Trojan

In computing terms, a Trojan is not a specific virus, so their action, and symptoms, can not be defined.

A trojan, in this context, is any piece of software that is designed to trick the user into running it. Typically it will be disguised as something that might be of use to the user.

For example, you might see a file available for download which puports to be a useful utility, a free game, or similar. You download and run it, and it does its worst.

There is no hard and fast rule for stopping them, but there are a few things that can make it difficult for them.

First up, only run software from a reputable source. Certain data files can carry them too, so we need to be careful there too.

It is a good idea to have a seperate 'user' account and an 'administrator' account on your machine. The 'user' account would be configured with limited rights, so that anything that wants to make system wide changes can't do so without you specifically logging in as administrator.

The last line of defence should be your antivirus software, as AV software is flawed (through no fault of its developers) in that it can't spot viruses that are new enough to not be defined in the signature database, and are limited with Trojans because they don't need clever (and easy to spot) code to transmit themselves, as they rely on conning the user to do it voluntarily.

I wish I could say "all you need to do is...", but with Trojans, it is a bit tricky and the best defence is just to be extra vigilant, and careful where you get data/programs from.

 

I have just got my comp back after a repair, it was going very slow,I had it taken back to factory settings,I have had McAffee ,A.V.G., Spybot, Windows One Care, C.C.Cleaner, Norton,at different times and still got infected, they had put Avast on when it came back,
What is the best spy/virus protection

 

Unfortunately, none are 100% infallible.

Consider this scenario: Someone writes a new virus today, and releases it tonight. It is brand new, so none of the antivirus folks have seen it yet, nor do they even know about it.

In fact nobody knows about it yet, apart from the nasty little toe rag that did it. By tomorrow evening, the first few machines have been infected. Those machines start to exhibit virus like symptoms. Perhaps the machine is going very slow, or some files have gone missing or been corrupted. The users run a virus scan as part of their diagnostic effort, but because the virus is new itâ??s signature is not in the AV database. The AV software therefore canâ??t identify it, and so it reports that the machine is clean. In the meantime, the virus is still spreading.

Sooner or later, either some clever individual finds it and sends a report to their AV software vendor. One of many. That vendor will analyse the file and make a report. They will then work quickly to get the signature into their AV database, and publish an update to all their subscribers. The other vendors learn about it and follow suit.

By now several days (or weeks) have passed, and many thousands of machines are infected.

When you buy AV software, you are not buying complete protection (as the vendors sometimes imply), you are just buying protection from viruses that the vendor knows about.

Think of it like this: In the real (natural) world, new viruses occasionally come to light. The recent pig flu is an example. Doctors can immunise against many known viruses but when a new one comes along, lots of people get infected while the scientists study the virus and try to develop a vaccine. It is the same (but thankfully simpler) with computer viruses. You can only immunise your machine against viruses that the AV software vendors have seen and had time to look at.

This is why the best defence is vigilance. Don't open attachments unless you were expecting them, don't get software from unreputable sources, don't be lured in by random pop-ups etc. The AV software should be used as a rather poorly secured safety net.

 

Thank you Clueless, I totally understand that, the best explanation ,
my eyes have usually glazed over as its all goes over my head :lollol:

 

I am glad I stopped using Microsoft's products, I've had no problems like this for the last couple of years. MS systems seem particularly vulnerable.

 

I use Ubuntu at home, and never had any bother with it since I switched in 2006.

MS is particularly vulnerable for two reasons. Firstly because they have the biggest market share and are therefore the biggest target. Secondly because their operating system has not really changed (ok its been dressed up) since the days before the internet went public, when even many businesses had at best a small, totally isolated internal network. Security was rarely an issue back then, and if a company felt it was, third party products like Novell Netware handled it.

The flexibility of Windows which made it so popular is also its achiles heal. It is too easy to modify system files. I suspect MS made it deliberately easy to keep their system easy to use for everyone, but it didn't take long for people to start exploiting that.

Ubuntu and other Linux variants take an entirely different approach. Based on Unix, a pre-Windows system that was adopted by many organisations that needed real computing power and security (the MOD used to use Unix, I don't know if they still do), Linux has security at its core. Every aspect of the system is governed by default by a set of rights and privileges, and most areas of the system are off limits to those logged in as an ordinary user. System changes can't be made by anyone or anything without someone knowing the administrator (or 'root') login details.

