dotTech - Topic: Trojan has been downloaded from an unknown GOATD Software

Steelers6 on Trojan has been downloaded from an unknown GOATD Software

Thu, 05 Nov 2009 06:46:34 -0800

Sorry to hear of your malware. I too have had instances of malware/viruses after downloading from sites. I've never been able to pinpoint that it was GOTD and I don't use peer to peer sites. I have taken the good advice from DotTech and use GesWall, and some great anitivirus software and anitmalware products.

I think if you read Ashraf's Security suggestions and those of the posters and use them you will be ok. I can confirm that I got a trojan after a Google toolbar update. Luckily it was found with Malwarebyte and IObits, and contained with GesWall so I was able to successfully remove it and no harm was done.

I also make sure to create a restore point before installing any software including Microsofts often distructive updates.

I hope that helps! Check out Asharfs suggestions about the best security. I'd use SandBoxie but it doesn't support 64 bit OS's. GesWall does.

Good luck to you and let us know how it turn out.

Vidimo Se!

JessRabbit on Trojan has been downloaded from an unknown GOATD Software

Thu, 05 Nov 2009 06:04:17 -0800

I just came across this posting, I know its a couple of months old. About a week or two ago, I too experienced my first trojan attack and to my surprise, it came to me through a software downloaded from GAOTD. And I did find out what software it was, "AnVir Task Manager". So not only did my AV catch it, I also went and Uninstalled it immediately. I've been following GAOTD and Dot Tech for about 2 months now..and they do have some good software at times but just remember that some developer's get there jollies at spreading viruses and then again, I believe I read at GAOTD site, that at one time within the past month or so, that their wrapper was found to have had did a trojan or some malware in it. So that may be possibly where you and I got this at?? But just keep in mind for future reference, that before you do you an install of ANY software, ALWAYS perform an AntiVirus and Malware Scan just to be safe!! Because on the internet, no one is safe from viruses, trojans and the like.

PTLdom on Trojan has been downloaded from an unknown GOATD Software

Wed, 04 Nov 2009 15:41:03 -0800

Neither Sandboxie or Geswall allow you to test the installation of software that requires rebooting to run. Only a virtualization solution.

Ozzie on Trojan has been downloaded from an unknown GOATD Software

Thu, 15 Oct 2009 08:15:22 -0700

I definitely agree with ruchir9897 on the value of sandboxing your browser. I used to use Sandboxie, but about a year ago shifted to Geswall, which I really like. Basically, anything you download is automatically sandboxed, so you can check it without it having to worry about your comp becoming affected (of course, no program guarantees 100 percent safety, but combined with a good AV - I use A2 pro - you should be right).

ruchir9897 on Trojan has been downloaded from an unknown GOATD Software

Thu, 15 Oct 2009 07:47:51 -0700

True,I have downloaded GOTD soft and two or three are infected by worms/trojans.Best method is to first scan the installer with excellent AV,plus run the installer in virtual environment like Safe run through Kasperskt Internet Sec 2010,power shadow,sandboxie etc. so that even if it contains viruses,it will destroy your computer till restart since these softwares emulates installation and not installs on hard disk.You are safe.....................................

yourpalal on Trojan has been downloaded from an unknown GOATD Software

Sat, 22 Aug 2009 01:32:15 -0700

Good day All. First of all I'd like to thank Ashraf & others from dottech.org for trying their best to keep us informed & give us support, & for giving us all the detailed step by step instructions so consistently & generously. It was by following one of Ashraf's links to a Full Review from GOATD that I 1st saw that someone cared enough to explain technicalities & help resolve issues & answer questions. GOATD is great & can't blame them directly. But there, you don't get the interaction & timely responses from their 'team' or moderators like are done here at dottech. Many people then, are left with damaged computers for lack of help & support, & every day at least some are left without anyone answering their pleas for help within that 24 hours. So I want to recognize the value of GOATD, but believe that there is a growing path of "wreckage & ruin" ("Bad Moon on the Rise") as a result. I've been trying out GOATD software for about 3 months by reading comments from there (& here) & then downloading, installing, uninstalling, etc. Also, like others I've been facing all the problems associated with poorly coded or careless work by developers that may or may not have been knowingly allowing malware or security issues to be transmitted to us as unpaid "testers." That said (finally!), I now have my 1st possible malware/Trojan, but I can't tell from what specific download as there have been so many, otherwise I could warn you all of the exact 'culprit.' I have sent what I can to VirusTotal, but not sure I did it correctly until I get a response.

[[[ Hello. Since this is my 1st known malware & I'm using virustotal.com for the 1st time, would you please let me know what & how I'm to send you what has been detected. For now, here is what I have:

Emco Malware Destroyer Scan Results 8/22/09 2:27 AM

Select Action Machine Name Type

Quarantine AL-PC NMC.KOOBFACE.ADW TROJAN

[EXISTS_REGKEY_HKLM]=\\SYSTEM\\ControlSet001\\Services\\glok+1b6c-49b1

[EXISTS_FILE]=%win%\\glok+1b6c-49b1.sys

REMOVAL

HKLM_KEY]=\\SYSTEM\\ControlSet001\\Services\\glok+1b6c-49b1

[HKLM_KEY]=\\ControlSet001\\Enum\\Root\\LEGACY_GLOK+1B6C-49B1

[HKLM_KEY]=\\SYSTEM\\ControlSet\\Services\\glok+1b6c-49b1

[FILE_DEL]=%win%\\glok+1b6c-49b1.sys

[FILE_DEL]=%win%\\glok+serv.config

"Normally received as an email attachment; may consist of a rootkit, a peer-to-peer client, and a mass-mailing worm component. Its code may be injected and run from the legitimate services.exe process in order to bypass firewalls."

For now I have quarantined it.

Thanks for your help. Al ]]]

So I wanted to caution everyone & know if others have had this, as well as ask for help. Thanks. Al