 Is there a way to tell which of my files (if any) were accessed or downloaded by a Trojan/malware? |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.  |
  Oct 24 2009, 08:40 PM
Post
#1
|
|
|
New Member  Group: Members Posts: 6 Joined: 24-October 09 Member No.: 394,152  |
I'd like to know what would have been accessed or downloaded, though. I'm feeling really nervous and restless because I'm not sure if any of my files were downloaded or not. I had things which could spell a lot of trouble for me in the future and I can't stand thinking that I might go through the rest of my life never knowing that a ton of very personal things that I went through great lengths to keep private could be floating around in cyberspace somewhere. I didn't have anything that'd put me in jail or anything, just details about me that I'd never like to never surface. What sort of files would a Trojan go after? How many files would have been downloaded? How long will they be stored elsewhere? All of my passwords and such have been changed and nothing happened to even my most important accounts, but is it only a matter of time until some hacker somewhere tries to do something with other information? A quick note is that I disabled system restore and did a disc cleanup because one of the files I found was malware located here: "c:\system volume information\_restore{08EDBA23(rest of the file I'd prefer to keep private, and it doesn't show up on Google beyond this point anyway)" Would LOIC have a reason to put a file there? There's a chance that the entire thing could have been a false positive and I'm worrying about nothing. LOIC is supposed to show up as a virus because it is a homebrew program. It's just that there are unclean variations of it which play on that fact because there isn't an easy way to tell from a clean and unclean version because of the clean version's nature of always being detected as a virus by standard programs like McAfee. Here's the file I downloaded. I recommend you do not download it unless you have a safe way of analyzing it. Link Removed (add on this part below after "/download/" I'm not bypassing filters, I just am pretty paranoid and don't want a hacker who may have programmed the file knowing that I had sensitive information and finding this page by searching for it through an engine with the URL and trying to locate the files I speak of if they were downloaded to somewhere.) 64588788e47d141c/ If anyone could determine if the above LOIC is legitimate or not, I've heard that a way is to compare the source code. The source code for the clean version of LOIC is found here under "Chan": http://www.praetox.com/n.php/sw/sauce This post has been edited by garmanma: Oct 25 2009, 10:24 PM |
 |
 
|
|
Oct 25 2009, 02:07 AM
Post
#2
|
|
|
New Member Group: Members Posts: 6 Joined: 24-October 09 Member No.: 394,152 |
If no one knows the answer, can someone at least point me in the right direction of where I should be asking this?
|
|
|
|
|
Oct 31 2009, 04:11 PM
Post
#3
|
|
|
New Member Group: Members Posts: 6 Joined: 24-October 09 Member No.: 394,152 |
Bump.
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 20th March 2010 - 09:07 PM |
© 2003-2010 All Rights Reserved Bleeping Computer LLC.