The Preamble to the Constitution

WE THE PEOPLE of the United States, in Order to form a more perfect Union, establish Justice, insure domestic Tranquility, provide for the common defence, promote the general Welfare, and secure the Blessings of Liberty to ourselves and our Posterity, do ordain and establish this Constitution for the United States of America.

Friday, January 25, 2008

Why do I need more than a virus scanner on my computer??

Hey everybody !
 
TGIF and FYI (in case you did not know) Free Software (no money, no cost and no subscriptions) and why you absolutely need it.
 
 
 
 
 
 
Here is why you need these.
 
(One word of caution) -***Before you install any of these or follow my advice, uninstall any existing programs that do this work that you have running  to prevent them from fighting for control of your computer and crashing it beyond repair. *** If you are not technically capable, have somebody who is do it for you, if you blow your system up, its not my fault !!!
 
Fundamentally, these kinds of programs, combined with a great virus scanner, look for different types of computer threats. By using a pre- determined combination of a threat seeker (Ad-Aware), A bot sweeper (Spy-Bot), and a Virus scanner (whatever your system has) you are eliminating most (almost all except the esoteric ones) kinds of possible intrusions into your system.
 
Here is a short list of some of the things they look for and why you need it.
 
Biggest reason is because you probably use credit cards and have financial transactions executed by computer (Internet buying) - This is why I recommend being protected from this crap 100 % of the time, not to mention the problem of identity theft. One of the programs alone just doesn't do the job and no commercially available software is designed nor functions well enough to pay for it, in my opinion.
 
Most of these vicious little pieces of crap run in the background and unless you are a geek like me, you will never know it, until it is too late.
 
If you already are protected and are comfortable with what you have, don't change anything.
 
My challenge to you though is this.
 
If you ran Ad-Aware or SpyBot even one time and found even one thing wrong, would you still be comfortable and sure you were protected ?
 
(Stop here if you don't care about the rest of the story)

Resident Viruses
This type of virus hides permanently in the RAM memory. From here it can control and intercept all of the operations carried out by the system: corrupting files and programs that are opened, closed, copied, renamed etc. Resident viruses can be treated as file infector viruses. When a virus goes memory resident, it will remain there until the computer is switched off or restarted (waiting for certain triggers to activate it, such as a specific date and time). In the meantime it sits and waits in hiding, unless of course an antivirus can locate and eliminate it.

Direct Action Viruses
The principal aim of these viruses is to replicate and take action when they are run. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file path. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted. Files infected with this type of virus can be disinfected, and completely restored to their original condition.

Overwrite Viruses
This type of virus is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. Infected files do not change size, unless the virus occupies more space than the original file, because instead of hiding within a file, the virus replaces the files content. The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.

Boot Sector Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk. This kind of virus does not affect files, but rather the disks that contain them. First they attack the boot sector of the disk then, once you start your computer, the boot virus will infect the hard drive of your computer. The best way of avoiding boot sector viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.

Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These include Word documents (DOC extensions , Excel spreadsheets (XLS extensions), PowerPoint presentations (PPS extensions), Access databases (MDB extensions), Corel Draw and such. A macro is a small program that a user can associate to a file created using certain applications. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one. When a document containing macros is opened, they will automatically be loaded and may be executed immediately or when the user decides to do so. The virus will then take effect by carrying out the actions it has been programmed to do, often regardless of the program's built-in macro virus protection. There is not just one type of macro virus, but one for each tool: Microsoft Word, Microsoft Excel, Microsoft PowerPoint, Microsoft Access, Corel Draw, Lotus Ami Pro, etc.

Directory Virus
An operating system finds files by looking up the path (composed of the disk drive and directory) in which each file is stored. Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unwittingly running the virus program, while the original file and program have been previously moved by the virus. Once infected it becomes impossible to locate the original files.

Encrypted
Encryption is a technique used by viruses so that they cannot be detected by antivirus programs. The virus encodes or encrypts itself so as to be hidden from scans, before performing its task it will decrypt itself. Once it has unleashed its payload the virus will then go back into hiding.

Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.This makes it impossible for antiviruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.

Multipartite Virus
These advanced viruses can create multiple infections using several techniques. Their objective is to attack any elements that can be infected: files, programs, macros, disks, etc. They are considered fairly dangerous due to their capacity to combine different infection techniques.

File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified according to the actions that they carry out.

Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).

FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer. This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

Worms
A worm is a program very similar to a virus; it has the ability to self-replicate, and can lead to negative effects on your system and most importantly they are detected and eliminated by antiviruses. However, worms are not strictly viruses, as they do not need to infect other files in order to reproduce. Worms can exist without damaging files, and can reproduce at rapid speeds, saturating networks and causing them to collapse. Worms almost always spread through e-mail, networks and chat (such as IRC or ICQ). They can also spread within the memory of a computer.

Trojans or Trojan Horses
Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms. Trojans work in a similar way to their mythological namesake, the famous wooden horse that hid Greek soldiers so that they could enter the city of Troy undetected. They appear to be harmless programs that enter a computer through any channel. When that program is executed (they have names or characteristics which trick the user into doing so), they install other programs on the computer that can be harmful. A Trojan may not activate its effects at first, but when they do, they can wreak havoc on your system. They have the capacity to delete files, destroy information on your hard drive and open up a backdoor to your system. This gives them complete access to your system allowing an outside user to copy and resend confidential information.

Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs. Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.

False Viruses
These messages are often confused for viruses but are something else entirely. It is important to know the difference between a real virus threat and a false virus. Hoaxes are not viruses, they are false messages sent by e-mail, warning users of a non-existent virus. The intention is to spread rumors causing panic and alarm among users who receive this kind of information. Occasionally, hoax warnings include technical terms to mislead users. On some other occasions, the names of some press agencies are mentioned in the heading of the warnings. In this way, the hoax author attempts to trick users into believing that they have received a warning about a real virus. Hoaxes try to fool the user into performing a series of actions to protect themselves from the virus, sometimes leading to negative results. Users are advised not to pay attention to these misleading warnings and delete these messages once received without sending them to others.


 

Aside from viruses, there are many other things which threaten the security of a PC and this is not everything.

The following are a few primary examples:

Exploits/Vulnerabilities/Security Holes
     An exploit is a computer program, which circumvent computer security. There are many ways to exploit security holes. If a computer programmer makes a programming mistake in a computer program, it is sometimes possible for a hacker to misuse that mistake, causing damaging effects. These mistakes in programs are called exploits, vulnerabilities, or security holes. Some common exploiting techniques are stack exploits, heap exploits, format string exploits, etc.

Hackers/Crackers
     A hacker is someone who's really good at what they do with computers. Hackers are often confused with crackers, due to distortion in the media. Crackers are the real malicious ones. They break into other's computer systems, or dig into code (in order to make a copy-protected program run, for example). A hack, in software circles, is a quickly written short piece of code that makes something work. It may not be beautiful to look at, but it makes things function. Hackers are called hackers because they are the ones that program these hacks, they make things work, while crackers stop things from working.

Spyware
     Spyware is software or hardware installed on a computer without the user's knowledge which gathers information about that user for later retrieval by whomever controls the Spyware. Spyware can be broken down into two different categories, surveillance Spyware and advertising Spyware.

Surveillance software includes key loggers, screen capture devices, and Trojans. These would be used by corporations, private detectives, law enforcement, intelligence agencies, suspicious spouses, etc.

Advertising Spyware

Also sometimes known as "Adware", is software that is installed alongside other software or via activex controls on the internet, often without the user's knowledge, or without full disclosure that it will be used for gathering personal information and/or showing the user ads. Advertising Spyware logs information about the user, possibly including passwords, email addresses, web browsing history, online buying habits, the computer's hardware and software configuration, the name, age, sex, etc of the user. Advertising Spyware uses the CPU, RAM, and resources of the user's computer, making the user pay for the costs associated with operating it. It then makes use of the user's bandwidth to connect to the internet and upload whatever personal information it has gathered, and to download advertisements which it will present to the user, either by way of pop up windows, or with the ad banners of ad-supported software. All of this can be considered theft in the cases of advertising Spyware that installs without disclosure.

Spam
     Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it. Most spam is commercial advertising, often for dubious products, get-rich-quick schemes, etc . Spam costs the sender very little to send -- most of the costs are paid for by the recipient or the carriers rather than by the sender. Email spam targets individual users with direct mail messages. Email spam lists are often created by scanning Usenet postings, stealing Internet mailing lists, or searching the Web for addresses. Email spams typically cost users money out-of-pocket to receive. Many people - anyone with measured phone service - read or receive their mail while the meter is running, so to speak. Spam costs them additional money. On top of that, it costs money for ISPs and online services to transmit spam, and these costs are transmitted directly to subscribers.

This isn't a complete list, by any stretch of the imagination. I didn't mention things like root kits, browser hijackers, redirectors and active X installers or other junk because I am sure your head is about to blow up by now anyway.
 
If you eliminate the nastiest with these three types of programs, a vast majority of threat is eliminated and you are much better of because of it.
 
Have a great day !!

Thankx- bigmike

 
posted from "The Rant from bigmike" at http://bigmikerant.blogspot.com/
 
Take a second and check out my new business at http://answrtek.com and let me know what you think.
 

No comments:

Post a Comment

Comments are welcome (Keep it clean and I will publish it.) I fully support the 1st and 2nd amendments. Nasty comments and SPAM are deleted.