Re: Help me,my computer maybe at risk with some trojan.



Olicaca wrote:

Why don't teach me how to check if a trojan stay on ur computer instead of reasoning


Simply said, since I make sure there're no point to hook into, any malicious software would have to appear as a separate process in the process list. That's trivial to check.

> argueing, about the reason of bug on the PC..?

Well, that's the reason why I suggest to create an disk image of the compromised system. Later on you may start analyzing what malware it is and which security hole was exploited. It's pretty unlikely that it wasn't a configuration or random problem, which is unlikely to occur again. You don't have to the put the system online either.

> You really think antivirus can check out all trojan huh?

No. Analysis are normally conducted with serious tools.

> Do you hear that if you have trojan on source setup than it quite

pass anti-shitwares check??


Well, that's pretty trivial.

I'm acquainted with some friend and he declares that,if he write a
trojan then no antivirus can detect, because his is not destroy
anything and...


Well, although this is generally possible, the argument is bogus. The real argument is that one can create malware that modifies itself in a way such that no L0, L1 or L2 pattern signature could match it in every fashion, and not even behaviour anaylsis would conclude anything.

> Virus and worm is easy to detect but trojan is not,specially it

is the economic war.


They're only detectable by their defined behaviour, that is a virus does modify other executables, and a worm modifies the behaviour of server processes.

> You say manything and about bandwidth but i need u teach how to detect

trojan,bandwidth is no problem.


What I said is that bandwidth is a valueable resource that is definitely in the interest of the attacker.

> Could you help?

How many more times do I have to ask you if you have flattened and rebuild the system? Bring it back to a well-defined state first, since this is the only reliable way to recover from a compromise.

> Ah,if you want teach me

then please use English in the simple grammar,hornestly i'm idiotic in
English maybe and i must try so much to understand.It is real(coz my
country not use English and not join with the World soon).


"coz" is obviously not an English word.
.



Relevant Pages

  • Re: Help me,my computer maybe at risk with some trojan.
    ...  > You really think antivirus can check out all trojan huh? ... argument is that one can create malware that modifies itself in a way such ... Bring it back to a well-defined state first, ... English maybe and i must try so much to understand.It is real(coz my ...
    (comp.security.misc)
  • Re: Trojan in system, CRASHING it frequently
    ... I'm sorry I don't use english, the way you think I should. ... No, the trojan is in my computer system, not in my english system!!! ... > This will bring up the initial menu of choices and should be executed in Normal Mode. ... > download the files and perform a scan in Normal Mode. ...
    (microsoft.public.windowsxp.help_and_support)
  • Re: Finally justice !!!
    ... Looking at the english part of their forum, it seems harmless, but I can ... just the trojan attached to it which hacked people's accounts? ... Is this an .exe based addon, ...
    (alt.games.warcraft)
  • Re: Help me,my computer maybe at risk with some trojan.
    ... Now go to the main topic.Why don't teach me how to check if a trojan ... English maybe and i must try so much to understand.It is real(coz my ... Kaspersky be disable while it look like alive and active normaly. ... Kaspersky often report explorer.exe,svchost... ...
    (comp.security.misc)
  • Re: Trojan in system, CRASHING it frequently
    ... | I'm sorry I don't use english, the way you think I should. ... | No, the trojan is in my computer system, not in my english system!!! ... | As far as knowing the name & ect. ...
    (microsoft.public.windowsxp.help_and_support)