IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [trojan]

In computing, Trojan horse, or Trojan, is any malicious computer program which is used to hack into a computer by misleading users of its true intent.

141 questions
0
votes
1 answer

Retrieve a deleted trojan by Kaspersky for analysis (on windows 7)?

After installation of Kaspersky on a windows machine, several trojan viruses where discovered and deleted. Now, I'm looking for a way to retreive those trojans deleted by kasperky. (to export them to a VM for further analysis)
Ernest Dujo
  • 31
  • 2
0
votes
1 answer

Can programs replicate hidden versions of themselves?

I'm currently studying malware techniques of replication to gather information for coding an antivirus. Could a malware (if run) create a duplicate of itself in the startup directory with the hidden file attribute therefor making it harder to detect…
AntiVirusBRB
  • 3
  • 1
0
votes
3 answers

My Laptop has outgoing UDP packets on high numbered ports several times a second

I originally noticed this on my router firewall, so I installed Zone Alarm in order to look more closely, and now I can see it in the ZA logs. I have run virus scans from Kaspersky, Trend Micro, & Windows Defender, and the scans all come up clean. I…
Kera Katera
  • 29
  • 2
0
votes
1 answer

What forms does trojans take?

I'll try and pose this question as simply as possible. I would like to know which forms a trojan can take. Does it need to be an .exe file? Can it be a hidden file attached to an .mp3 file for example, and when that .mp3 file is launched, it also…
DrDoom
  • 445
  • 1
  • 5
  • 12
0
votes
2 answers

How to deal with encryption virus?

We are just struck by encryption virus. I don't know which is it, but it encrypted files with extention which finishes with doctor@freelinuxmail.org. How to find out which PC is infected? We did not still receive ramsom message - so this mean that…
Bogdan Bogdanov
  • 119
  • 4
0
votes
2 answers

Is there a full-disk-encryption OR file-encryption solution where a trojan can NOT extract the secret key (e.g. from RAM)?

Is there a full-disk-encryption OR single-file-encryption solution like an operating system or a combination of devices or services ... that make sure that the master-decryption-key can NOT be extracted or stolen by a trojan horse. So basically a…
user3200534
  • 851
  • 8
  • 19
0
votes
1 answer

WordPress site is infected with malware, cannot find dropper

I am in a bit of an annoying situation. I inherited responsibilities of a WordPress multisite once managed from from other contractors and that site has been infected with virus dropping malware. I am however, in a black box. The site is hosted by…
rugbert
  • 109
  • 1
0
votes
0 answers

How to prevent future attacks from Trojan.Agent.Linux.A?

One of our servers was just infected by Trojan.Agent.Linux.A (see https://www.virustotal.com/en/file/ca22002822b27562971b1b12bfd61f2f670554ebdb0907270fda4a65f7fd2eed/analysis/1448647113/). I am planning to re-image a new server, this time using…
David Levine
  • 1
  • 1
-1
votes
1 answer

OS X terminal starts from other device (got rooted?)

I've recently noticed that my terminal starts with something like "android... " even though I don't have any android device. Furthermore I noticed that my macbook only starts with "android..." when it's connected to the internet. If I turn my…
dichotomies
  • 1
-1
votes
1 answer

System Infected: Trojan.Naid Activity

We have Tomcat 6 in the production server with Symantec Endpoint Protection on windows server 2008 server datacenter. Symantec showing following lines in logs [SID: 27068] System Infected: Trojan.Naid Activity 2 attack blocked. Traffic has been…
Pawan Patil
  • 387
  • 3
  • 11
-1
votes
1 answer

Can hardware be infected with remote administration malware?

can a READ-ONLY dvd/cd player have firmware in it get infected with a RAT? I read 2 different opinions here, a yes and a no. It is in relation to if a RAT gets onto computer via ip address or opening email infected, and then whether it can infect…
johnq4
-2
votes
1 answer

Getting a M2IzYzlm.exe in task manager

Getting a M2IzYzlm.exe in task manager, It pops up after a certain interval of time and switches off my wifi, when I right clicked and tried to locate it, it shows a folder with a weird name inside the Program Files. Scanned the laptop with Rogue…
D_batmaniac
  • 1
  • 2
-2
votes
1 answer

What exactly is the meaning of 'trojan' and 'rootkit'?

I know both are a type of malware, trojans 'disguise them self as a useful program' and rootkits 'embed them self in the system to avoid detection'. Technically how do they accomplish such things? I'm confused because all viruses avoid detection in…
northerner
  • 273
  • 1
  • 9
-2
votes
1 answer

Why arent all hackers traced ? ( network based attackers or malware which communicate with CNC servers)

When hackers use tor or irc or proxies to attack or use CNC servers behind these to evade. Why can't they be traced? For example, something like wanna cry or any other known malware, when something is happening which is affecting globally then why…
Bruteforce
  • 33
  • 8
-2
votes
1 answer

Can i make a http payload?

Hello stack exchange community, I was wondering if i can generate a payload that connects using http . Because it will be faster and it will avoid all the problems of port forwarding and explloiting. Can i generate such payloads using metasploit?
MR.Trojan
  • 3
  • 1
1 2 3
9
10