Aol Trojan threw html infection

Discussion in 'malware problems & news' started by Mr.Blaze, Apr 2, 2002.

Thread Status:
Not open for further replies.
  1. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    Ok so im guilty i went surfing threw the dark side under belly of the internet i know i know i shouldnt of been put some habits are hard to break.

    Be warn there seems to be a nasty little buger i ran into today.

    heres what happend i went to a web pg everything was fine till i click on a link.

    set up i think because of my updated nortion and my security settings it didnt harm me as bad as it probly could have.

    i got infected by some scripting maybe a small very small trojan it made a logo that look like aol logo in my zone alarm and set up shop.

    and it  put an ip number on my za advance settings on other computer with a check mark in the box

    i kept haveing two aol logos on za when i sighen on.

    i finaly went into nortion and saw what was in quarinten a html aol logo unknowen i deleted the little buger

    i also rember when i move my mouse on the fake aol logo on the za it said something like tcp port with a number of the port  very strange.

    it looks like nortion got rid of it so i dont think its that big of a deal.

    i guess since i found it i get to name it right arnt those the rules i name it Blaze lol.

    To Pete if you intrested on where i found it ill give you the addy of where i got infected just send me a private message.

    be warn its a dark side of the internet web site you know cough ummm appz.

    and if it turn out im right rember when you submit it  to name it after me i discoverd it lol.

    i always want something named after me lol.
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Sir Blaze,

    I'm tempted to say you did pay for warez after all - but I will refrain from that.

    Nevertheless:

    1) shut down and reboot in the safe mode;
    2) run netstat -an in the MSDOS box;
    3) note if any ports are open or in use
    4) run a full deep scan with an updated good anti-trojan.

    regards.

    paul
     
  3. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    yup your totaly right serves me right  for being so stupit i know better i relly do but sometimes you see something to good to pass up one should probbly rember the golden rule if something to good to be true it probbly is lol.

    Thx paul for not holding it algaints me blaze face rackeed with pure shame.

    i updated the cleaner today ill follow the instructions thx for your help much alprechiate it
     
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Hey MRBLAZE  ;)

    Please post the results, will you?  :cool:

    regards.

    paul
     
  5. FanJ

    FanJ Guest

    "and it  put an ip number on my za advance settings on other computer with a check mark in the box".
    Did you delete that one in the meantime? If not, try to do so.

    And with respect to that new fake AOL-program in the ZA-Program-tab:
    Don't give it any rights: no server-rights, no permission to make connection to the internet.
     
  6. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    ok results what ever it was it look like nortion got rid of it the first time around except it didnt reconize what it was but put it in quarintin anyways i deleted it.

    i went into za and za did let me remove the  ip number with the check in it thx fan j good looking out.

    i did what paul asked i  updated the cleaner and it found nothing so thats good.

    i also notice my fire wall isnt going off ether that made me a little supctiose so i started montering za and its working fine the little icon moves when i load web pgs if it didnt i would know it was disabled.

    everything is fine now still perty d.a.m.n scary figures it be me that runs into the relly wyrd stuff
     
  7. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    [fan j]
    And with respect to that new fake AOL-program in the ZA-Program-tab:
    Don't give it any rights: no server-rights, no permission to make connection to the internet.

    that was the screwed up part i didnt  the only way i cought it was cause za showed another aol logo on the main box albove when you open it.

    a real cheesy looking aol icon za didnt even prompt me with the useal do you want to give so and so app permistion pop up.

    only way i new something fishy was up was the cheesy aol icon za monitored it but didnt catch the permistion thing.
     
Loading...
Thread Status:
Not open for further replies.