iambigbrother.com

Discussion in 'other anti-malware software' started by Chuck57, Oct 8, 2002.

Thread Status:
Not open for further replies.
  1. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I recently downloaded SpyBot from webattack.com on a whim. Never used this sort of thing before. I always figured a firewall and good antivirus was enough.

    Well, ran SpyBot and came up with iambigbrother.com on my computer...a keylogger. It never even occurred to me to look to see if there was any date. I went to iambigbrother and read some of there site and it's still puzzling what there stuff was doing on my box.

    How it got there is a puzzle. My mail all comes through either Hotmail or Yahoo and I never download it to my box. Recently I've been on a download and test software frenzy, but this has all been through reputable sites, webattack, here, sygate, outpost, opera, avg, and a couple from cnet.

    I guess what I'm saying is that if anybody doesn't have SpyBot or similar software on their machine, it might come as a surprise what's actually infesting your hard drive.
     
  2. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Chuck,

    Indeed Patrick is doing a very nice job with Spybot S&D.

    Just some advice: since this keylogger has been on your system for a while, it's strongly recommended to change all your passwords. These have been transfered as well, and could/will be abused by third parties.

    regards.

    paul
     
  3. Primrose

    Primrose Registered Member

    Joined:
    Sep 21, 2002
    Posts:
    2,743
  4. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Much obliged, John ;)

    regards.

    paul
     
  5. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    Spybot S & D is a great program (I run it every day). And the new version looks to be even better (from what I can see from the beta). :)

    I would doubt that that keylogger came through a download from any of those reputable sites you mentioned (althought it is always a possibility...) - more likely, someone who had physical access to your computer installed it (or someone may have sent it to you in an e-mail/IM attachment).

    As Paul said, changing your passwords is probably the first (and best) step. Since you mentioned you only have a firewall and an anti-virus program, you may want to download a trial of either TDS-3 (http://tds.diamondcs.com.au) and/or Trojan-Hunter (http://www.mischel.dhs.org/trojanhunter.jsp) - both are excellent anti-trojan applications that provide very functional trial versions. I am personally wondering what else might be on your system, along with that keylogger (since most anti-viruses miss a good percentage of trojan horses). In my experience, whenever a keylogger was found on a system, there tended to be a remote-access trojan horse of some sort (whether connected to the keylogger or not - after all, malicious individuals can and do get greedy).

    Hope this helps. :)

    -Javacool
     
  6. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I can only say that anybody following me around on the net will be incredibly bored. On the other hand, it's kind of spooky finding something like this. I'm going to download the anti Trojan software you mentioned and, if there's no objections, will post the results here.

    I've been on the Internet since 1996. You'd think I'd have a clue, wouldn't you? A personal thanks to whoever posted about SpyBot in this section, and a big thanks to Wilders for being here for idiots like me.
     
  7. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    Well now, you were smart enough to go download SpyBot. :D Tell that to the millions of other Internet users who haven't downloaded it yet. (Or maybe the large percentage who share their entire C drive with no password and no firewall. ;))

    But Wilders is a great place, isn't it? (Where's Checkout when you need his comments? ;))

    -Javacool
     
  8. Paul Wilders

    Paul Wilders Administrator

    Joined:
    Jul 1, 2001
    Posts:
    12,472
    Location:
    The Netherlands
    Thanks JC for the compliment - a compliment addressed to your person as well, for the record! ;)

    Chuck,

    No objections at all - we might move the thread to the appropriate forum, depending what shows up. That's no problem either.

    No idiots here - no foolish questions either. This board is a friendly one, and always will be. As long as we all learn from one another: mission accomplished ;).

    regards.

    paul
     
  9. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Downloaded Trojan Buster and my system came up clean of the little buggers, which was a relief. Now, two more newbie questions and I won't pester anyone for a while.

    First -- I found a freebie trojan scanner Swat It, from Lockdown. Is this any good or would I be wasting my time to download it?

    Second -- My wife and I are connected through a direct network, using my computer as the server (dial-up). She, too, is firewalled on hers with Tiny (free). I have Sygate Pro with xp's firewall also enabled.

    I spend most of my time visiting various security and writer's forums. She is a graphics artist and most of her online time is on a number of graphics sites or her own website.

    Since we are networked through my computer, would anything SHE might pick up hit mine rather than hers? I'm still trying to figure out how I ended up with this thing on my machine.

