Found a Trojan, but how do I know if its being used?

Discussion in 'malware problems & news' started by apost1, Apr 12, 2005.

Thread Status:
Not open for further replies.
  1. apost1

    apost1 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    2
    I recently found a trojan called acid battery on my PC. It puts a file called expI orer.exe in my windows/system32 folder. NOw that I've found it, does anyone know how to tell if anyone's been using it to spy on me?
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,901
    Location:
    SW. Oklahoma
    you might look in your firewall log for an entry with that file name.
     
  3. apost1

    apost1 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    2
    Thanks, unfortunately though, I recently changed my log to only keep records for one day. I checked today, but found no instance of it being used. Maybe Ill let the trojan remain a little while so perhaps I can catch someone using it.

    Any other ideas besides checking my firewall log would be appreciated.
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,901
    Location:
    SW. Oklahoma
    Without a record of what it has been doing It will be hard to know if it has been phoning home or not.
     
  5. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    you could use NetMeter it's a little network monitor so you'll know when something has made an internet connection. if something does you could then use a sniffer to see what is happening.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.