Re: trojan found

From: Die Spammer (diespammer_at_loser.fu)
Date: 06/18/03

  • Next message: Die Spammer: "Re: trojan found" 
    Date: Wed, 18 Jun 2003 07:33:32 GMT

    >
    > The only information saved in or by the BIOS is the configuration
    > information (ESCD) - whatever happens here is probably nothing to do
    > with viruses or trojans.

    this is what I am thinking also

    > There are a number of possibilities. You may have unsecured shares
    > and somebody outside may be putting things on your PC. Trojans and
    > viruses do travel as e-mail attachments, but there are several viruses
    > which also spread via insecure network shares. You may be running
    > processes which are configured to allow other people to plant things
    > on your PC.
    >
    > You need to check and see what resources on your PC are visible. You
    > can read up more on this at www.grc.com and www.cert org - you may
    > want to read up on the CERT guidelines for small business security and
    > also on recovereing from a compromise. Pay special attention to
    > unbinding network sharing from your modem.
    > >
    > >My question is
    > >1. can it be possible for this trojan to make new file names
    >
    > The filenames seem fairly arbitrary. The only requirement for
    > consistency is that the registry entry invoking the trojan is going to
    > have to be able to specify a valid filename. There should be detailed
    > writeups on this trojan, start with the McAfee and Symantec websites
    > www.nai.com and www.sarc.com.
    > >
    > >2. if this is a key stroke logging trojan, how can I find out where the
    > >log is getting sent to if it gets sent somewhere. Can I look in the
    > >infected files somehow to find out a destination address?
    >
    > If the writeup doesn't tell you, your chances of reverse engineering
    > the malware to find out where the information is being sent are
    > remote.
    > >

    also, the computer that has or has had these trojans is using a dialup 56k
    modem.

  • Next message: Die Spammer: "Re: trojan found"

    Relevant Pages

    • Re: Cheney vs Obama
      ... that I read in that time period. ... either you or someone else posting to this thread has a worm or ... trojan on your box." ... trojans, viruses, attachments, or scripts of any kind. ...
      (rec.music.beatles)
    • Re: Cheney vs Obama
      ... that I read in that time period. ... trojan on your box." ... trojans, viruses, attachments, or scripts of any kind. ... The worm rewrites itself after you reboot. ...
      (rec.music.beatles)
    • Re: How to turn linux into VMS - memory refresher for Dave ...
      ... >> Again these executables are Trojans they are not viruses. ... That as I have said before is a Trojan. ... >procedures or executables, e.g., image files on VMS systems. ... >A Trojan horse is a piece of code that lives independably of other programs. ...
      (comp.os.vms)
    • Re: [Full-Disclosure] AV Naming Convention
      ... The problem here is the way viruses have been getting classified through the ... Malware stands for "malicious software". ... Another example is the one of Trojan horses. ...
      (Full-Disclosure)
    • Re: trojan found
      ... The only information saved in or by the BIOS is the configuration ... with viruses or trojans. ... >trojan but no email dates are on the same day and NAV2003 has not been ...
      (alt.computer.security)