
whats a trojan
#1
Posted 09 June 2004 - 02:05 PM
#2
Posted 09 June 2004 - 08:02 PM
But first, a brief overview on how the term "Trojan Horse" came to use on computer systems. If you know or don't know Greek history (the trojans) had a spy amongst them known as 'Sinon' who offered trojans in the form of a wooden horse which was in fact hollow. The warriors hid inside the wooden trojan horse and when the city of Troy was unsuspecting they came out of the hollow horse and attacked the unsuspecting people. Thus they "backdoored" the wooden horse similar to that of an application on your computer which may be backdoored. It may have capabilities of doing things you are unsuspecting of on your computer.
A regular normal trojan (backdoor) may have the capabilities of doing harmless pranks on your computer, downloading/deleting files from your computer, getting your IP address, small DDoS attacks, etc. Pretty harmless for the most part and one of the lighter trojans (damage wise).
A IRC Bot is a backdoor trojan which the main purpose in most cases is DDoSing a person or a website. It will install itself to your computer and connect to an IRC server and channel and site there waiting for commands from the hacker. It can do such things as a normal trojans but it far more sophisticated DDoSing/pinging wise as you have full control over what it will DDoS, when, how many (packet wise), and how long. They are very bad and can result in you committing a serious crime.
A RAT (Remote Access Trojan) is the worst of them all. It gives a hacker FULL control over your computer. They have the option to view everything on your computer, delete anything, move anything and in a lot of cases, format your computer if they choose to do so, not to mention common keylogging of keystrokes to retrieve typed passwords.
In most cases, most normal, IRC and RATS can do common key-logging which makes a lot of them so nasty.
A small brief overview of a trojan.
#3
Posted 09 June 2004 - 09:04 PM
thanks ZERO

Misses Loves Kisses
Also, Please don't PM me your hijack logs. I would you rather post them and PM me if you wish for me to look at them. A PM with a hijacklog will get ignored!
#4
Posted 09 June 2004 - 09:12 PM
A program that comes in secretly and quietly, but it carries a destructive payload. Once you become infected by the worm or virus that that Trojan carries into your computer, it can be very difficult to repair the damage. Trojans often carry programs that allow someone else to have total and complete access to your computer. Trojans usually come attached to another file, such as a .avi, or .exe, or even a .jpg. Many people do not see full file extensions, so what may appear as games.zip in reality could be games.zip.exe. Once the person opens up this file, the Trojan goes to work, many times destroying the computer's funcionability. Scary, eh? You can read more about this here, on our Trojans, Viruses, and Worms reference page. Your best line of defense is to NEVER accept files from someone you don't know, and if you have any doubts, then do NOT open the file. Get and use a virus detection program, such as Inoculate and keep it updated regularly.
www.ircbeginner.com/ircinfo/ircglossary.html
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#5
Posted 09 June 2004 - 09:43 PM
How can you tell which is which ? like if you pick up a random named trojan, how can you tell if it's a RAT, IRC & etc....
By the name the file starts with an the .exe file . Example if the startup name says [Winsock2 Driver] you can pretty much guarentee its the Spybot trojan (IRC bot)
#6
Posted 09 June 2004 - 11:39 PM
Misses Loves Kisses
Also, Please don't PM me your hijack logs. I would you rather post them and PM me if you wish for me to look at them. A PM with a hijacklog will get ignored!
#7
Posted 09 June 2004 - 11:40 PM

Please help to keep the forums alive with a small donation
#8
Posted 10 June 2004 - 12:32 AM
Misses Loves Kisses
Also, Please don't PM me your hijack logs. I would you rather post them and PM me if you wish for me to look at them. A PM with a hijacklog will get ignored!
#9
Posted 10 June 2004 - 06:19 AM
Similar to what they did to Troy. They thought they were getting a giant wooden horse so they took it in, little did they know it was 'backdoored'.
Its why theyre callled 'backdoors'.
In more cases, a Trojan can be "binded" with a legitamate exe. So if you dio in fact download "Nero 6 full (works!!!)" it may work to show you nothing abnormal is happening, when the case is, you just ran two exe's. The software pack nero and a trojan.
#10
Posted 10 June 2004 - 09:46 AM


Here's some more info that might help people a liitle bit that I prepared earlier..
I hate trojans just as much as I hate spyware..