Of course all that security of Linux doesn't help with Trojans. The idea of a Trojan is to trick the user into running it. If a user grants it the right to make changes, thinking it is something genuine, then it will just go ahead and do it, regardless of your system security.

 

Here's a lesser known piece of trivia about the MoD's system. It is ok for me to tell it because the issue was found and resolved many years ago

Many years ago, the MoD had a new system commissioned just for them. Unix was in its infancy back then (so we're going back a long time). The new system was deployed, and everything was great for about a year. Then one day someone mistyped their password, like we all sometimes do, and realised that they'd done so more or less immediately. The system let them in anyway. They told their supervisior, and several more people were asked to try. Everyone was allowed in regardless of what the put as their password, as long as they put something.

The vendor was told and a fix was quickly released. The vendor boasted about the new password encyption strategy, foolishly revealing what algorithm was used to decrypt the passwords. The encryption was strong for the day, but feeble by today's standards. A clever chap tried a few experiments and found that if he typed any text as his password, as long as he put exactly 256 characters, and then followed that by the same 256 characters encrypted using the carelessly revealed algorithm, then his password was accepted regardless of what he put. This weakness was also promptly reported and fixed, but for a short time the MoD's computer system was completely wide open to the casual hacker.

Reassuringly, cyptography has come on in leaps and bounds since then, and is now pretty solid.

 

Hi.
I want to know that is it possible that virus can enter to the system from CD? I know that it is possible with pen-drives. But I do not know for CDs. I think that whatever you put on CD become freeze and in pen-drive they remain volatile or unstable. So whenever you connect pen-drive to PC those unstable data enter in your system. I think this is not the case with CDs.

 

A virus is just data like anything else, so they can be transmitted on a CD if the machine that wrote the CD is infected. If they are CD-R (Can be written to once and once only) then once written, nothing else is going to get on that CD. If the are CD-RW (rewritable) then in theory just putting the CD in an infected machine is risky.

 

How to save e mail contacts?

I do it this way when I need to transfer contacts to another package.

From your email package.
File > Export > windows contacts.
Follow the prompts and save onto a memory stick.

Connect stick to new package and.
File > Import > windows contacts.

Bingo.. you now have a saved listing on the stick and your new package is fully updated.
Carry our regular updates to your stick to save the hassle of all those lost contacts.
Good luck
robert
robert

 

I suppose it is a trojan that I have come across.
It pretends to be a Windows message and tells you that your computer is infected. It tells you that you must download an update to clear it. If you try to close the window it keeps nagging you, another window pops up that seems to be the My Computer folder for your computer. They all have the Windows logos and are intended to get the target to panic and click the button and override Windows defence. However the My Computer folder is actually a web page. I should imagine it catches out quite a few casual users. I don't know what it does once it gets in, but I have warned my wife about it.

 

I suspect that he knew the root password, so was able to put a layer over your original one.

I once witnessed a trick played on a network, one colleague typed some code into his system. Another colleague in another room suddenly lost control of his system, the screen dissolved and a message appeared. It suddenly dawned on him what had happened (they were both highly skilled in computer coding). It was probably the beginning of the remote control which is now widely used.

Your comment on starting a Unix thread is perhaps a little out of date. The modern development of Unix is Linux, in dozens of variations, named after Linus Torvalds of Finland (Suomi). I have been using one variation (Ubuntu) for several years now, very effectively. I only use Windows XP now for some equipment which is not compatible with Linux, like Canon printers and all makes of combined flatbed/film scanners. For some reason Canon seem to be happy to limit their sales whilst HP not only supply drivers for their printers, but we have HP drivers for most of the printers they have ever made, and the drivers are still available. Unlike MS, Linux does not make a practice of requiring new drivers for new versions.

I recently decided to upgrade my system to the latest version (instead of doing a complete install). I started it off before going to bed and in the morning it was waiting for an answer, that provided, it then re-booted into the new version.

For anyone interested in Ubuntu there is a specialist magazine http://fullcirclemagazine.org available as a free PDF download, all issues (30 at present ) are available.