|Some stolen account on steam (a game distribution platform with an IM system) linked me a copy paste of what was obviously a viral .exe |
aaaand I opened it. Before you scream "WHHHYYYYYYY" It's because I attempted to open it with avast's sandbox but the "sandbox" thing didn't show up.
Instead the icon blinked for a half second, probably did what it does best. Installing itself in hidden folders, etc.
At this point I was really both confused and annoyed at avast not auto-sandboxing it. (Oops)
I ran a scan http://r.virscan.org/a3fd1c1064a4e4... and reported the account for user misconduct.
Found this: http://pastebin.com/EyCnWJV3
Promptly changed passwords and disabled remote assistance in control panel. Even uninstalled Steam so he can't disable VAC guard (at least not easily).
Sounds like an overreaction I suppose, I have no way to know if I even ran the .exe since I can't tell if I clicked once which caused it to blink/be selected.
Lesson learned: Avast won't auto-sandbox things that blatantly look suspicious to humans, get a program that lets you manually sandbox?
If it actually got a trojan in there I assume it will be able to just switch remote assistance back on and track my passwords however
So what else can I do against an undetected malware?