?

Log in

No account? Create an account

Previous Entry | Next Entry

Tracking down the malware

This is how they found  where the malware hid itself on my laptop, which is running WINDOWS XP:

1) Open up My Computer, click on C Drive
2) Click on Documents and Settings.
3) Click on Administrator
4) In the Explorer window, Click on Tools > Folder Options
5) In the Folder Options window, click on the tab.
6) Select "Show hidden files"
7) Unselect "Hide protected operating system files"

Look for a folder marker ".jnana"  That's the bad boy.

If you go into the .jnana folder, you may see files named with an IP address and a timestamp, something like
11.22.33.45_12344556789 .  Those are the output from the keystroke logger.  Look through these files for passwords and other sensitive information you've entered.  I don't know how you can tell if the logfiles have been uploaded.

There may be other places on your system where this bastard hides, according to the security experts.  If you find you've been infected, get  your system wiped and reloaded.  Nuking it from orbit is the only way to be sure.

Tags:

Comments

carlfoxmarten
Nov. 26th, 2010 10:14 am (UTC)
Amen to that! Those are two of the settings that I always change every time I get a new Windows install.

Latest Month

November 2015
S M T W T F S
1234567
891011121314
15161718192021
22232425262728
2930     

Tags

Powered by LiveJournal.com
Designed by Keri Maijala