::Anti-trojan Guide::
http://www.bluetack....hp?showtopic=72
#11
Posted 10 June 2004 - 10:34 AM

Question as well on trojans...
It is possible to get a trojan from dowloading songs on Kazaa, correct?
At least I'm going to say yes.
Not saying that I have cause we all know it's against the law


Is it possible to also get a trojan from going to a site... let's say a porn site?
In other words, you go to site xxx and all these pop ups starting coming up so you close them out or ALT+F4 them to close them. Now you never really entered any site and you didn't click on any links of these pop ups. So, can you still get a trojan just by going to a site?
Thanks
Rafael
#12
Posted 10 June 2004 - 10:40 AM
Downloading off of kazaa is like giving a hacker your computer. You can never really tell what you're about to run, the best option is to have an Anti-Trojan/Virus protector.
As for porn surfing; YES! You will definatly contract trojans/dialers/spyware. Guarenteed. Stay away....
#13
Posted 10 June 2004 - 10:56 AM
Stay away from all porn or just some porn?As for porn surfing; YES! You will definatly contract trojans/dialers/spyware. Guarenteed. Stay away....


Yeah, my folks computer got hit with some MSLIB32 trojan.
I still haven't had a chance to stop by and take a look
or even post a log file.
The last time they got hit, I posted a log file and was able fix it for them
(of course with the help of everyone here too!!

Anyway, the reason I asked is because I'm almost sure my younger brother went visiting sites he shouldn't have been to.
It could have been a song too but leaning more towards porn sites.
Rafael ;D
#14
Posted 10 June 2004 - 05:40 PM
most antiviruses have a very poor trojan detection anyways
it is very easy to change the exe icon to a mp3 icon, to make it look like mp3, but the extension will reveal
#15
Posted 10 June 2004 - 09:09 PM
downloading mp3's is pretty safe, trojans /backdoors ALWAYS have an executable extension, even when binded with other files, the resulting file is always an .exe(pif, com etc). like bundle.jpeg.exe..
For the most part yes, HOWEVER, there are exploits to cover the "hidden" extension though its rarly used in songs, it is possible.
a word of warning here: most anti viruses are vulnerable to binded executables, if you want to live dangerously on the net use a good anti trojan to back up your anti virus..
most antiviruses have a very poor trojan detection anyways
Norton and Mcafee yes, the two most over hyped pieces of crap on the market.
NOD32, eTrust, AVG, Panda, Kaspersky - they all have a VERY well constructed database of trojans AND viruses.
#16
Posted 11 June 2004 - 07:08 AM
#17
Posted 11 June 2004 - 09:07 PM
Each one did 80% or better on detection rate.
NOD32/eTrust got perfect. Their heuristics caught all the "unknown" trojans.
#18
Posted 13 June 2004 - 08:42 AM
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#19
Posted 13 June 2004 - 09:44 AM
does this mean that AVG is a good anti-virus program ??downloading mp3's is pretty safe, trojans /backdoors ALWAYS have an executable extension, even when binded with other files, the resulting file is always an .exe(pif, com etc). like bundle.jpeg.exe..
For the most part yes, HOWEVER, there are exploits to cover the "hidden" extension though its rarly used in songs, it is possible.a word of warning here: most anti viruses are vulnerable to binded executables, if you want to live dangerously on the net use a good anti trojan to back up your anti virus..
most antiviruses have a very poor trojan detection anyways
Norton and Mcafee yes, the two most over hyped pieces of crap on the market.
NOD32, eTrust, AVG, Panda, Kaspersky - they all have a VERY well constructed database of trojans AND viruses.
Or have I mis-read and it actually means that AVG puts viruses and trojans ONTO your PC ???
#20
Posted 13 June 2004 - 09:56 AM
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#21
Posted 14 June 2004 - 02:59 AM
or to make it more difficult and real-world like, pack some samples of each trojan with different packers/crypters.. then execute that trojan on your system and check if your av detects and removes it
#22
Posted 08 July 2004 - 04:26 PM
If you are interested in how certain AV software performs in the detection of Trojans, you could take a look at the results of a small test I did. Granted it’s not 4000 trojans, but it’s a start. I should have access to a much larger collection shortly. When I do, I will rerun my tests.
Take a look at the test files that I used in the AV test. None of the extensions have been modified and not all of them are executables. Edit: AV test example no longer valid. The format of my tests have changed.downloading mp3's is pretty safe, trojans /backdoors ALWAYS have an executable extension
Edited by Trilobite, 02 October 2004 - 01:39 PM.
ASAP Member since 2006
"Knowledge does not equal wisdom"
Guide to posting HijackThis logs to this forum
#23
Posted 02 October 2004 - 08:45 AM
One more question..
Where have they learned to make trojans?

