A trojen means that someone has gotten into your computer?

Jul 24, 2011
273
0
18,780
hi people.

i have heard about trojens, but i am not quite sure about what it means or does.
does anybody know the answer to this?

if you have a trojen, then that means that a hcker has gotten into your computer?
 
Solution
Back in the early 2000, they were a virus which used a hole in windows home-group, but that have been fixed too.

That would require they got into your bios, and windows have pretty much taking care of that.
Jul 24, 2011
273
0
18,780
aldan, hi nice to meet.

thanks for the info.

so then, i assume this would a "yes" then, as the trojen probably sends out remote feelers over the internet as soon as it is installed on your computer, letting the person who planted it that it is there and ready for the next command?

--cAptain KIrk:)
UNknown mYSTeRies

 
You in most cases have to be careless to get something like this on your machine. Almost all the virus protection software will detect as soon as it loads. Then the malware scanner will likely find the rest of the junk that isn't truly a virus. Since you can get free version of all this stuff there is no reason you would not detect the problem really quickly. Fixing it sometime is a hassle which is the key reason not to blindly run stuff you download.
 
Jul 24, 2011
273
0
18,780
bill001g it nice to make your acquaintance ;)

i heard that hckers create "two" ways to get in, one being the main doorway, and the second being the backdoor, just in case:eek:
what i'm trying to figure out is what this second one would be, or take the form of.

but your right, i guess trojens would be pretty obvious, unless it was a new one that was NOT detected by any virus program...

--cAptain KIrk
UNknown mYSTeRies
 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160

First of this is not the truth, many things can cause the anti-virus not to trigger.
Simply encrypting the virus can cause most anti-viruses not triggering.

 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160

Must viruses it mostly they same, if they get detected the hacker would apply a new encryption, which is FUD(fully undetected (from anti-viruses))
 


yes thats the jist of it all right.your not infected are you?

 
Jul 24, 2011
273
0
18,780
vmN glad to meet you,

i didn't know that a simple process could so easily hide an obvious program. though i did suspect that it was possible.
you mean with something like a zip file or something?
encryption, okay, that makes sense. huh, didn't think of that! interesting.

hello aldan,

no virus was detected. for a long time, it just looked like something odd was going on, but i could not find anything solid or concrete.
then it happened. i finally found something, but the standard security programs could not detect it. i have gotten rid of that file just recently and fixed it (of all that that CAN be detected).

however, as you say, a hcker has been in my computer (the virus), therefore there is a "front door" AND a "backdoor". i closed the front door, and so now i'm trying to figure out where OR what is the second doorway. a hcker leaves two openings, one to get in, and one for a backup.

--cAptain KIrk
UNknown mYSTeRies


 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160

Most viruses uses the same "door"/port.
Viruses uses port 80 more and more, so you might haven't shut any door, the virus might just keep a low profile(for now).
Viruses are normally also programmed with a "port opener" it will open a port in windows firewall.

 
Jul 24, 2011
273
0
18,780
vmN, hello, its great to hear from you bro!:)

"Viruses uses port 80 more and more"
did you mean port 80 exactly, or port 80-10,000?

yes, great suggestion. i thought i had conquered the virus/problem the first time with the first security program. after the first virus was destroyed, i thought i was now safe. then, with malwarebytes, i now detected yet a second problem. so, now i have removed it. nothing is no longer detected, just as it was the first time with the FIRST problem that had occurred. however, when i tried to go onto the internet again, thinking that i was NOW safe, something strange happened again.

for days, when i am not online, i NEVER have any errors or problems with my firewall program at all. however, as it is still happening, as it was before, whenever i go "online", i ALWAYS have a problem with my firewall program, as if it might be being temporarily disabled so that something can get through or something. it is strange, and it really does not make any sense at all. before this virus/problem, this has NEVER happened to me before.

i "know" something isn't right here. but no virus, or any problems are detected, even with malwarebytes and five other virus programs!!

sincerly,
what the --

--cAptain KIrk
UNknown mYSTeRies


 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160
Generally HTTP and HTTPS.

Some viruses is build to turn of a firewalls(this only includes the one that run on your computer, a firewall on the router will remain untouched).


If you wanna be completely safe, I would suggest a full reinstall of your system.
 


that certainly wouldnt be my first choice. while im sure there are some viruses that cant be removed any other way i havent met one yet.

 
Jul 24, 2011
273
0
18,780
hey vmN, i appreciate your advice,

"Generally HTTP and HTTPS"
that's all there is, either "secured" or "unsecured"; there is no other choice.

i am going to do a full reinstall of my system.
but i am also trying to figure out how they did it, and what it is doing.
otherwise they can do the exact same thing to me:no:

thx for the info on the firewall, i didn't know that.
that's what i was going to ask you, if they could temporarily disable my firewall so that they could get in.

but you want to know what's really strange? my firewall program NEVER has an error or a problem when offline. and my firewall program ALWAYS has an error or a problem when oNline. tell me this is not odd. and one day there was foreign language writing on the firewall program script, and it is installed in english!

hi, how are you doing aldan?

rootkits are quite nasty, and even "a full reinstall of your system" won't solve the problem.
its better to find out what the problem is, othewise you can do a full reinstall of your system a hundred times and it will never be fixed.
you might as well do a full reinstall of your system into next year for all the good it will do you.

but in general, it usually solves about 90% of everything.
you just haven't run into that yet.
your lucky.

--cAptain KIrk:p
UNknown mYSTeRies

 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160
I think the reason is, when the virus saw internet connection, THEN it would start to turn off/block the firewall.

Well, I have worked alot with infected computers and it have been a long time since I saw a real rootkit.
I think microsoft have done a well job keeping people out from ring0.
 
Jul 24, 2011
273
0
18,780
its nice talking to you bro!:D
vmN, thanks for the reply.

so you think that it might be a rootkit infection, meaning that if i reinstall my system, that it will still be there?
i have run 5 security programs, virus and malware based, and 2 antiroot kit programs so far, but nothing was detected.

so you are suggesting that i attack it with a barrage of antiroot kit programs, one after another, for as many as i got or can find;
and hopefully that will solve it.

*and just a additional note about the firewall incident:
when i go ONLINE and ALWAYS get the error/problem, i recieve an error message.
"script on page has stopped running. continue running this page?"
"yes/no"?
"yes": no matter how many times that you click "yes", the same box and the same message keeps reappearing.
"no": each time you click "no", the same box and the same message keeps reappearing. then after clicking "no" for the third time in a row, then the error message will finally end:??:

USS Enterprise
in Deep Space 9


 

vmN

Honorable
Oct 27, 2013
1,666
0
12,160
I dont think it's a rootkit, as those are pretty much dead...
I haven't heard of a "anti-rootkit" as that require them to access ring0(So they are basically a "good" rootkit").
Might be because of your anti-virus, they can sometimes deny webpages to run certain script.
You might got a buggy anti-virus, lol.
I would recommend the following:
1: Reinstall your browser.
2: Reinstall the anti-virus.
3: Reinstall microsoft c++, c# vb and such redistributable package.
4: Reinstall drivers.
5: Reinstall your system.
 
Jul 24, 2011
273
0
18,780
alright, hey bro vmN, good to hear from you ;)

it my firewall program never had that error until exactly at the same time as the malware appeared. it actually wasn't a trojen, unless it is one that i haven't detected yet with one of my 5 security programs. i knew that when i saw the malware problem that there would be a "second" way for a hcker to get in, as i've heard, which they use, both a front door AND a backdoor, just in case, so that if you "patch" up the front door, they can still access your computer with the backdoor:heink:

since the detected problem, which has been removed, no problems have been detected. and that's why it is strange that my firewall program is still having the errors, just like when the malware was still active.

in fact, it actually took two security programs to remove two parts of the malware, one part not being detected by the first security program.

my firewall program has NEVER had an error or bug until the problem, and was running just fine before this incident.
i can go to any web site with my firewall, and it is not any specific site where the error occurs, it happens at random.

so you say that i should do steps 1-5 in the exact order?

USS Enterprise
in Deep Space 9
 
Jul 24, 2011
273
0
18,780
hi vmN, its great to hear from you:D

are you doing these questions for points/awards/medals or for knowledge?
if your doing it for points then i'll give you the points for best answer and then you can join me on the next question.
or, if you are doing it for knowledge, then i have two more questions about this specific subject.

but if you are doing it for points and i end the thread, will you join me on the next question?
i'm not doing it for points -- i am doing it for knowledge.

USS Enterprise
in Deep Space 9


 
Jul 24, 2011
273
0
18,780
vmN, THANK YOU! I AM HUMBLED BY THE GOODNESS OF YOUR HEART!! I AM HONORED THAT YOU ARE TALKING TO ME!!!:ange:
i just want to say that i appreciate all that you have done for me bro! i like you. your cool:D

"ehm not really, generally it will only use one port, and it might have some features like firewall-opener or such."
i'm glad that you brought this up, because this is one of things that i wanted to ask you.
i was reading my firewall logs and found that the suspect file had been blocked by my firewall 427 times in a 2 minute period -- 422 times more than any other program -- as if someone/program were probing my firewall for vulnerabilities, looking for an open port. i heard that once a hcker finds an open port, then they are in -- is this true?

USS Enterprise
in Deep Space 9