From: ~BD~ on 21 Mar 2010 18:29
David H. Lipman wrote:
> From: "~BD~"<BoaterDave(a)hot.mail.co.uk>
> | The Real Truth MVP wrote:
>>> MS calls them Trojan virus so nobody is wrong or right.
> | Good catch, TRT
> | It states quite clearly:-
> | "Symptoms of worms and *trojan horse viruses* in e-mail messages"
> / And Microsoft is *dead wrong* ! /
A bold statement. I'm always willing to learn.
Please cite a reference which supports *your* statement.
From: FromTheRafters on 21 Mar 2010 18:46
"Virus Guy" <Virus(a)Guy.com> wrote in message
> FromTheRafters wrote:
>> > In more technical settings or circumstances the use of incorrect
>> > terminology can be a hindrence or distraction, but this forum
>> > (and specifically this and other similar threads) is no such
>> > place.
>> ...but it offers a substantial opportunity to educate readers.
> I presume that someone that was interested enough to want to know the
> classical definition of a (computer) virus would either ask the direct
> question here, or look it up (on wikipedia, or elsewhere).
....and still not get a definitive answer.
> In this case, the reader wanted to know how Downloader.Generic9.AQZF
> might have come to reside on his system.
No, that was Trojan horse downloader etc...
Do you think that that part of the name was unimportant fluff?
> Pointing out that Downloader.Generic9.AQZF is a trojan and not a virus
> is a distraction, and misses the real opportunity to educate the OP as
> to how this specific exploit is known to be spread.
It is a trojan that downloads other malware, it is *not* a virus that
infects your executables to spread. The spreading method you allude to
that is important in your view, is mostly addressed by knowing whether
or not it is viral. If it is not viral, it spreads by the usual
distribution methods - if it *is* viral, it spreads by infecting
(of course I'm using the definition for virus that requires replication
*and* infection, leaving worms as non-viral self-replicators)
> I would agree with the OP that many web-pages purporting to describe
> technical details of specific malware identities fall short in that
Indeed, but when a whole class of malware operates with basically the
same behaviors, a generic detection/description is good enough. In this
case the differences might be only contained in the "what and where"
aspects of the download.
> Knowing what a specific malware does when it runs on your system is
> to know.
Yes, and when all that you know is that it downloads and executes
something from somewhere, you know enough (or little enough).
> Knowing how a specific piece of malware got on your system in the
> place is usually of far more interest.
....and the malware name (knowing whether it is a virus, worm, or trojan
and what it means) is an important step in that process.
From: FromTheRafters on 21 Mar 2010 18:48
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
> Since it is a trojan, it does self replicate and as such does not
> auto-spread. Trojans
> need assistance to be installed such as Social Engineering (human
> exploit) software
> vulnerabilities, web site compramise, etc.
From: FromTheRafters on 21 Mar 2010 19:04
"The Real Truth MVP" <trt(a)void.com> wrote in message
> MS calls them Trojan virus so nobody is wrong or right.
I was aware of that (and from many other reputable vendors of
Just because they are experts, doesn't make them right. :o)
I prefer the definitions proposed by non-antimalware experts (computer
science experts) because I agree with them that viruses (in particular)
are not necessarily malicious and could be applied benevolently.
From: David H. Lipman on 21 Mar 2010 19:09
From: "FromTheRafters" <erratic(a)nomail.afraid.org>
| "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
>> Since it is a trojan, it does self replicate and as such does not
>> auto-spread. Trojans
>> need assistance to be installed such as Social Engineering (human
>> exploit) software
>> vulnerabilities, web site compramise, etc.
Right -- THANK YOU !
"...it does _NOT_ self replicate ..."
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp