 |
|
|
|
Next: Trojan Horse downloader Apropo CA need help
|
| Author |
Message |
External
Since: Jul 20, 2005
Posts: 1
|
(Msg. 1) Posted: Wed Jul 20, 2005 8:37 pm
Post subject: Basic Trojan entry question
Archived from groups: alt>comp>virus (more info?)
|
|
|
I'm one of the lucky ones that hasn't had problems with Trojans. I use a
firewall, NAT, and keep all my comptuters updated, and of course I'm very
careful in my web surfing. A friend of mine, however, is having trouble.
He uses Norton, which he keeps updated, but he's getting trojans. The
interesting part to me is that the trojans are not detected upon entry.
Norton finds them during a scan. I don't use Norton, but my friend inists
that he's got the full suite of products, which includes real-time scanning
and protection - web, downloads, and email. Why is the trojan getting in
undetected, only to turn up during a scan?
thank you,
jm |
|
| Back to top |
|
 | |
External
Since: Nov 26, 2004
Posts: 389
|
(Msg. 2) Posted: Wed Jul 20, 2005 8:37 pm
Post subject: Re: Basic Trojan entry question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Jake" <jake.DeleteThis@yahoo.com> wrote in message
news:OByDe.22852$B52.12845@tornado.ohiordc.rr.com...
> I'm one of the lucky ones that hasn't had problems with Trojans. I
use a
> firewall, NAT, and keep all my comptuters updated, and of course I'm
very
> careful in my web surfing.
If you ever have to make a decision about whether or not to execute a
new program on your machine, you run the risk of executing a traditional
trojan. Firewalls, anti-malware, and updated machines won't help you
unless the trojan in question is detectable by the anti-malware program
'and' you have it somehow scan the file.
> A friend of mine, however, is having trouble.
> He uses Norton, which he keeps updated, but he's getting trojans. The
> interesting part to me is that the trojans are not detected upon
entry.
> Norton finds them during a scan. I don't use Norton, but my friend
inists
> that he's got the full suite of products, which includes real-time
scanning
> and protection - web, downloads, and email. Why is the trojan getting
in
> undetected, only to turn up during a scan?
Many types of exploit code are detected and identified as 'trojans' by
the anti-malware programs and as such you can expect to find Java
vulnerability exploits like java.byteverify and others in caches while
browsing. On access AV can be expected to find these when they are
opened and containing the exploit code but not necessarily when they are
opened for the writing of the code into the file - also some AV's will
scan the caches as part of a scheduled scan and notice them then.
Not knowing what trojans and where they were found leaves little to go
on to determine how they get in. |
|
| Back to top |
|
| |
External
Since: Jul 22, 2005
Posts: 8
|
(Msg. 3) Posted: Fri Jul 22, 2005 8:22 pm
Post subject: Re: Basic Trojan entry question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"Roger Wilco" <yesman.RemoveThis@yourservice.invalid> сообщил/сообщила in новостях
следующее: news:11dtiun70nrb2cc@corp.supernews.com...
>
> "Jake" <jake.RemoveThis@yahoo.com> wrote in message
> news:OByDe.22852$B52.12845@tornado.ohiordc.rr.com...
> > I'm one of the lucky ones that hasn't had problems with Trojans. I
> use and
> > firewall, NAT, and keep all my comptuters updated, and of course I'm
> very
> > careful in my web surfing.
>
> If you ever have to make and decision about whether or not to execute and
> new program on your machine, you run the risk of executing and traditional
> trojan. Firewalls, anti-malware, and updated machines won't help you
> unless the trojan in question is detectable by the anti-malware program
> 'and' you have it somehow scan the file.
>
> > A friend of mine, however, is having trouble.
> > He uses Norton, which he keeps updated, but he's getting trojans. The
> > interesting part to me is that the trojans are not detected upon
> entry.
> > Norton finds them during and scan. I don't use Norton, but my friend
> inists
> > that he's got the full suite of products, which includes real-time
> scanning
> > and protection - web, downloads, and email. Why is the trojan getting
> in
> > undetected, only to turn up during and scan?
>
> Many types of exploit code are detected and identified as 'trojans' by
> the anti-malware programs and as such you can expect to find Java
> vulnerability exploits like java.byteverify and others in caches while
> browsing. On access AV can be expected to find these when they are
> opened and containing the exploit code but not necessarily when they are
> opened for the writing of the code into the file - also some AV's will
> scan the caches as part of and scheduled scan and notice them then.
>
> Not knowing what trojans and where they were found leaves little to go
> on to determine how they get in.
>
I also want some to add to all said. Auto-protect not
finds Trojans until then while he will not find out itself actively, but
during
scanning an antivirus finds the algorithm of virus though he is in passive
state. For that and necessary manual scanning
Otto >> Stay informed about: Basic Trojan entry question |
|
| Back to top |
|
| |
External
Since: Nov 26, 2004
Posts: 389
|
(Msg. 4) Posted: Tue Jul 26, 2005 11:29 am
Post subject: Re: Basic Trojan entry question [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
|
|
|
"otto" <otto.TakeThisOut@litech.net> wrote in message
news:dbra0p$rlg$1@ah.litech.net...
>
> "Roger Wilco" <yesman.TakeThisOut@yourservice.invalid> сообщил/сообщила in
новостях
> следующее: news:11dtiun70nrb2cc@corp.supernews.com...
> >
> > "Jake" <jake.TakeThisOut@yahoo.com> wrote in message
> > news:OByDe.22852$B52.12845@tornado.ohiordc.rr.com...
> > > I'm one of the lucky ones that hasn't had problems with Trojans. I
> > use and
> > > firewall, NAT, and keep all my comptuters updated, and of course
I'm
> > very
> > > careful in my web surfing.
> >
> > If you ever have to make and decision about whether or not to
execute and
> > new program on your machine, you run the risk of executing and
traditional
> > trojan. Firewalls, anti-malware, and updated machines won't help you
> > unless the trojan in question is detectable by the anti-malware
program
> > 'and' you have it somehow scan the file.
> >
> > > A friend of mine, however, is having trouble.
> > > He uses Norton, which he keeps updated, but he's getting trojans.
The
> > > interesting part to me is that the trojans are not detected upon
> > entry.
> > > Norton finds them during and scan. I don't use Norton, but my
friend
> > inists
> > > that he's got the full suite of products, which includes real-time
> > scanning
> > > and protection - web, downloads, and email. Why is the trojan
getting
> > in
> > > undetected, only to turn up during and scan?
> >
> > Many types of exploit code are detected and identified as 'trojans'
by
> > the anti-malware programs and as such you can expect to find Java
> > vulnerability exploits like java.byteverify and others in caches
while
> > browsing. On access AV can be expected to find these when they are
> > opened and containing the exploit code but not necessarily when they
are
> > opened for the writing of the code into the file - also some AV's
will
> > scan the caches as part of and scheduled scan and notice them then.
> >
> > Not knowing what trojans and where they were found leaves little to
go
> > on to determine how they get in.
> >
> I also want some to add to all said. Auto-protect not
> finds Trojans until then while he will not find out itself actively,
but
> during
> scanning an antivirus finds the algorithm of virus though he is in
passive
> state. For that and necessary manual scanning
"Auto-protect" is only an automated way of making the decision to scan
an item. Both scans are done in what you call a "passive state" although
the "auto-protect" mode has interrupted the 'path to execution' that
would have otherwise executed the program being scrutinized. It is like
waiting until you are bouncing on the diving board to check for water
being in the pool.  >> Stay informed about: Basic Trojan entry question |
|
| Back to top |
|
| |
| Related Topics: | Damn trojan in my temp (probably). Advice needed. - Ok , this is how the situation has. 3 days my firewall poped up and an application in my C:\Documents And Settings\Administrator\Local Settings\temp wanted to connect at port 80 of an address. It had a weird icon and a weird name ( Rar1.exe). I denied....
Running a trojan program and Virus programs a waste of time? - Thanks for opinions of the knowledgable ones:>) Regards Buddy B
Poss trojan? - I just updated my AVG database, and it picked up a back door Ap trojan. Details are: C:\Windows\system32\XUDERSD.exe. When I try to remove it to quarantine, a message says the file cannot be removed. I checked it with V.3.5 of The Cleaner, which doesn't...
church trojan - Last week it was discovered our church computer(s) have a trojan virus. There are three networked together. The internet provider phoned the secretary and told her that a port was open. I looked for suspicious .exe files and found "pipecmdsvr.exe&q...
deltee trojan - hi all ive just done a full system virus check and Norton has found what it calls the deltree trojan, it says the file it has infected (delete.bat) cannot be repaired or deleted so its been put into quarantine. what do i do now, can i leave it there.. |
|
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
|
|
|
|
|
FAQ
Profile
Private Messages
Log in
