Jump to content

Difference between antivirus

hubingdan

By hubingdan
in General Windows PC Help

 Share

Recommended Posts

Maurice Naggar

Maurice Naggar

Posted
Posted

Hello  Dan,     :welcome:

 

Malware is discussed here   https://www.malwarebytes.com/malware/

For a description of viruses   see   https://www.malwarebytes.com/antivirus/

 

Malwarebytes Adwcleaner does a deeper scan for all kinds of adwares, including those that are dormant   ( non-active).

The Adwcleaner is a fine tool for taking care of adwares.   You should consider running it on a occasional basis.

Adwcleaner is free.  It is not included within Malwarebytes for Windows.

 

Let me know if you need other help.

 

Link to post
Share on other sites
David H. Lipman

David H. Lipman

Posted
Posted (edited)

The term malware is the overarching concept of Malicious Software and is a derivation of parts of those words concatenated together.

All viruses are malware but not all malware are viruses.

There is a taxonomy to malware just like there is in the animal kingdom or even vehicles.

Just like all Fords are automobiles not all automobiles are Fords.

There are three basic sub-types of malware;  Viruses, Trojans and Exploit code

Viruses - A subset of malware that is capable of self replicating and spreading autonomously.  That means viruses are able to spread from computer to computer, computer to media and from media to computer without assistance.  Viruses are further broken down and have sub-types based upon how they spread.  For example there are viruses that are called file infectors because they spread by infecting a legitimate file by appending, prepending or cavity injecting code into the file which will then, in turn, be able to infect other files.  There are also type of viruses called worms.  They can use Network Protocol to spread from system to system over a network.  they are known as Internet Worms.  Then there are worms that exploit the AutoRun/AutoPlay facility in Windows.  Malicious code is placed on a media such as a CDROM, Flash Drive or Removable hard disk in such a way that when they are inserted into a windows PC the infector spreads from the media to the system.

Trojans - This is a malware sub-type that requires assistance to infect a system.  It could be Social Engineering ( the Human Exploit ), Exploit code or some other means.  A trojan can infect a legitimate file by appending, prepending or cavity injecting code into the file but that is the extent of the infection.  The altered file can't spread the infection.  Such a file is deemed "trojanized" or "patched".  There are many other sub-types of trojans as this is the biggest class of malware can; inject malicious code, download, drop, dial porn ( 900 ) numbers, steal passwords, steal data, create a Remote Access backdoor, act as a part of a larger robotic system  doing the bidding of a central command and control (C2) system, act as a Proxy, and many, many, more forms of malicious activity.

Exploit code - This is code to take advantage of a system, functionality, or bad coding.  For example there may be a software bug in a particular program that when exploited can cause a trojan to be installed.  Another example is where a file is coded in such a way that when viewed or rendered will cause that viewer and rendering software to act in an unusual way.  For example a Winmad trojan may exploit the Digital rights Management ( DRM )  to cause the use of a media file ( MP3, WAV, etc ) file to cause a malicious download.

 

The above may be combined.  For example the Lovsan/Blaster worm was an Internet worm that exploited a bug in the RPC/RPCSS subsystem of Windows which uses TCP port 135 and cause the installation and execution of the malware.  Once infected that system can seek out other vulnerable systems via TCP port 135 and infect them.  Thus the Lovsan/Blaster worm uses both Exploit Code and is a Internet worm.

There are also other situations where a trojan can be infected by a virus.  For example a Downloader Trojan may be infected by a file infecting virus such as Sality or Parite.  The trojan will still do what it was programmed to do but it will also cause other files to be infected and spread that virus to other systems,

You'll see the term "trojan virus".  This is a false term.  The above is not a "trojan virus" it is a trojan infected with a virus.  Calling a malware a "trojan virus" is akin to calling a particular automobile a "Ford Chevrolet" or a "Mazda Datsun".

 

 

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites
Maurice Naggar

Maurice Naggar

Posted
Posted
19 minutes ago, hubingdan said:

Thanks Maurice,  currently I am recommending to my Windows users to stay with Windows security as antivirus, run Malwarebytes premium for real time protection, and do you think I should then also recommend running the adwcleaner as another tool to use?

Dan

Dan,

Yes you can recommend the Adwcleaner as a on-demand type tool, to take care of adwares.

See

What is Malwarebytes AdwCleaner?
Where can I find documentation for Malwarebytes AdwCleaner?

 

Let me know if you need other help.

Sincerely,

Maurice

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.