So apparently a website that i frequent often (news related, called 20 minutes) got "attacked" and a malware called Gozi (a trojan) was spead through a flash vulnerability (as usual, it's always fucking flash).
How do i know i'm infected, and if it's the case will a standard format get rid of it ?
h-hello
How 2 google
https://storify.com/bbddst/instructions-to-completely-remove-gozi-trojan-hors
ask in /wsr/ or /sqt/ next time.
>>53930591
>https://storify.com/bbddst/instructions-to-completely-remove-gozi-trojan-hors
I did Google it, of course, and read through 6 pages of content and description of that specific Trojan but ive found nothing ending in .exe in %UserProfile%\, or any strange process running.
I think i'm becoming paranoiac because of these fucking retards that can't protect their website correctly. I will clean format.
Gopferteckel, me holt sich sini news au ned bi 20minute.
>>53930633
What ?
>>53930633
Speaking nazi outta nowhere
>>53930451
Option 1: netstat and look for unknown foreign connections
Option 2: Wireshark; view traffic going to foreign connections you don't know anything about; look out especially for DNS providers(i.e duckdns, No-IP, etc)
Option 3: Process hacker; look for any suspicious software installed that has a callback address
>>53930648
Kek
>>53930651
Thanks. If anything comes positive out of these inspections i suppose the logical next step would be format right ?
>>53930752
Not really
Most trojans install a file to make sure there is a constant re-connection
If you DO find something; save what you found, turn off wifi, and look through your /tmp folders. Look specifically at the file extensions
>>53930451
>using Flash
You deserve it.
>>53930821
kekd
>>53930821
This right here, nigger
>>53930821
I don't use Flash. In fact, i never saw a single flash element on that specific website.
I'm giving up. I've found nothing manually, and even then my knowledge is limited. That being said based on what i saw on the Gozi virus it shouldn't be able to replicate, therefore a format should be enough.
>>53930837
>needing to format because of a trojan
That's like saying you need to evacuate a city because some faggot's oven is on fire
>>53930854
Yeah. Big deal. I have virtually nothing to back-up, everything remotely important is on cloud, and nowadays a clean format is done in five to ten minutes flat.
>>53930868
The only PLAUSIBLE excuse for a format would be a rootkit
Everyone knows spaniards are incompetent when it comes to tech
>>53930868
> on the cloud
>>53930837
Classic person that uses AV. I'd try common sense first.
>>53930451
>20 minutes
you should kill yourself