Malware

Discussion in 'Computer Security' started by eager, Nov 22, 2007.

  1. eager

    eager Guest

    My friend's computer, running XP Media Centre 2002, was infected with
    Malware, viruses, and Trojan horses
    His Norton had expired long time ago. I downloaded and installed Antivir,
    the free version, did a system recovery and free online scanning using Trend
    Micro HouseCall.

    I also suggested my friend to take his computer to a computer store to
    format the HDD and re-install windows, because he did not have a winXP CD.
    Probably he did not get a CD when he purchased his computer.

    I could not get to start his PC in safe mode either ....

    I am trying to find some info regarding what is a malware, how does it
    damage the computer and what are the symptoms?
    What is the difference between the malware and the viruses?

    Wikipedia:

    Malware is software designed to infiltrate or damage a computer system
    without the owner's informed consent. It is a portmanteau of the words
    "malicious" and "software". The expression is a general term used by
    computer professionals to mean a variety of forms of hostile, intrusive, or
    annoying software or program code.

    I know that Trojan horses are kind of spyware and do not damage the
    computer, worms are dangerous for networks rather than for a stand-alone PC,
    etc.

    I am also trying to understand the difference between access deny, delete
    and move to quarantine options.

    I know there are so many questions raised in my post, but any little help
    would be much appreciated.
     
    eager, Nov 22, 2007
    #1
    1. Advertising

  2. eager

    Sebastian G. Guest

    eager wrote:

    > My friend's computer, running XP Media Centre 2002, was infected with
    > Malware, viruses, and Trojan horses
    > His Norton had expired long time ago. I downloaded and installed Antivir,
    > the free version, did a system recovery and free online scanning using Trend
    > Micro HouseCall.
    >
    > I also suggested my friend to take his computer to a computer store to
    > format the HDD and re-install windows, because he did not have a winXP CD.
    > Probably he did not get a CD when he purchased his computer.
    >
    > I could not get to start his PC in safe mode either ....
    >
    > I am trying to find some info regarding what is a malware,



    malware = malicious software = software written with malicious intent

    > how does it damage the computer



    in every physically and logically possible way

    > and what are the symptoms?



    .... every physically and logically possible way. That means it could
    perfectly emulate an uninfected system to hide its presence.

    > What is the difference between the malware and the viruses?



    virus: a program that infects other programs

    > I know that Trojan horses are kind of spyware



    Not necessarily. A trojan horse is supposed to provide access to a third
    party, it might but doesn't have to be used to transmit personal data to
    this third party.

    > and do not damage the computer,



    Of course they can, and most do.

    > worms are dangerous for networks rather than for a stand-alone PC,



    Worms are viruses that replicate among network boundaries.

    > I am also trying to understand the difference between access deny, delete
    > and move to quarantine options.



    There is none: the system is compromised and cannot be trusted anymore.
     
    Sebastian G., Nov 23, 2007
    #2
    1. Advertising

  3. eager

    Todd H. Guest

    "eager" <> writes:

    > My friend's computer, running XP Media Centre 2002, was infected with
    > Malware, viruses, and Trojan horses
    > His Norton had expired long time ago. I downloaded and installed Antivir,
    > the free version, did a system recovery and free online scanning using Trend
    > Micro HouseCall.
    >
    > I also suggested my friend to take his computer to a computer store to
    > format the HDD and re-install windows, because he did not have a winXP CD.
    > Probably he did not get a CD when he purchased his computer.


    What's the make/model? Typically you can get replacement CD's at a
    rather nominal cost, sometimes free (e.g. HP or Compaq business
    pc's).

    This machine needs a fresh OS.

    > I am trying to find some info regarding what is a malware, how does it
    > damage the computer and what are the symptoms?
    > What is the difference between the malware and the viruses?


    If you think of a virus as just one possible type of malware, you'll
    be in good shape.

    Read some more in wikipedia to do your own comparison of the terms:

    Computer Virus
    http://en.wikipedia.org/wiki/Computer_virus

    Computer Worm
    http://en.wikipedia.org/wiki/Computer_worm

    So technically, a virus isn't necessarily malware (it's defined
    typically as code that can self-replicate and attach itself to another
    existing host program, without regard to its badness or goodness).
    But in the lexicon used by normal people (who aren't pointy headed and
    hang out in security newsgroups just to disagree with people or engage
    in protracted semantic debates) it's become synonymous with it,
    e.g. "anti-virus" software meaning software that attempts to detect
    and thwart programs you don't want/need/or that do bad stuff.

