Solved Question about trojan

[baxxter]

If I opened a program and the AV says it contain a trojan ,will be able to delete the trojan later (after opening the program) ?

 

[StalkeR]

What antivirus you're using ? Select there to delete that file. If it can,the object(trojan) will be deleted.

 

[Arc]

Do you have the program installed already ? If not, better you dont install it . If it is not installed yet, scan the installer/program folder with Malwarebites' Anti Malware .

But if you have already installed it, have a full system scan using both your installed antivirus program and Malwarebites' Anti Malware .

 

[baxxter]

What antivirus you're using ? Select there to delete that file. If it can,the object(trojan) will be deleted.

I think you didnt understand me ,I want to run that program (maybe it contains a trojan) but i want to run it ,so If I scaned the pc later will the risk deleted ?

 

[TheReaper]

If the object really contains a trojan of a particular nasty variety, it's not always possible to remove it and in a worst case scenario, you'd have to do system restore or worse, a clean reinstall.

 

[StalkeR]

I think you didnt understand me ,I want to run that program (maybe it contains a trojan) but i want to run it ,so If I scaned the pc later will the risk deleted ?

Personally,I wont do that. You can't be sure that the object will be deleted after starting the program. Also it can infect and other files(depending from the virus)

 

[Arc]

I think you didnt understand me ,I want to run that program (maybe it contains a trojan) but i want to run it ,so If I scaned the pc later will the risk deleted ?

Personally,I wont do that. You can't be sure that the object will be deleted after starting the program. Also it can infect and other files(depending from the virus)

+1 ! Moreover, it might corrupt your BIOS, too !

 

[baxxter]

I tried it before and i have no problem ,but I reinstall the windows becasue I scared if some one could hack me

 

[seth500]

One bummer that I have noticed is that reputable software vendors are placing trojans in their software for the fact of tracking what has happened to them and who has downloaded them in case of being hacked themselves. I know of one who does it all the time, you really have to be choosy about where the software comes from, I don't download anything that doesn't come from the software vendors site itself and I definitely don't like being redirected which is shady to say the least. These days are a very sinister world we live in you have be careful.

 

[baxxter]

I mean if i opend a trojan file ,could the AV detect it after run or not ?

 

[Golden]

Hi,

You are taking a risk : depending on the type of trojan, if could carry and inject more malicious payload into your system, once you open the file. Depending on your AV, it may well detect and remove the original trojan, but not neccessarily the later injected payload (which could be worse than the original trojan).

If it was my decision, I wouldn't take the risk.

Regards,
Golden

 

[DragonMasterJay]

@baxxter

If the AV says it contains a trojan, depending on the AV will depend on whether the program is blocked or not. Not always will it block the program immediately.

However, some AVs will indeed quarantine the file/program immediately, some will prompt you to remove it.

Sometimes, when you are prompted to remove it during its current program run, it will kill the process/program and delete the malicious part of it.

Usually it is best to run the program in a sandbox, so it does not damage your computer. Sandboxie is a good choice to use.

Usually an AV will detect the trojan, but it will be in the sandbox...then that will tell you if it is bad or good. In this case, you can decide whether it should be run normally on your computer.

The chances of a trojan corrupting the BIOS or even damaging your computer beyond control is actually very rare.

To sum it up...The AV will be able to detect it during run. Usually, it will also make sure it does not damage your computer as well, by blocking its additional actions.

 

[StalkeR]

I mean if i opend a trojan file ,could the AV detect it after run or not ?

Some AV's can found it,but some no.
If you really want to install the program,then do that on your risk !

 

[Arc]

@baxxter



Usually it is best to run the program in a sandbox, so it does not damage your computer. Sandboxie is a good choice to use.

Yes ... avast does it for me

 

[DragonMasterJay]

There are many known good antivirus programs that have sandboxing powers.

If I recommend any, I would the following:

Kaspersky's Internet Security solutions are very powerful and will definitely protect your computer, being well worth the buy. It has its feature, "Safe Run" that will allow you to sandbox any program.

Also, Avast's products are good solutions to use. Avast's sandboxing powers are included in Avast! Pro, and Avast! Internet Security.

For free sandboxing abilities, Sandboxie is well worth using.

 

[Athene]

What antivirus you're using ? Select there to delete that file. If it can,the object(trojan) will be deleted.

I think you didnt understand me ,I want to run that program (maybe it contains a trojan) but i want to run it ,so If I scaned the pc later will the risk deleted ?

The very fact that you're having doubts about running the program because it might contain a trojan and are asking about it over here should be enough to prevent you from running the program at all in the first place. In other words: if you are unsure about a program, it is strongly recommended that you do not run it. In the end, it's your decision and your responsibility

 

[Borg 386]

If you want to check it, submit it to VirusTotal & see what they say about it.

VirusTotal - Free Online Virus, Malware and URL Scanner

If you're set on running this file, Sandboxing it is a good suggestion.

When your AV flags something as potentially dangerous, giving it the go ahead will generally allow it to install it's files, including malicious ones (provided it asked and didn't automatically delete it). The next time it boots, it may/may not flag them as dangerous since you put those files on the OK list.

It might be wise to heed everyone's warnings here. Yes, there are recovery methods, but most malicious viruses will disable those corridors and you may find yourself faced with a full re-install. Not to mention the fact that most viruses have a nasty way of rebuilding themselves and causing problems down the road if there's a fragment of them left somewhere, the result from a deep infection.

 

[baxxter]

If I said its sure that the program has a trojan !Can the owner of the trojan remote my pc later(maybe by Ports) ?Or the AV (wich found it before) can make me safe by deleting it

 

[Arc]

If I said its sure that the program has a trojan !Can the owner of the trojan remote my pc later(maybe by Ports) ?Or the AV (wich found it before) can make me safe by deleting it

No, the supplier of the Trojan will not be able to maneuver your PC remotely, coz torjans are not spy programs .

Still, you should follow the instructions that DragonMasterJay supplied .... open the program in sandbox.

It cannot be said with certainty that the AV will make you out of all the risks after running the program.

 

[DragonMasterJay]

If you want to check it, submit it to VirusTotal & see what they say about it.

VirusTotal - Free Online Virus, Malware and URL Scanner

If you're set on running this file, Sandboxing it is a good suggestion.

When your AV flags something as potentially dangerous, giving it the go ahead will generally allow it to install it's files, including malicious ones (provided it asked and didn't automatically delete it). The next time it boots, it may/may not flag them as dangerous since you put those files on the OK list.

It might be wise to heed everyone's warnings here. Yes, there are recovery methods, but most malicious viruses will disable those corridors and you may find yourself faced with a full re-install. Not to mention the fact that most viruses have a nasty way of rebuilding themselves and causing problems down the road if there's a fragment of them left somewhere, the result from a deep infection.

Only problem is here...the file size will be too large for upload. VirusTotal has upload limits.

If the program is running in the sandbox...the bot controller would not be able to control your PC, because the sandbox will prevent it from doing so.