Jump to content

Can you retroactively find out what had been done to your PC after threat detection?

AlisVeritas
 Share
Posted

Hey all,

So here's the situation. At work I had a colleague forward an email asking if it was legitimate. Upon quickly determining it was phishing I asked if she had opened the attached file, and she had.

After installing Bitdefender on her machine it did turn out an infection (Trojan.Agent.DELU) and there were some shady files in the startup that started a windows process marked as vulnerability.

 

And here comes the topic question: Can you retroactively find out what had been done to your PC after threat detection?

 

Without a priori installing monitoring and logging software, can you find out what had been done to your system? And does the Trojan name giveaway somehow the possible vulnerabilities that were exploited or all of them are backdoors into everything?

 

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
11 minutes ago, AlisVeritas said:

And here comes the topic question: Can you retroactively find out what had been done to your PC after threat detection?

 

Without a priori installing monitoring and logging software, can you find out what had been done to your system? And does the Trojan name giveaway somehow the possible vulnerabilities that were exploited or all of them are backdoors into everything?

For first question: no, not really. I mean, unless it's the kind of thing that encrypts your files and then demands payment to unencrypt them, it will want to leave as little evidence of it behind as possible.

 

As for the second: "trojan" does quite literally tell you the vulnerability that was exploited -- the user themselves.

Hand, n. A singular instrument worn at the end of the human arm and commonly thrust into somebody’s pocket.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author

Thanks for the reply. I was just wondering if there is some user grade way of seeing any malicious activities that may have been conducted on your machine, without full fledged investigation into every account and system that one is using.

 

About the name I meant more specifically not the Trojan part but the type. In the case above DELU. Don't know if there's a list somewhere of what each variant of a trojan does.

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Programs, Apps and Websites

×