    And likewise, a worm is self-replicating code that doesn't necessarily
    attach itself to another program like a virus would.

    > I know that Trojan horses are kind of spyware and do not damage the
    > computer, worms are dangerous for networks rather than for a stand-alone PC,
    > etc.


    A Trojan horse is more simply defined than that. It's generally a
    program that purports to do one thing, but actually does something
    else or more than that thing. THe definition speaks to a delivery
    mechanism more so than what the program does.

    And spyware is more defined in terms of functionality--in that it does
    some harvesting of personal information in one way or another. It's
    not as well defined as the other terms discussed here.

    Trojan Horse
    http://en.wikipedia.org/wiki/Trojan_horse_(computing)

    Spyware
    http://en.wikipedia.org/wiki/Spyware

    > I am also trying to understand the difference between access deny, delete
    > and move to quarantine options.


    Those terms would require knowing which Anti-virus or anti-malware
    program you're speaking of, but a reasonable guess is that access deny
    does nothing to the file, except the AV program tellst eh operating
    system not to open the file whenever a program calls to open it.
    Delete would aim to remove the file from teh disk (which may or may
    not be possible). Quarantine, in most software connotes moving the
    file to a "vault" so that in case a good file is mistakenly flagged
    as bad, it could be removed from quarantine. In a delete option, the
    file is deleted with no recovery (easily) possible.

    I imagine the terms you brought up will generate lots of debate and
    response though, that you may take with a grain of salt (this post
    included if you like). Nothing like definition questions to give
    those who love to point out things that are wrong a chance to try to
    prove their intellect. Pointing out something that's wrong, after
    all, is the easiest way to be right, isn't it? And we all love bein
    right!


    Best Regards,
    --
    Todd H.
    http://www.toddh.net/
     
    Todd H., Nov 23, 2007
    #3
  4. eager

    kurt wismer Guest

    eager wrote:
    > My friend's computer, running XP Media Centre 2002, was infected with
    > Malware, viruses, and Trojan horses
    > His Norton had expired long time ago. I downloaded and installed Antivir,
    > the free version, did a system recovery and free online scanning using Trend
    > Micro HouseCall.
    >
    > I also suggested my friend to take his computer to a computer store to
    > format the HDD and re-install windows, because he did not have a winXP CD.
    > Probably he did not get a CD when he purchased his computer.
    >
    > I could not get to start his PC in safe mode either ....
    >
    > I am trying to find some info regarding what is a malware, how does it
    > damage the computer and what are the symptoms?
    > What is the difference between the malware and the viruses?


    viruses are a type of malware... malware is an umbrella term that
    basically means malicious software - it covers just about everything...

    > Wikipedia:
    >
    > Malware is software designed to infiltrate or damage a computer system
    > without the owner's informed consent. It is a portmanteau of the words
    > "malicious" and "software". The expression is a general term used by
    > computer professionals to mean a variety of forms of hostile, intrusive, or
    > annoying software or program code.
    >
    > I know that Trojan horses are kind of spyware and do not damage the
    > computer, worms are dangerous for networks rather than for a stand-alone PC,
    > etc.


    actually, only some types of trojan horse program are spyware... some
    just destroy data, some show ads, etc... the essence of a trojan horse
    is that it appears to be something good (or at least benign) but is
    actually something bad... the way in which it's bad isn't specified and
    could be anything...

    also, worms can be a problem for stand-alone pc's as well, depending on
    the worm...

    > I am also trying to understand the difference between access deny, delete
    > and move to quarantine options.


    moving to quarantine is usually the safest option because it means you
    still have the file (which you wouldn't if you chose the delete option)
    in case the scanner was issuing a false alarm when it triggered on the
    file... not sure about access deny - it could mean that you're simply
    denied access to the file, but if the anti-virus became disabled for any
    reason there wouldn't necessarily be anything left to stop you from
    running the suspect file (unless you also run other types of security
    software)...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Nov 23, 2007
    #4
  5. eager

    kurt wismer Guest

    Sebastian G. wrote:
    [snip]
    >> and what are the symptoms?

    >
    >
    > ... every physically and logically possible way. That means it could
    > perfectly emulate an uninfected system to hide its presence.


    active stealth only works if the malware is actually active... there are
    ways around that...

    [snip]
    >> I know that Trojan horses are kind of spyware

    >
    >
    > Not necessarily. A trojan horse is supposed to provide access to a third
    > party, it might but doesn't have to be used to transmit personal data to
    > this third party.


    actually, not all trojans are supposed to provide access to 3rd parties,
    only remote access trojans do that...