#24
Posted 06 October 2004 - 09:19 AM
How can you tell which is which ? like if you pick up a random named trojan, how can you tell if it's a RAT, IRC & etc....
thanks ZERO

#25
Posted 06 October 2004 - 12:31 PM
#26
Posted 23 October 2004 - 08:08 PM
#27
Posted 24 November 2004 - 07:21 AM
what should I do given that I believe I have a trojan file or two on my computer? Norton was only able to quarantine... should I get nod32?
Frankly I think quarantining should be adequate in terms of removal. But if it told you what the virus was it quarantined, go to http://www.sarc.com and search for it. It should have complete removal instructions.
_______________________
Professional Web Design by AuctionHugh's Wife Kathleen
Artistic - Straightforward - EASY for You!
Examples and Pricing at Kallen Web Design
#28
Posted 25 December 2004 - 04:05 AM
Conversely terms like spyware, adware, rootkit, backdoor, keylogger, adware, browserhijacker,dialer etc actually describe what they do.
Worms spread automatically without needing human interaction. In the past it was through the network shares, these days it normally via email.
Viruses, like worms once executed have the capability to replicate by themselves. They however rely on a hosts file which is infected.
Trojans can't replicate themselves, they are disguised programs that trick the user into
running them.
Traditionally, most trojans are/were backdoors, keyloggers and rookits, though these days any combo might exist.
Some combo malware like Nimda are both a worm and a virus , while many combo malware these days also open backdoors but spread like worms.
Understanding all these distinctions are important, but almost as important as understanding what your security software covers and what it does not.
For example it would be a very bad mistake to think Adware or Spybot cover rootkits or most backdoors for example.
#29
Posted 22 November 2005 - 09:22 PM
AntiSpyware: SpywareBlaster,SpywareGuard
AntiTrojan: TrojanHunter
Firewall: ZoneLabs Personal Firewall
AntiVirus: McAfee VirusScan Pro
AntiSpam: MailWasher
Security: Windows Updates
#30
Posted 15 December 2005 - 02:44 AM
Which software or groups of software do you actually recommend?
many stand alone software designed specifically or one whole security suite software
#31
Posted 07 May 2006 - 09:42 AM
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
UNITE
#32
Posted 25 October 2006 - 09:20 AM
Actually, malware is the term used to refer virus,worms and trojan.Computer viruses can replicate like biological virus , but, trojan is a malware that performs a malicious actions but can not replicate.It may arise as a harmless file. When a trojan is executed, you can experience unwanted system performances and loosing of valuable data.just curious what is a trojan and what does it do
Edited by franke1, 25 October 2006 - 09:21 AM.
#33
Posted 26 November 2007 - 09:01 AM
#34
Posted 26 July 2008 - 11:27 AM
A IRC Bot is a backdoor trojan which the main purpose in most cases is DDoSing a person or a website. It will install itself to your computer and connect to an IRC server and channel and site there waiting for commands from the hacker. It can do such things as a normal trojans but it far more sophisticated DDoSing/pinging wise as you have full control over what it will DDoS, when, how many (packet wise), and how long. They are very bad and can result in you committing a serious crime.
this 'makes sense' of the comment I frequently see on threads with back door trojans where the victim is advised to reformat and reinstall windows as the computer can never ever be fully trusted again; I presume because the invader can control the computer to his /her whim and fancy BUT it would appear to come from the owner and not the hacker , thus creating a criminal out of the owner ; I had not viewed the infection in this light before

#35
Posted 05 October 2010 - 11:54 AM
#36
Posted 27 July 2011 - 04:40 AM


EDIT: To disable advertising link...
Edited by Budfred, 27 July 2011 - 05:11 AM.
#37
Posted 27 July 2011 - 05:19 AM
This definition is incorrect and the person posting it is noted to be a possible SPAMmer... The link was disabled to prevent rewarding this kind of SPAM and to protect the casual observer who might click on the link... Viruses are different from trojans which are different from spyware and so on... They have different names because they are different types of attacks... Anyone who wishes to check out guides for programs for protecting against malware can find many safe options through our forum or by checking well known sites through Google...Trojans or spyware or malware are terms used for virus infections of your PC. they are many depending upon the harm they do t0o your computer and its data. and there are many ways by which Trojans enter into your PC like through any external device, internet or other.The thing which is important that virus does a lot of harm to your computer and its data. so it gets important to remove these Trojan plugging as soon as possible with the help of a good anti-virus. you an take the help of spywareremovalguide]spyware removal guide for searching the best suitable anti-virus for your system and problem,and enjoy working on computer
![]()
EDIT: To disable advertising link...
Helpful link: SpywareBlaster...
MS MVP 2006 and ASAP Member since 2004
Please read the Instructions for posting requested logs and the article "So how did I get infected in the first place?"