|
Cheers Steve
My antivirus software just picked something up as soon as i logged in.
Just glad mine is working well and alerting me.
Jax xx
|
|
welcome Joy
They will as long as you keep them updated hun
mwahh
|
|
PS AVG, Spyware blaster and Lavasoft Ad-aware seem to have kept my computer happy (so far) ... :-)
|
|
Just hope it helps clear up whats what
|
|
Rootkits
These are on the increase accross the web often sent as emails, ecards like the happy 2008 one that contained
the storm worm or one of its huge family, there is a warning out now that a new variant of storm worm is in the wild
posing as a "valentines card"
Common usage
A successfully installed rootkit allows unauthorized users to act as system administrators, and thus to take full control of the 'rootkitted' system. Secondary to this purpose, most rootkits typically hide files, network connections, blocks of memory, or registry entries (eg, on Windows systems) from other programs used by system administrators to detect specially privileged accesses to computer system resources. However, a rootkit may masquerade as or be intertwined with other files, programs, or libraries with other purposes. It is important to note that while the utilities bundled with a rootkit may be maliciously intended, not every rootkit is always malicious. Rootkits may be used for both productive and destructive purposes.
A rootkit which hides utility programs, usually does so to abuse a compromised system, and often include so-called "backdoors" to help the attacker subsequently access at will. A simple example might be a rootkit which hides an application that spawns a command processing shell when the attacker connects to a particular network port on the system. Kernel rootkits may include similar functionality. A backdoor may also allow processes started by a non-privileged user to run as though it were started by a privileged user (include the root user) and to carry out functions normally reserved for the superuser.
Many other utility tools useful for abuse can be hidden using rootkits. This includes tools for further attacks against computer systems with which the compromised system communicates, such as sniffers and keyloggers. A possible abuse is to use a compromised computer as a staging ground for further abuse (see zombie computer). This is often done to make the abuse appear to originate from the compromised system (or network) instead of the attacker's. Tools for such attacks can include denial-of-service attack tools, tools to relay chat sessions, and e-mail spam distribution. A major malicious use for rootkits is to allow the rootkit's programmer to see and access user names and log-in information of systems requiring them. Collection of such information from many systems (thousands or more) is easily possible. This makes rootkits even more hazardous, as it allows trojans to access this personal information while the rootkit covers it up.
Rootkits are not always used to attack and gain control of a computer. Some software may use rootkit techniques to hide from 3rd party scanners to undetectably detect tampering or attempted breakins. Some emulation software and security software is known to be using rootkits.[4] Alcohol 120% and Daemon Tools are commercial examples of the use of non-hostile rootkits.
Rootkit is a term now somewhat loosely applied to cloaking techniques and methods.[5]
|
|
DEFINITION in simple tearms
Trojan
Definition: A Trojan is a self-contained program that appears to be legitimate, but in fact does something malicious. Trojans do not infect other files as viruses do, nor do Trojans make copies of themselves as worms do.
Many of the the earlier Trojans were used to launch Distributed Denial of Service (DDoS) attacks, such as those suffered by Yahoo and eBay in the latter part of 1999. Today, Trojans are most often used to gain backdoor access - that is to say remote, surreptitious access - to a user's system.
There are several different types of Trojans: Remote Access Trojans (RAT), Backdoor Trojans (backdoors), IRC Trojans (IRCbots), and Keyloggers. Many of these different types can be employed in a single Trojan. For example, a keylogger that also operates as a backdoor may commonly be disguised as a game hack.
Virus
In computers, a virus is a program or programming code that replicates by being copied or initiating its copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm.
Generally, there are three main classes of viruses:
File infectors. Some file infector viruses attach themselves to program files, usually selected .COM or .EXE files. Some can infect any program for which execution is requested, including .SYS, .OVL, .PRG, and .MNU files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly-contained programs or scripts sent as an attachment to an e-mail note.
System or boot-record infectors. These viruses infect executable code found in certain system areas on a disk. They attach to the DOS boot sector on diskettes or the Master Boot Record on hard disks. A typical scenario (familiar to the author) is to receive a diskette from an innocent source that contains a boot disk virus. When your operating system is running, files on the diskette can be read without triggering the boot disk virus. However, if you leave the diskette in the drive, and then turn the computer off or reload the operating system, the computer will look first in your A drive, find the diskette with its boot disk virus, load it, and make it temporarily impossible to use your hard disk. (Allow several days for recovery.) This is why you should make sure you have a bootable floppy.
Macro viruses. These are among the most common viruses, and they tend to do the least damage. Macro viruses infect your Microsoft Word application and typically insert unwanted words or phrases.
The best protection against a virus is to know the origin of each program or file you load into your computer or open from your e-mail program. Since this is difficult, you can buy anti-virus software that can screen e-mail attachments and also check all of your files periodically and remove any viruses that are found. From time to time, you may get an e-mail message warning of a new virus. Unless the warning is from a source you recognize, chances are good that the warning is a virus hoax.
The computer virus, of course, gets its name from the biological virus. The word itself comes from a Latin word meaning slimy liquid or poison.
Worms
A computer worm is a program which copies itself across a network.
A computer worm differs from a computer virus in that a computer worm can run itself. A virus needs a host program to run, and the virus code runs as part of the host program. A computer worm can spread without a host program, although some modern computer worms also use files to hide inside.
|