    [snip]
    >> worms are dangerous for networks rather than for a stand-alone PC,

    >
    >
    > Worms are viruses that replicate among network boundaries.


    and typically don't infect other programs (which, given your definition
    for virus, might prove confusing)...

    >> I am also trying to understand the difference between access deny,
    >> delete and move to quarantine options.

    >
    >
    > There is none: the system is compromised and cannot be trusted anymore.


    in general the system is not compromised just because the malware is on
    the hard disk... the user may have just downloaded it and not actually
    run it... the system is not compromised until the malware gains control...

    --
    "it's not the right time to be sober
    now the idiots have taken over
    spreading like a social cancer,
    is there an answer?"
     
    kurt wismer, Nov 23, 2007
    #5
  6. eager

    eager Guest

    "Sebastian G." <> wrote in message
    news:...
    > eager wrote:



    > malware = malicious software = software written with malicious intent



    Thanks for your reply!

    I have also found, "malware = malicious code = computer programs created to
    break into computers or to create havoc on computers. The most common
    types of malware are viruses, worms, logic bombs, Trojan horses, and back
    doors."

    So, code, software, program seem to be used interchangeably .... On the
    other hand, when I scanned the computer for viruses, using AntiVir, I got
    different warnings for viruses, different warning for trojan horses and
    different warning for malware. Confusing, isn't it?



    >


    >
    >> What is the difference between the malware and the viruses?

    >
    >
    > virus: a program that infects other programs



    I guess, malware is a general term that refers to viruses, worms, logic
    bombs, trojan horses and back doors, then, right?


    >
    >> I know that Trojan horses are kind of spyware

    >
    >
    > Not necessarily. A trojan horse is supposed to provide access to a third
    > party, it might but doesn't have to be used to transmit personal data to
    > this third party.
    >
    >> and do not damage the computer,

    >
    >
    > Of course they can, and most do.
    >
    >> worms are dangerous for networks rather than for a stand-alone PC,

    >
    >
    > Worms are viruses that replicate among network boundaries.
    >
    >> I am also trying to understand the difference between access deny, delete
    >> and move to quarantine options.

    >
    >
    > There is none: the system is compromised and cannot be trusted anymore.
     
    eager, Nov 23, 2007
    #6
  7. eager

    eager Guest

    "Todd H." <> wrote in message
    news:...
    > "eager" <> writes:
    >
    >> My friend's computer, running XP Media Centre 2002, was infected with
    >> Malware, viruses, and Trojan horses
    >> His Norton had expired long time ago. I downloaded and installed Antivir,
    >> the free version, did a system recovery and free online scanning using
    >> Trend
    >> Micro HouseCall.
    >>
    >> I also suggested my friend to take his computer to a computer store to
    >> format the HDD and re-install windows, because he did not have a winXP
    >> CD.
    >> Probably he did not get a CD when he purchased his computer.

    >
    > What's the make/model? Typically you can get replacement CD's at a
    > rather nominal cost, sometimes free (e.g. HP or Compaq business
    > pc's).



    It's a compaq


    >
    > This machine needs a fresh OS.


    Average home users do not back up data and, when it comes to this point,
    they do not want to lose their songs...; they do not want to pay much money
    either.... . My friend had norton (hate it) and when it expired, he
    procastrinated ...
    Well, he is a teenager, the son of my wife's friend; my wife, who _thinks_
    that I know about computers, got me in trouble. lol

    Mr.Lipman has posted numerous times about cleaning up infected computers,
    just have to find his threads .... I am still wondering though, why I was
    not able to start the PC in safe mode? Was the boot sector infected ... or
    ... something else?


    >
    >> I am trying to find some info regarding what is a malware, how does it
    >> damage the computer and what are the symptoms?
    >> What is the difference between the malware and the viruses?

    >
    > If you think of a virus as just one possible type of malware, you'll
    > be in good shape.


    Thank you Mr. Todd!

    >
    > Read some more in wikipedia to do your own comparison of the terms:
    >
    > Computer Virus
    > http://en.wikipedia.org/wiki/Computer_virus
    >
    > Computer Worm
    > http://en.wikipedia.org/wiki/Computer_worm
    >
    > So technically, a virus isn't necessarily malware



    Now you are confusing me, man :)

    (it's defined
    > typically as code that can self-replicate and attach itself to another
    > existing host program, without regard to its badness or goodness).
    > But in the lexicon used by normal people (who aren't pointy headed and
    > hang out in security newsgroups just to disagree with people or engage
    > in protracted semantic debates) it's become synonymous with it,
    > e.g. "anti-virus" software meaning software that attempts to detect
    > and thwart programs you don't want/need/or that do bad stuff.
    >
    > And likewise, a worm is self-replicating code that doesn't necessarily
    > attach itself to another program like a virus would.


