Infection: Trojan horse Downloader.Generic9.AQZF
in [Viruses]
|
Prev: VIRUS QUESTION
Next: Ping: David H Lipman
From: ~BD~ on 21 Mar 2010 18:29 David H. Lipman wrote: > From: "~BD~"<BoaterDave(a)hot.mail.co.uk> > > | The Real Truth MVP wrote: >>> MS calls them Trojan virus so nobody is wrong or right. >>> http://support.microsoft.com/kb/129972 > > > > > | Good catch, TRT > > | It states quite clearly:- > > | "Symptoms of worms and *trojan horse viruses* in e-mail messages" > > / And Microsoft is *dead wrong* ! / > > A bold statement. I'm always willing to learn. Please cite a reference which supports *your* statement. -- Dave
From: FromTheRafters on 21 Mar 2010 18:46 "Virus Guy" <Virus(a)Guy.com> wrote in message news:4BA67368.62D398DF(a)Guy.com... > FromTheRafters wrote: > >> > In more technical settings or circumstances the use of incorrect >> > terminology can be a hindrence or distraction, but this forum >> > (and specifically this and other similar threads) is no such >> > place. >> >> ...but it offers a substantial opportunity to educate readers. > > (sigh) > > I presume that someone that was interested enough to want to know the > classical definition of a (computer) virus would either ask the direct > question here, or look it up (on wikipedia, or elsewhere). ....and still not get a definitive answer. > In this case, the reader wanted to know how Downloader.Generic9.AQZF > might have come to reside on his system. No, that was Trojan horse downloader etc... Do you think that that part of the name was unimportant fluff? > Pointing out that Downloader.Generic9.AQZF is a trojan and not a virus > is a distraction, and misses the real opportunity to educate the OP as > to how this specific exploit is known to be spread. It is a trojan that downloads other malware, it is *not* a virus that infects your executables to spread. The spreading method you allude to that is important in your view, is mostly addressed by knowing whether or not it is viral. If it is not viral, it spreads by the usual distribution methods - if it *is* viral, it spreads by infecting programs. (of course I'm using the definition for virus that requires replication *and* infection, leaving worms as non-viral self-replicators) > I would agree with the OP that many web-pages purporting to describe > the > technical details of specific malware identities fall short in that > regard. Indeed, but when a whole class of malware operates with basically the same behaviors, a generic detection/description is good enough. In this case the differences might be only contained in the "what and where" aspects of the download. > Knowing what a specific malware does when it runs on your system is > nice > to know. Yes, and when all that you know is that it downloads and executes something from somewhere, you know enough (or little enough). > Knowing how a specific piece of malware got on your system in the > first > place is usually of far more interest. ....and the malware name (knowing whether it is a virus, worm, or trojan and what it means) is an important step in that process.
From: FromTheRafters on 21 Mar 2010 18:48 "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message news:ho5sh802gm4(a)news3.newsguy.com... not > Since it is a trojan, it does self replicate and as such does not > auto-spread. Trojans > need assistance to be installed such as Social Engineering (human > exploit) software > vulnerabilities, web site compramise, etc. o
From: FromTheRafters on 21 Mar 2010 19:04 "The Real Truth MVP" <trt(a)void.com> wrote in message news:ho64qb$9v0$1(a)leythos.motzarella.org... > MS calls them Trojan virus so nobody is wrong or right. > http://support.microsoft.com/kb/129972 I was aware of that (and from many other reputable vendors of antivirus/antimalware). Just because they are experts, doesn't make them right. :o) I prefer the definitions proposed by non-antimalware experts (computer science experts) because I agree with them that viruses (in particular) are not necessarily malicious and could be applied benevolently.
From: David H. Lipman on 21 Mar 2010 19:09
From: "FromTheRafters" <erratic(a)nomail.afraid.org> | "David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message | news:ho5sh802gm4(a)news3.newsguy.com... | not >> Since it is a trojan, it does self replicate and as such does not >> auto-spread. Trojans >> need assistance to be installed such as Social Engineering (human >> exploit) software >> vulnerabilities, web site compramise, etc. | o Right -- THANK YOU ! "...it does _NOT_ self replicate ..." -- Dave http://www.claymania.com/removal-trojan-adware.html Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp |