my computer infected by some sort of virus.

But how can I know if I have somehow picked up a trojan or keylogger or backdoor?

Don't know too much about them... but more or less know what they are about. From what I understand these types of malware are used to either access my computer remotely, gather private information, or log my keyboard actions... and their purpose is not necessarily to damage my system - like viruses or worms.

Currently I'm running free versions of avast!antivirus, and comodo personal firewall. i also have spybot search&destroy running and spywareBlaster. I keep them updated and run a virus check every couple of days. But is there any other way to be as sure as i can possibly be that I don't have some kind of keylogger silently logging the password to my email or paypal account?

Looking forward to your replies... thx!

shelf life
2009-02-28, 16:01
hi,

The majority of malware is installed by the user themselves in one way or another. There is no magic involved. Getting someone to click on a link or a attachment thats labeled "sexygirls" is a almost guaranteed click every time.

Having the core security apps and keeping them updated is necessary. Your scanning frequency should be a function of your computer habits. Knowing the ways malware might get on a computer will help you also. Heres my top ten list to help reduce your risk to malware:

Reducing Your Risk To Malware:
The Short Version:

1) Keep your OS (http://update.microsoft.com/microsoftupdate/v6/default.aspx?ln=en-us),(Windows) browser (IE, FireFox) and other Software (http://secunia.com/vulnerability_scanning/online/) up to date to "patch" possible vulnerabilities that could be exploited.

2) Know what you are installing to your computer. Alot of software can come bundled with unwanted add-ons, like adware, toolbars and malware. Do not install any files from ads, links or popups.

3) Install and keep updated: one antivirus and two or three anti-malware applications. If not updated they will soon be worthless. Scanning frequency is a function of your computer habits.

4) Refrain from clicking on links or attachments you receive via E-Mail, IM, Chat Rooms or Social Sites, no matter how tempting or legitimate the message.

5) Don't click on ads/pop ups or offers from websites requesting that you need to install software to your computer.

6) Don't click on offers to "scan" your computer. Install ActiveX Objects with care. Do you trust the website?

7) Set up and use limited accounts for everyday use, rather than administrator accounts. Limited accounts (http://www.microsoft.com/protect/computer/advanced/useraccount.mspx) can help prevent *malware from installing.*

8) Install and know the limitations of a software firewall.

9) Consider using an alternate browser and E-mail client. Internet Explorer and OutLook Express are popular targets for malicious code because they are widely used. See also: Hardening or Securing Internet Explorer. (http://www.microsoft.com/downloads/details.aspx?FamilyID=6AA4C1DA-6021-468E-A8CF-AF4AFE4C84B2&displaylang=en)

10) If your habits include: warez, cracks etc or you install files via p2p networks then you are much more likely to encounter malicious code. Do you trust the source? Do you really need another malware source?

A longer version in link below.

Happy Safe Surfing.

adifrank
2009-02-28, 16:40
shelf life,
thanks for the reply.

i'm familiar with the tips you listed and i actually read through all the stickies and a guide similar to the one in the link you posted - before posting my thread.

truthfully, i can't say that i keep from being vulnerable 100% of the time, but i DO run the basic recommended security software, run scans regularly, avoid suspicious websites, attachments.... and sexy girls as far as it's humanly possible :-)

the reason for me posting was that i stupidly tried to install a program which i got from someone, which i gather now was probably not legit. :oops:
after installing, my antivirus and firewall programs seemed to act strange (trouble updating, suddenly becoming inactive, and so on...).

first i disconnected from the internet then uninstalled the software that i had just installed, uninstalled my anti virus and firewall, downloaded new installation files of antivirus and firewall (from a different computer) and re-installed anti-virus and firewall (on my supposedly infected computer). then went through all the suggested scans and tests listed in this geekstogo thread (http://www.geekstogo.com/forum/You-Must-Read-Before-Posting-Hijackthis-Log-t2852.html)

the scan results came up clean.

i then scanned the installation files (on cd) of the software that i suspect was infected. avast antivirus found:

win32.delf-LCQ [Drp]

so the scans are clean. my security software is running and updating fine. my computer seems to be okay, not seeing anything suspicious or especially slow..... but....

and this brings me back to my original question - how can i be sure that i'm not being tracked by some keylogger or something of that sort? the program i had installed looks like it IS in fact carrying malware and i DID install it. so are there other measures i should take to try and further assure that my computer and personal information is not at risk?

.... and yes, i'll stay away from software from unknown sources. :-)

thanks!!!

shelf life
2009-02-28, 23:34
hi,


how can i be sure that i'm not being tracked by some keylogger or something of that sort

Your best bet would be to rely on your antivirus and antimalware applications. If they are coming up clean then you should be ok. I recommend Malwarebytes Antimalware to go along with Spybot. You could also do a online scan for another opinion.


then uninstalled the software that i had just installed,
A good idea but in most cases the malware stays behind on the computer.


uninstalled my anti virus and firewall, downloaded new installation filesnot necessary to do this.

MBAM:
http://www.malwarebytes.org/

online scanners:

ESET online scanner:

http://www.eset.com/onlinescan/

uses Internet Explorer only
check "YES" to accept terms
click start button
allow the ActiveX component to install
click the start button. the Scanner will update.
check both "Remove found threats" and "Scan unwanted applications"
click scan
when done you can find the scan log at:C:\Program Files\EsetOnlineScanner\log.txt
please copy/paste that log in next reply.

BitDefender Free Online Virus Scan
http://www.bitdefender.com/
click "scan now" button
accept EULA by clicking "I agree"
allow ActiveX to install
click on "click here to scan"
Scan will start after defintions are downloaded

Sounds like you have a good control of things. Happy safe surfing.