    Finally, and a possibility that occurred to me. This computer is a refurbished generic, a couple of years old. It was traded and refurbished at a local shop and I bought it. Its files were, obviously, cleaned, but the OS (at that time Win 98SE) remained, along with one other old version of Paint Shop Pro. I wonder if the iambigbrother thing might be a leftover that wasn't discovered? I've had it since February.

    Yeah, I'm looking for excuses.
     
  10. notageek

    notageek Registered Member

    Joined:
    Jun 3, 2002
    Posts:
    1,601
    Location:
    Ohio
    There is post on this board about Swat It. I even p[osted about it. I tried it for 2 months and they never updated it or anything. So to answer you question is that it would be a waste of time. As for free Trojan scanners go the only one that I hear good things about is gladiator. It's in Alpha. Sometime soon ANTS 2.2 will be coming out and that will be good. As for now if you don't want to pay for a AT just give all the AT a 30 day trial. :D
     
  11. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    Please do not waste your time with this one. Lockdown can trigger some emotional comments in many places. Let us just say, you would be better served looking elsewhere.
    I highly recommend spending a little money on a program as important as an antitrojan. TDS3, Trojan Hunter, and BO Clean are good. If you would like a great combination AV and AT, take a look at Kaspersky antivirus. Even though its an AV, it usually catches more trojans than the ATs do.
    You could also consider ants 2.2, if its released yet.
    Since you have a refurb, I would sure give it a good housecleaning by scanning with some reliable programs.
     
  12. javacool

    javacool BrightFort Moderator

    Joined:
    Feb 10, 2002
    Posts:
    3,997
    BOClean is an excellent "set it and forget it" AT, in my opinion. (A recent test, finally fair to how it works, proved that by awarding it top honors, along with TDS3.) If you like just knowing that you are protected, and not getting "messy" with lots of configuration options, or settings, then I would definitely recommend going for it. PSC doesn't offer a trial, but they do offer a money-back guarantee - and they hold to it (though I doubt you will want to return it). More information is available here:
    http://www.nsclean.com/boclean.html

    Trojan Hunter is also very good (although its database isn't quite as large, it is improving every day - the author is very dedicated to making the program better and better).

    TDS3, as mentioned above, is probably the most complex, but also provides the most thorough scanning. And I believe it also has the most trojans in its detection database. If you decide to get TDS3, or if you just wish to get more information, there is a great public forum here for it - I'm sure FanJ, Jooske, or someone else would be glad to help you out with any problems that arise or any questions that you have (https://www.wilderssecurity.com/index.php?board=5).

    As for Ants 2.2 - I am definitely looking forward to it. :)

    Hope this helps.

    -Javacool
     
  13. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    Thanks all. I've read good things here about Kaspersky. I use AVG antivirus right now. My current state of paranoia is suggesting something a little stouter.

    Another question, this one from my wife. She mentioned on one of her forums what happened, and somebody recommended 'surfingguard', or 'surfinguard' as being what they use, after assuring themselves their machine is clean. I confess not having bothered to look at it yet. It's from Finian, or something like that, software. I'll be hunting it up as soon as stick a period at the end of this sentence.
     
  14. root

    root Registered Member

    Joined:
    Feb 19, 2002
    Posts:
    1,723
    Location:
    Missouri, USA
    You might want to kick that one around with the people here before you jump in.
    Lets just say it's not one of the main contenders. I know this is starting to sound like everything you suggest, you get criticised for.
    Here's the deal. There are a lot of antivirus, antitrojan, and firewall programs around. Some are excellent, some are barely adequate, and some fail miserably. How do you know what is what?
    There are reputable places that test programs like AVs, such as Virus Bulletin and the Univ. of Hamburg that do comparative testing. There are others that test ATs.
    By coming to this board, you have joined a group of people that make up about 2% of the people that surf the internet. The people here are interested in learning and sharing information about the very best security products available. Here you will find people that are more than willing to help others learn about the best security products and practices.
    All you have to do is ask. :D
     
  15. Chuck57

    Chuck57 Registered Member

    Joined:
    Sep 2, 2002
    Posts:
    1,422
    Location:
    New Mexico, USA
    I appreciate the help, believe me. It's got to be obvious that, although I've been a member here for a few months, apparently I haven't absorbed much of what I've been reading. Then, reading about something and having it happen to you are two different things. Now I'M involved.

    Before I download anything more than Trojan Hunter, which I think might be a keeper, I'm definitely going to be looking into ratings, tests, and so forth of all related software.
     
  16. snowbound

    snowbound Retired Moderator

    Joined:
    Feb 18, 2003
    Posts:
    8,723
    Location:
    The Big Smoke
Thread Status:
Not open for further replies.