I downloaded trojan from internet. File was disguised as a rar, but in firefox download windows I didn’t see rar icon just the ending .rar - so I knew something virus type was coming, despite I let it download. After it finished getting on my desktop it disappeared instantly. I receive comodo internet security alert that there is a trojan - I performed trojan removal with comodo, which went successful.
But being paranoid as I’m… I took all files from my C partition, moved everything to Storage drive, and performed a format - reinstall of win7 on C drive.
Now I’ve a question,
What is a chance that along with the files backed up from the desktop, trojan attached itself to one and no resides on the storage waiting to be copied elsewhere?
What is a chance that during initial installation of trojan, it copied itself on my other drives or partitions?
Well, without knowing what the trojan was, it’s impossible to say what it might have done.
You’re sure it was an actual trojan and not just a false positive?
Saying it had the extension .rar and not the icon doesn’t mean anything, because icon recognition is derived from the extension. Without the extension, an application has no way of knowing what type of file it is, regardless of whether or not the file may be harboring a trojan. In other words, Firefox can’t tell a file is a .rar unless it has the extension .rar.
Submit the file in question to VirusTotal and see what the consensus is there. You can also submit it to Comodo here. Comodo Malware Analysis
I did reformat, so no way telling what trojan it was…
but as a general rule if COMODO caught it instantly, that means AV isolated it or sandboxed it, and no way it could spread? Also hear trojans don’t replicate themselves… :S
You don’t remember the file name and where you downloaded it?
What I’m saying is that you might not have needed to do all of that. It’s definitely a good idea to find out if the file is a false positive before doing something as drastic as formatting your hard drive.
But yes, if it was intercepted by Comodo before it could act, it shouldn’t be able to do any damage to your system.
I’m trying to find the file again. It was some download from youtube video description - looked very much like social engineering attempt at getting something on your computer.
Another thing I’m thinking, can trojans actually auto install themselves? I mean, I just downloaded file, I never opened it or ran it… after I got it on computer it disappeared instantly :S