Is a short-term intrusion feasible?

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by DukOfURL, Jun 8, 2006.

  1. DukOfURL

    DukOfURL Private E-2

    I am looking to get some expert advice. I am very security aware. I run ZoneAlarm Pro and SpySweeper. I periodically also run Ad-Aware and SpyBot at deep scan level. I use Avast! antivirus software. I run rootkit-revealer and a keystroke logger detection program periodically. When I run Shields Up!, it tells me my ports are fully cloaked. I also have a router with full security setup and running as another obstacle for the crooks to get by.

    But, in the past three months, I have had my checking account information stolen and used to cash copied and altered paper checks by unknown crooks. After changing to a new account, within three weeks they were at it again with the new account number.

    I did not THINK the information was being stolen from my PC. It seemed more likely that an outside person with access to a real paper check was using that to get the account number. But after the first attack, we only wrote five paper checks on the new account, all to what I consider secure vendors.

    So I am back to thinking maybe there is a hole in my PC allowing the information to get out somehow. Short of never going online, does anyone have any idea how I can be certain there is not some malware that is not being prevented or detected by my software? How about locking down the firewall except for when I need to get online, opening it just for that poeriod, then locking it again? Has anyone had to go that far? Is there any actual comprehensive software/hardware solution to malware, something you can count on to stop 100% of the bad guys?
     
    DukOfURL, Jun 8, 2006
    #1
  2. Major Attitude

    Major Attitude Co-Owner MajorGeeks.Com Staff Member

    Mainly by running our Read Me First thread and trying those steps. No, there is no 100% solution except not using the internet. If you have broadband, you can ask your isp to change your ip address, which if someone was attacking you specifically, it would end that.
     
    Major Attitude, Jun 8, 2006
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Sounds like you have or had one of the password stealing trojans that are around. There are quite a few but two we see alot are:

    http://www.liutilities.com/products/wintaskspro/processlibrary/ibm00001/
    http://www.liutilities.com/products/wintaskspro/processlibrary/syshost/


    Please run the below and attach the requested log:

    Using GetRunKey

    The identify one form of the trojan if present.

    As Major Attitude indicated, our best defensive starting point is: READ & RUN ME FIRST Before Asking for Support

    After getting cleaned up, the next step is: How to Protect yourself from malware!

    I'm going to post a boilerplate message that we use when we see trojans like this on PCs. Read it carefully and make sure you have taken those kind of steps. If you use an infected system to change passwords, you are just wasting your time changing the passwords.

    You are strongly advised to do the following immediately:
    1. Disconnect infected computer from the internet and from any networked computers until the computer can be cleaned. If you have network compters, start checking them for problems too.
    2. Call all of your banks, credit card companies, financial institutions and inform them that you may be a victim of identity theft and to put a watch on your accounts or change all your account numbers.
    3. From a clean computer, change *all* your online passwords -- for email, for banks, financial accounts, PayPal, eBay, online companies, any online forums or groups you belong to.
    Do NOT change passwords or do any transactions while using the infected computer because the attacker will get the new passords and transaction information.
     
    chaslang, Jun 9, 2006
    #3

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds