How Trojans/Malware actually work

Discussion in 'Malware Help (A Specialist Will Reply)' started by hurlesque, Apr 20, 2007.

  1. hurlesque

    hurlesque Private E-2

    Hey, sorry if this is in the wrong subforum/place, I'm new :eek:

    What I want to know is, how exactly do trojans work? I vaguely know about the server and the client setup, but I'd like to know a bit more detail, if possible.

    When you execute the .exe containing the trojan, it "infects" the computer. With a typical trojan, what exactly happens during this infection? Where are files written to/stored etc?

    When you execute the infected .exe, can it then go on to infect other .exe's on your computer, almost like a patching operation? Or does it only affect system files. In my case, I have the C: for the OS, and a separate HDD, D: for data, which includes some .exe's. I wouldn't want to clean the C: and then find that the trojan had patched another .exe on the D:, which when executed repeats the entire infection process!

    What exactly does my Zonealarm Free firewall do? If I had been infected by a trojan (one that was not being picked up by scanners) and it tried to connect to it's client, what would zonealarm do? "A certain dll is trying to access the internet"?

    And a last little question on heuristic virus scanning, how does that work? If someone writes their own trojan, and it is not included in virus scanner definitions because it's so new, are there specific bits of code that trigger the "it's a virus!" alarms?

    Sorry if all this has been answered in another post, and sorry for quite a demanding first post :p

    Thanks!
     
    hurlesque, Apr 20, 2007
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Actually we are way to busy in this forum removing malware and problems created by malware to get into a dicussion about trojans. And there is no real proper answer for this anymore anyway since malware has evolved dramatically and a virus does more then what it used to do and so do trojans. With a little searching a Google or another search site, you can get plenty of info to read and keep you busy. But as I was implying not all of this information is truly clear cut anymore. The fine line between what's a trojan and what's a virus is not truly like it used to be. A trojan may even download other trojan or viruses. This is another good reason why the term malware is better these days.

    Here are a few links for you:

    http://www.google.com/search?hl=en&q=How+Trojans+work

    http://www.google.com/search?hl=en&q=How+viruses+work

    What is the difference between viruses, worms, and Trojans?

    http://en.wikipedia.org/wiki/Firewall_(networking

    http://www.howstuffworks.com/firewall.htm

    Internet Firewalls:Frequently Asked Questions

    Heuristic Anti-Virus Technology

    Heuristic Techniques in AV Solutions: An Overview
     
    chaslang, Apr 21, 2007
    #2

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds