PDA

View Full Version : Where Do Viruses and Trojans Really Hide?



SurferJoe46
30-01-2006, 02:53 PM
I got to wondering again, as I have all this time to do just that...and it dawns on me that I only ever hear that viruses and malware goes straight to the OPSYS, and that I haven't heard anyone say that they specifically go to anywhere else.

What's the consensus? There are a lot of repair-types here, and those with anecdotal evidence of things that happened to them...but what's the stuff in the middle?

Is a virus likely to invade some jpegs or an avi file that you have on a second or third HDD?

I know there are BIOS harming viruses, and that's a given, but are other files and areas pretty much exempt of such bad things?

Speedy Gonzales
30-01-2006, 03:42 PM
Well, it depends what the trojan / virus / worm is.

And what it does, when you get it, and what it runs / executes on startup.

Different trojans/worms/viruses do different things, when they run on startup.

BUT most install commands in the registry, and run on bootup, and execute a file / or files, so it actually does something. ie: To hack you, one way or the other, or to record keystrokes for passwords etc.

A worm would most probably do more damage than a trojan, as most worms are network-aware. And if you're on a network / LAN, and share folders etc, it's a high possibility, the folder/s, and file/s will be affected.

gibler
30-01-2006, 03:59 PM
Most seem to only plant themselves in the System folders such as Windows because the virus writers try not to draw attention to the fact that the CP has been infected. And if you make files in other areas a lot more people may notice (i.e. most users won't venture into the Windows folder).

There isn't too much point in infecting non-executable files such as jpg or avi files, unless you want to try and exploit flaws in the software that reads them.

In older times, I remeber that some viruses used to create many copies with different names and plant them all over the place. Presumably, they were hoping that a user would run the file and so re-infect themselves again but most people are a little more savvy then that these days.

DangerousDave
31-01-2006, 01:15 AM
but most people are a little more savvy then that these days.

I think thats an understatement...