Found a Trojan, but how do I know if its being used?

Discussion in 'malware problems & news' started by apost1, Apr 12, 2005.

Thread Status:
Not open for further replies.
  1. apost1

    apost1 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    2
    I recently found a trojan called acid battery on my PC. It puts a file called expI orer.exe in my windows/system32 folder. NOw that I've found it, does anyone know how to tell if anyone's been using it to spy on me?
     
  2. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    you might look in your firewall log for an entry with that file name.
     
  3. apost1

    apost1 Registered Member

    Joined:
    Apr 12, 2005
    Posts:
    2
    Thanks, unfortunately though, I recently changed my log to only keep records for one day. I checked today, but found no instance of it being used. Maybe Ill let the trojan remain a little while so perhaps I can catch someone using it.

    Any other ideas besides checking my firewall log would be appreciated.
     
  4. bigc73542

    bigc73542 Retired Moderator

    Joined:
    Sep 21, 2003
    Posts:
    23,873
    Location:
    SW. Oklahoma
    Without a record of what it has been doing It will be hard to know if it has been phoning home or not.
     
  5. iceni60

    iceni60 ( ^o^)

    Joined:
    Jun 29, 2004
    Posts:
    5,116
    you could use NetMeter it's a little network monitor so you'll know when something has made an internet connection. if something does you could then use a sniffer to see what is happening.
     
Loading...
Thread Status:
Not open for further replies.