Re: Trojans.... Is there a way???
- From: "HeyBub" <heybub@xxxxxxxxx>
- Date: Sat, 23 Sep 2006 19:34:14 -0500
David H. Lipman wrote:
From: "HeyBub" <heybub@xxxxxxxxx>
"Trojans" usually operate in stealth mode -- they don't want to
announce
their presence. You probably have some sort of adware or spyware.
These are
usually not the province of virus detectors or virus removers.
True, there is a great deal of overlap between various kinds of
malicious
software ("malware"), but, in general:
Virus = Causes local destruction
Trojan = Usually does NOT cause local destruction (i.e., used to
send
somebody else's spam)
Adware = Bombards you with advertising
Spyware = Watches what you do and calls home with the info
(Worm = Relates to method of propagation, not the results)
Use Adaware or Spyware Blaster and other malware detector/remover.
Close, but not really...
Virus -- software that self replicates and often has a payload that
may be destructive. Viruses that spread via network protocols are
worms. They thus replicate by infecting other computers by using
network protocols such as; NetBIOS over IP, SMTP, NNTP, SMB, RPC,
etc. An example of a destructive virus payload would be the CIH (aka;
Chernobyl). When this virus infects a goven computer it has a
payload date. On the payload dat it may destroy data on the hard
diak and if the BIOS of the infected computer is Flash BIOS and is
NOT write-potected, the payload will erase or corrupt the BIOS and
thus leave the computer incapable of booting. Examples of a
non-destructive viruses would be the Boot Sector Infectors "NYB" and
"Form". Once a computer or media is infected, it will spread to
other media. For example, read an infected floppy on a non-infected
computer and the computer's hard disk will now be infected.
{ Note: The "Form" and "NYB" rely on FAT and NOT NTFS and therefore
do not spead on NT based system using NTFS partition schemes. }
Trojan -- software that does NOT self replicate but usually has a
payload that may be destructive but usually is NON destructive and
designed to perform the payload function of intent by the author.
Sometimes they are written poorly and thuis crash the computer and
may be considered destructtive. An example would be some
Backdoor.Haxdoor variants that mat result in a BSoD. The BSoD
condition was not the authors intent but it may be the consequence.
A destructive payload may be hard disk data removal and/or data file
removal or corruption. A non-destructive payload example would be a
Trojan dialer. Its objective is to use you PC modem to dial
off-shore or 900 numbers to bring in revenue. Another woould be a
Trojan Proxy. Here a third party will use and control your PC which
acts as a Proxy agent. The intended victim of the malicious activity
does not see the orginator, the victim instead sees the Proxy
infected user.
Interestingly, many Trojan cans and will be infected with a virus.
For exmaple, I have sen mIRC
backdoor Trojans infected with the Parite virus.
Basically all are under the the name of "malware". Malware is broken
down into to sub-types, viruses and non-viral malware. The non-viral
malware class has become a growing problem nad now infects more
computers. Trojans are considered non-viral malware but you will
find the word Trojan used as if it was a virus. There are many forms
of non-viral malware that exist. Some examples...
adware
spyware
proxy agents
spam bots
browser helper objects
browser hijackers
DDoS agents
downloaders
droppers
Good explanations! Now condense each definition to one line.
.
- Follow-Ups:
- Re: Trojans.... Is there a way???
- From: cquirke (MVP Windows shell/user)
- Re: Trojans.... Is there a way???
- From: David H. Lipman
- Re: Trojans.... Is there a way???
- References:
- Re: Trojans.... Is there a way???
- From: HeyBub
- Re: Trojans.... Is there a way???
- From: David H. Lipman
- Re: Trojans.... Is there a way???
- Prev by Date: Re: Is there a Windows Personal Edition?
- Next by Date: Re: Deactivate my license.
- Previous by thread: Re: Trojans.... Is there a way???
- Next by thread: Re: Trojans.... Is there a way???
- Index(es):
Relevant Pages
|
