Kizzi Posted June 23, 2005 Report Share Posted June 23, 2005 I was on a forum (C++ Learning Community) and my system detected a Trojan trying to get on to my system. This is the first attack my computer has reported. I'm wondering if the forum is a safe place to hang out? I would like to go back to the forum if safe. Help Kizzi Quote Link to comment Share on other sites More sharing options...
jasonchild Posted June 23, 2005 Report Share Posted June 23, 2005 I was on a forum (C++ Learning Community) and my system detected a Trojan trying to get on to my system. This is the first attack my computer has reported. I'm wondering if the forum is a safe place to hang out? I would like to go back to the forum if safe. Help Kizzi I take it you have a firewall of some sort (personal, software based from the sound of it). I wouldnt give it too much worry, as it seems the firewall noticed it. Just use common sense and run your ant-virus/spyware/adware apps regularly. I used to work for an ISP not too long ago and the spike in spyware/adware over the past two years has been huge. I used to laugh at people with spyware and tell them to stop browsing porn...but these days it can come from a number of places. Quote Link to comment Share on other sites More sharing options...
Kizzi Posted June 23, 2005 Author Report Share Posted June 23, 2005 I did also download an animated avatar also, of a spinning triangle! Maybe this is what caused Norton's Message about finding a trojan. I just followed what Norton's said to do in a panic, not really reading the screen properly. Afterwards I deleted the spinning triangle.Then I ran a virus scan. I got the all clear. So hopefully my system is OK. But I would like to go back to that C++ learning forum. Help :hihi: Kizzi Quote Link to comment Share on other sites More sharing options...
UncleAl Posted June 24, 2005 Report Share Posted June 24, 2005 1) Kaspersky-Pro against malware. Only a fool installs McAfee or Norton and watches his system ooze to a halt. Kaskpersky beasts them both bloody in third party virus challenges. 2)ZoneAlarm-Pro for firewall. A hardware router is good for external threats, but it won't crush IE at the source. Set it for maximum tolerable exclusions. 3) Ad-Aware SE Plus. Because the world is a crappy place. Dump your caches and dump your cookies every 15 days, then full scan scan for malware and hooks. You won't like what you see from Microcrap in your box, but there is no stopping it short of Linux or Apple. Quote Link to comment Share on other sites More sharing options...
jasonchild Posted June 24, 2005 Report Share Posted June 24, 2005 Adaware Spybot S&D A Squared (antitrojan app that catches more than many spendy apps) All of those are free (so far) and I have used them on my personal machines and on the machines of my former clients. When I was at the ISP close to 60% of my time was dedicated to some form of spam or spyware issue. Think of the internet like a gal you met at a club; would you really dip your wick without protection? Hopefully not. But, if you are protected and smart about your actions the risk factor is much lower. In otherwords, go to the site after you have put security measures into place. Damn, the net didnt used to be so bad...but those where the days of Gopher and BBS; when windows/dos virus was spread in the bootsector of a floppy disk and only servers where hit (ah, the wonderful unix worm...) Quote Link to comment Share on other sites More sharing options...
Tormod Posted June 24, 2005 Report Share Posted June 24, 2005 1) Kaspersky-Pro against malware. Only a fool installs McAfee or Norton and watches his system ooze to a halt. Kaskpersky beasts them both bloody in third party virus challenges. 2)ZoneAlarm-Pro for firewall. A hardware router is good for external threats, but it won't crush IE at the source. Set it for maximum tolerable exclusions. 3) Ad-Aware SE Plus. Because the world is a crappy place. Good suggestions, Al. I use ZoneAlarm Antivirus in place of the Kaspersky, though. By the the way - the original poster said a trojan started to "try to get out" as he visited a forum. I have never heard about a trojan that can be triggered by a webpage. Can anyone enlighten me on this? Anyway, forums are as safe as any other webpage - use a decent browser (for example Mozilla Firefox) and never download software from popup windows, for example weather toolbars etc. Quote Link to comment Share on other sites More sharing options...
jasonchild Posted June 24, 2005 Report Share Posted June 24, 2005 Good suggestions, Al. I use ZoneAlarm Antivirus in place of the Kaspersky, though. By the the way - the original poster said a trojan started to "try to get out" as he visited a forum. I have never heard about a trojan that can be triggered by a webpage. Can anyone enlighten me on this? Anyway, forums are as safe as any other webpage - use a decent browser (for example Mozilla Firefox) and never download software from popup windows, for example weather toolbars etc. Poor security measures on the part of the browser; unsigned, questionable activex applets will do it. Talented programmers can break the JAVA sandbox (or they could, last time I dipped into programming) and do the same. Quote Link to comment Share on other sites More sharing options...
alexander Posted June 25, 2005 Report Share Posted June 25, 2005 Firefox, iptables, no antivirus, stage 1 Gentoo :hihi:Firefox, ipfw, no antivirus, OSX Tiger :sad:Links, pf, no antivirus, OpenBSD ...no Windows! Quote Link to comment Share on other sites More sharing options...
alexander Posted June 25, 2005 Report Share Posted June 25, 2005 Oh almost forgot, Trojan just happened to hit you during your browsing of that website, you need to understand how viruses work in order to see that there is no connection between the 2 events, so: Viruses spread by using volnurabilities on the system, now, some spread via email, using the biggest volnurability, and that woud be people, but others, and those would include more tallented viruses (although so many now days are just remakes of the tallented viruses and are made by newbie script kiddies) spread by using volnurabilities of the system/program. Basically what viruses do is they get onto a computer (the first computer) usually via a storage media and the virus writer, then that trojan starts scanning a range of IPs basically takes an IP and tries to use the programmed in volnurability on it, if it does not work, it will scan the next IP, if it works, it will use the volnurability to send a copy of itself to that machine, and continue scanning, meanwhile the second machine starts scanning too, and thats how a trojan can spread itself over vast amounts of computers in mere hours. Viruses usually dont start doing anything until they spread themselves to at least a few computers, ot they are time or even event driven. Anyways, antivirus programs constantly scan packets that come into your PC on certain ports, waiting for the right sequence of packets which would signify a virus trying to scan the box, the sequences are in a database and if one is triggered a warning is given. (well, this would be an antivirus, firewall and what not acting together, so something like NAV Pro (but i still recommend AVG personal, its free, and seems to be very good...)Anyways, I could go into a lot more details providing examples of exploit code and going over more possibilities, but i wont for your sake, and sake of time. anyways, hopefully this shows you why simple browsing of a decently large forum could not have triggered a virus warning, not to say that websites cant transmit viruses, just not C++ forums, so dont worry about it, update your antivirus databases every day to keep the geek squad away and hundreds of dollars in your pocket lol :hihi: Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.