    Yes, I read about the difference between these two and they have two major
    dofferences:
    1. A virus attaches itself to a document and is spread by travelling along
    with the document. A worm can travel by itself.
    2. A virus needs the user to perform some type of action, to start the
    infection. A worm can replicate itself until it clogs all the available
    resources.

    still wandering though, how can a worm travel by itself, where does it find
    the energy, how does it find the way? we could use worms instead of cars,
    ships and planes :)) or at least, apply the idea ...

    >
    >> I know that Trojan horses are kind of spyware and do not damage the
    >> computer, worms are dangerous for networks rather than for a stand-alone
    >> PC,
    >> etc.

    >
    > A Trojan horse is more simply defined than that. It's generally a
    > program that purports to do one thing, but actually does something
    > else or more than that thing. THe definition speaks to a delivery
    > mechanism more so than what the program does.
    >
    > And spyware is more defined in terms of functionality--in that it does
    > some harvesting of personal information in one way or another. It's
    > not as well defined as the other terms discussed here.
    >
    > Trojan Horse
    > http://en.wikipedia.org/wiki/Trojan_horse_(computing)
    >
    > Spyware
    > http://en.wikipedia.org/wiki/Spyware
    >
    >> I am also trying to understand the difference between access deny, delete
    >> and move to quarantine options.

    >
    > Those terms would require knowing which Anti-virus or anti-malware
    > program you're speaking of, but a reasonable guess is that access deny
    > does nothing to the file, except the AV program tellst eh operating
    > system not to open the file whenever a program calls to open it.
    > Delete would aim to remove the file from teh disk (which may or may
    > not be possible). Quarantine, in most software connotes moving the
    > file to a "vault" so that in case a good file is mistakenly flagged
    > as bad, it could be removed from quarantine. In a delete option, the
    > file is deleted with no recovery (easily) possible.



    Thank you!

    >
    > I imagine the terms you brought up will generate lots of debate and
    > response though, that you may take with a grain of salt (this post
    > included if you like). Nothing like definition questions to give
    > those who love to point out things that are wrong a chance to try to
    > prove their intellect. Pointing out something that's wrong, after
    > all, is the easiest way to be right, isn't it? And we all love bein
    > right!
    >
    >
    > Best Regards,
    > --
    > Todd H.
    > http://www.toddh.net/
     
    eager, Nov 23, 2007
    #7
  8. eager

    Tim Jackson Guest

    eager wrote:

    > I have also found, "malware = malicious code = computer programs created to
    > break into computers or to create havoc on computers. The most common
    > types of malware are viruses, worms, logic bombs, Trojan horses, and back
    > doors."
    >
    > So, code, software, program seem to be used interchangeably .... On the
    > other hand, when I scanned the computer for viruses, using AntiVir, I got
    > different warnings for viruses, different warning for trojan horses and
    > different warning for malware. Confusing, isn't it?
    >


    It's all very simple really, but confused by, among others, those who
    want to muddy the water so as make their wizardry seem more amazing, and
    saleable. Sometimes the metaphors get in the way of the facts.

    Software is any sort of program which is not physically built into a
    machine. And sometimes the word includes programs that are built in,
    like the BIOS in a PC. "Ware" meaning something that can be bought and
    sold independently, "soft" meaning intangible.

    Malware is any program that is supplied with intent to harm, which is
    somewhat subjective, so lets say its any software you acquire unwillingly.

    Malware is classified by it's method of propagation and its intent or
    function. The categories are not mutually exclusive, and
    self-propagating programs are not always written with harmful intent.
    Most malware will consist of one or more parts which perform propagation
    and a "payload" which performs the damage.


    A virus is a piece of software that attaches itself to another program
    so that when that is run, it runs the virus again which copies itself
    into any other programs that are visible to it at that time. Thus if
    the program is copied to a 'clean' machine and run, it infects all the
    other executables on that machine.

    A trojan horse is a program which purports to be something it isn't in
    order to get the user to run it, most commonly an email attachment.

    A worm is a program that explores a network to seek out other computers
    to copy itself onto.

