Today, I continue my posting of information from Kaspersky concerning threats to your computer, where they come from, how to spot the signs of infection, and what to do about it.
Worms – This category of malicious programs spreads itself largely by exploiting vulnerabilities in computer operating systems. The class was named for the way that worms crawl from computer to computer, using networks and email. This feature allows worms to spread themselves very rapidly.
Worms penetrate a computer, search for the network addresses of other computers, and send a burst of self-made copies to these addresses. In addition, worms often utilize data from email client address books. Some of these malicious programs occasionally create working files on system disks, but they can run without any system reoursces except RAM.
Viruses – Viruses are programs which infect other files, adding their own code to them to gain control of the infected files when they are opened. This simple definition explains the fundamental action performed by a virus – infection.
Trojans – Trojans are programs which carry out unauthorized actions on computers, such as deleting information on drives, making the system hang, stealing confidential information, and so on. This class of malicious program is not a virus in the traditional sense of the work, because it does not infect other computers or data. Trojeans cannot break into computers on their own and are spread by hackers, who disguise them as regular software. The damage that they inflict can greatly exceed that done by traditional virus attacks.
Recently, worms have been the commonest type of malicious program damaging computer data, followed by viruses and Trojans. Some malicious programs combine features of two or even three of these classes. Adware – Adware comprises programs which are included in software, unknown to the user, which is designed to display advertisements. Adware is usually built into software that is distributed free. The advertisement is situated in the program interface. These programs also frequently collect personal data on the user and send it back to their developer, change browser settings (start page and search pages, security levels, etc.) and create traffic that th euser cannot control. This can lead to a security breach and to direct financial losses.
Spyware – This software collects information about a particular user or organization without their knowledge. Spyware often escapes detection entirely. In general, the goal of spyware is to:
trace user actions on a computer;
gather information on the contents of your hard drive; in such cases, this usually involves scanning several directories and the system registry to compile a list of software installed on the computer;
gather information on the quality of the connection, bandwidth, modem speed, etc.
Riskware – Potentially dangerous applications include software that has no malicious features buy could form part of the development environment for malicious programs or could be used by hackers as auxiliary components for malicious programs. This program category included programs with the backdoors and vulnerabilities, as well as some remote administration utilities, keyboard layout togglers, IRC clients, FTP clients, FTP servers, and all-purpose utilities for stopping processes or hiding their operation.
Another type of malicious program that is similar to adware, spyware, and riskware are programs that plug into your web browser and redirect traffic. The web browser will open different web sites than those intended.
Jokes – Software that does not cause a host any direct harm, but displays messages that such harm has already been caused or will result under certain conditions. These programs often warn the user of non-existent dangers, such as messages that warn of formatting the hard drive (although no formatting actually takes place) or detecting viruses in uninfected files.
Rootkits –