Re: Trojans.... Is there a way???
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Sat, 23 Sep 2006 12:15:43 -0400
From: "HeyBub" <heybub@xxxxxxxxx>
|
| "Trojans" usually operate in stealth mode -- they don't want to announce
| their presence. You probably have some sort of adware or spyware. These are
| usually not the province of virus detectors or virus removers.
|
| True, there is a great deal of overlap between various kinds of malicious
| software ("malware"), but, in general:
|
| Virus = Causes local destruction
| Trojan = Usually does NOT cause local destruction (i.e., used to send
| somebody else's spam)
| Adware = Bombards you with advertising
| Spyware = Watches what you do and calls home with the info
| (Worm = Relates to method of propagation, not the results)
|
| Use Adaware or Spyware Blaster and other malware detector/remover.
|
Close, but not really...
Virus -- software that self replicates and often has a payload that may be destructive.
Viruses that spread via network protocols are worms. They thus replicate by infecting other
computers by using network protocols such as; NetBIOS over IP, SMTP, NNTP, SMB, RPC, etc.
An example of a destructive virus payload would be the CIH (aka; Chernobyl). When this
virus infects a goven computer it has a payload date. On the payload dat it may destroy
data on the hard diak and if the BIOS of the infected computer is Flash BIOS and is NOT
write-potected, the payload will erase or corrupt the BIOS and thus leave the computer
incapable of booting. Examples of a non-destructive viruses would be the Boot Sector
Infectors "NYB" and "Form". Once a computer or media is infected, it will spread to other
media. For example, read an infected floppy on a non-infected computer and the computer's
hard disk will now be infected.
{ Note: The "Form" and "NYB" rely on FAT and NOT NTFS and therefore do not spead on NT
based system using NTFS partition schemes. }
Trojan -- software that does NOT self replicate but usually has a payload that may be
destructive but usually is NON destructive and designed to perform the payload function of
intent by the author. Sometimes they are written poorly and thuis crash the computer and
may be considered destructtive. An example would be some Backdoor.Haxdoor variants that mat
result in a BSoD. The BSoD condition was not the authors intent but it may be the
consequence. A destructive payload may be hard disk data removal and/or data file removal
or corruption. A non-destructive payload example would be a Trojan dialer. Its objective
is to use you PC modem to dial off-shore or 900 numbers to bring in revenue. Another woould
be a Trojan Proxy. Here a third party will use and control your PC which acts as a Proxy
agent. The intended victim of the malicious activity does not see the orginator, the victim
instead sees the Proxy infected user.
Interestingly, many Trojan cans and will be infected with a virus. For exmaple, I have sen
mIRC
backdoor Trojans infected with the Parite virus.
Basically all are under the the name of "malware". Malware is broken down into to
sub-types, viruses and non-viral malware. The non-viral malware class has become a growing
problem nad now infects more computers. Trojans are considered non-viral malware but you
will find the word Trojan used as if it was a virus. There are many forms of non-viral
malware that exist. Some examples...
adware
spyware
proxy agents
spam bots
browser helper objects
browser hijackers
DDoS agents
downloaders
droppers
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
.
- Follow-Ups:
- Re: Trojans.... Is there a way???
- From: HeyBub
- Re: Trojans.... Is there a way???
- References:
- Re: Trojans.... Is there a way???
- From: HeyBub
- Re: Trojans.... Is there a way???
- Prev by Date: Re: Installing for all users
- Next by Date: Re: taskmanager programs
- Previous by thread: Re: Trojans.... Is there a way???
- Next by thread: Re: Trojans.... Is there a way???
- Index(es):
Relevant Pages
|