    A back door is a program which once installed provides unauthorised
    access to a computer. This is used to create zombies, (also known as
    'bots or bot-nets), which are computers that have a back door installed
    to allow unauthorised control for such purposes as the sending of spam.

    Spyware is software that once installed records information about the
    computer and it's use and report it back to a remote site, without the
    user's knowledge. This could be simply gathering marketing information,
    or it could be something more hostile like keystroke (i.e. password)
    recording.

    Adware is software that once installed periodically presents unsolicited
    advertising to the user, eg by pop-up windows. This is used as source
    of revenue to pay for allegedly 'free' software.


    Tim Jackson
    www.tim-jackson.co.uk
     
    Tim Jackson, Nov 24, 2007
    #8
  9. eager

    eager Guest

    "Tim Jackson" <> wrote in message
    news:...
    > eager wrote:
    >
    >> I have also found, "malware = malicious code = computer programs created
    >> to break into computers or to create havoc on computers. The most
    >> common types of malware are viruses, worms, logic bombs, Trojan horses,
    >> and back doors."
    >>
    >> So, code, software, program seem to be used interchangeably .... On the
    >> other hand, when I scanned the computer for viruses, using AntiVir, I got
    >> different warnings for viruses, different warning for trojan horses and
    >> different warning for malware. Confusing, isn't it?
    >>

    >
    > It's all very simple really, but confused by, among others, those who want
    > to muddy the water so as make their wizardry seem more amazing, and
    > saleable. Sometimes the metaphors get in the way of the facts.
    >
    > Software is any sort of program which is not physically built into a
    > machine. And sometimes the word includes programs that are built in, like
    > the BIOS in a PC. "Ware" meaning something that can be bought and sold
    > independently, "soft" meaning intangible.
    >
    > Malware is any program that is supplied with intent to harm, which is
    > somewhat subjective, so lets say its any software you acquire unwillingly.
    >
    > Malware is classified by it's method of propagation and its intent or
    > function. The categories are not mutually exclusive, and self-propagating
    > programs are not always written with harmful intent. Most malware will
    > consist of one or more parts which perform propagation and a "payload"
    > which performs the damage.
    >
    >
    > A virus is a piece of software that attaches itself to another program so
    > that when that is run, it runs the virus again which copies itself into
    > any other programs that are visible to it at that time. Thus if the
    > program is copied to a 'clean' machine and run, it infects all the other
    > executables on that machine.
    >
    > A trojan horse is a program which purports to be something it isn't in
    > order to get the user to run it, most commonly an email attachment.
    >
    > A worm is a program that explores a network to seek out other computers to
    > copy itself onto.
    >
    > A back door is a program which once installed provides unauthorised access
    > to a computer. This is used to create zombies, (also known as 'bots or
    > bot-nets), which are computers that have a back door installed to allow
    > unauthorised control for such purposes as the sending of spam.
    >
    > Spyware is software that once installed records information about the
    > computer and it's use and report it back to a remote site, without the
    > user's knowledge. This could be simply gathering marketing information,
    > or it could be something more hostile like keystroke (i.e. password)
    > recording.
    >
    > Adware is software that once installed periodically presents unsolicited
    > advertising to the user, eg by pop-up windows. This is used as source of
    > revenue to pay for allegedly 'free' software.
    >
    >
    > Tim Jackson
    > www.tim-jackson.co.uk



    Thanks Tim!
     
    eager, Nov 24, 2007
    #9
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Echuca

    Malware

    Echuca, Oct 15, 2004, in forum: Firefox
    Replies:
    1
    Views:
    645
    Moz Champion
    Oct 26, 2004
  2. EDWARD DOYLE

    anti malware software

    EDWARD DOYLE, Apr 15, 2004, in forum: Computer Support
    Replies:
    3
    Views:
    5,341
    °Mike°
    Apr 15, 2004
  3. Jaypie

    Malware

    Jaypie, Apr 16, 2004, in forum: Computer Support
    Replies:
    5
    Views:
    737
    Jaypie
    Apr 17, 2004
  4. twitchy

    Malware

    twitchy, Dec 28, 2004, in forum: Computer Support
    Replies:
    7
    Views:
    720
    Ron Martell
    Dec 29, 2004
  5. fkasner

    Malware Turning off NAV on boot

    fkasner, Feb 18, 2005, in forum: Computer Support
    Replies:
    7
    Views:
    446
    Vanguard
    Feb 19, 2005
Loading...

Share This Page