do i have a trojan TDS

Discussion in 'Trojan Defence Suite' started by Mr.Blaze, Jan 12, 2003.

Thread Status:
Not open for further replies.
  1. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    I did an update today with tds and i did one befor not to long algo .

    after todays update i got this during a scan

    Scan Control Dumped @ 18:56:03 12-01-03
    RegVal Trace: RAT.Dua ti choi: HKEY_LOCAL_MACHINE
    File: Software\Microsoft\Windows\CurrentVersion\Run [Taskmonitor=C:\WINDOWS\taskmon.exe]

    what do i do now=( wow my days geting worst by the minute is there no end to my bad luck
     
  2. FanJ

    FanJ Guest

    Hi Blaze,

    I just saw at the private forum that more people got such a warning. I don't have read the whole thread there now at this moment, but I would suggest that you too go there and have a look.
     
  3. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    All good and all bad things consist of three and things can change from the one to the other.
    How about looking into this thread smelling the roses again?
    http://www.wilderssecurity.com/showthread.php?t=6187;start=15#lastPost
    In tonight's update it will be gone, Gavin promised personally in the private forum.
    In the other thread also do visit the thread at DSLR which Paul posted and where Wayne personally explains some about it.
     
  4. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    lol i guess it isnt same info in the trojan and back door forume i guess alot of us got cought by surprise lol i was haveing a heat attack lol

    :Dwill you know all the goofy stuffs i do so with me even fully protected i was thinking its beeen a very very long time since i had a nasty.

    :Dand i guess form hanging at wilders so much and you guys my pc is and has and always will be in perfect health

    should have knowen better with all these security programs from wilders paul,nancy ,wayne ,gav,nav ,and za team,along side lavah soft and pepi mk and javah cool just to name a few i should had knowen it be very unlikely lol fort knocks yeahhhhhhhh :D
     
  5. *Ari*

    *Ari* Registered Member

    Joined:
    Feb 15, 2002
    Posts:
    431
    Location:
    Finland
    MrBlaze....howdy

    All info seems to be in vietnamese......
    1.Trojan l?y pass r?i g?i cho ta pass ?ã l?y o_Oc qua email ch?ng h?n nhu hooker, barok ...
    2.Trojan dùng ?? ?i?u khi?n nhu SUB7, DUA TI CHOI...
    Lo?i th? 1: Trojan l?y pass r?i g?i cho ta pass ?ã l?y ?u?c qua email .....
    blah blah blah......somebody read this all at :
    http://www.ninhthuanpt.com.vn/dong_huong/dien_dan/chitiet.php?bien=43&id_cd=6

    *Ari* :p
     
  6. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    Oops Krusty, it looks like the instruction to configure the server to be sent to the victim and infect him via email. I still think it is vietnamese for S7. As i'm not sure about the intention of the page and you might have seen there are at least four of them, one with screenshots and pointing to a page to d/l the nasties (which are no longer there now) i did not post them.
     
  7. Mr.Blaze

    Mr.Blaze The Newbie Welcome Wagon

    Joined:
    Feb 3, 2003
    Posts:
    2,842
    Location:
    on the sofa
    i dont think im infected if iseen what 5 people useing tds with the same exact dump file for my fellow newbs the dump file is just a text copy of what tds found very useful to rport the nastys you find here
     
  8. Jooske

    Jooske Registered Member

    Joined:
    Feb 12, 2002
    Posts:
    9,713
    Location:
    Netherlands, EU near the sea
    I think if code is added just straight like that 79% of Windows will be alerted on, so with the refining it will probably look deeper to only alert if case X is met.
    So now we all wonder which is in the taskmon.exe so close to which malicious code; yes we know, close to the RAT.Dua ti choi and that'll teach you TDS is on top of it.

    If you ever would get infected with it, make sure to send Gavin a sample first, zipped. Nothing in your 7 search engines on that?
     
Thread Status:
Not open for further replies.