ESET SMART SECURITY User's Guide Page 43
- Page / 46
- Table of contents
- BOOKMARKS
Rated. / 5. Based on customer reviews
43
6. Glossary
6.1 Types of infiltration
An Infiltration is a piece of malicious software trying to enter and/or
damage a user’s computer.
6.1.1 Viruses
A computer virus is an infiltration that corrupts existing files on your
computer. Viruses are named after biological viruses, because they use
similar techniques to spread from one computer to another.
Computer viruses mainly attack executable files and documents. To
replicate, a virus attaches its “body“ to the end of a target file. In short,
this is how a computer virus works: after execution of the infected
file, the virus activates itself (before the original application) and
performs its predefined task. Only after that is the original application
allowed to run. A virus cannot infect a computer unless a user, either
accidentally or deliberately, runs or opens the malicious program by
him/herself.
Computer viruses can range in purpose and severity. Some of them
are extremely dangerous because of their ability to purposely delete
files from a hard drive. On the other hand, some viruses do not cause
any damage – they only serve to annoy the user and demonstrate the
technical skills of their authors.
It is important to note that viruses (when compared to trojans or
spyware) are increasingly rare because they are not commercially
enticing for malicious software authors. Additionally, the term “virus”
is often used incorrectly to cover all types of infiltrations. This usage
is gradually being overcome and replaced by the new, more accurate
term “malware” (malicious software).
If your computer is infected with a virus, it is necessary to restore
infected files to their original state – i.e., to clean them by using an
antivirus program.
Examples of viruses are: OneHalf, Tenga, and Yankee Doodle.
6.1.2 Worms
A computer worm is a program containing malicious code that
attacks host computers and spreads via a network. The basic
dierence between a virus and a worm is that worms have the ability
to replicate and travel by themselves – they are not dependent on host
files (or boot sectors). Worms spread through email addresses in your
contact list or exploit security vulnerabilities in network applications.
Worms are therefore much more viable than computer viruses. Due to
the wide availability of the Internet, they can spread across the globe
within hours or even minutes of their release. This ability to replicate
independently and rapidly makes them more dangerous than other
types of malware.
A worm activated in a system can cause a number of inconveniences:
It can delete files, degrade system performance, or even deactivate
programs. The nature of a computer worm qualifies it as a “means of
transport“ for other types of infiltrations.
If your computer is infected with a worm, we recommend you delete
the infected files because they likely contain malicious code.
Examples of well‑known worms are: Lovsan/Blaster, Stration/
Warezov, Bagle, and Netsky.
6.1.3 Trojan horses
Historically, computer trojan horses have been defined as a class of
infiltrations which attempt to present themselves as useful programs,
thus tricking users into letting them run. But it is important to note
that this was true for trojan horses in the past–today, there is no
longer a need for them to disguise themselves. Their sole purpose
is to infiltrate as easily as possible and accomplish their malicious
goals. “Trojan horse” has become a very general term describing any
infiltration not falling under any specific class of infiltration.
Since this is a very broad category, it is often divided into many
subcategories:
Downloader – A malicious program with the ability to download
other infiltrations from the Internet.
Dropper – A type of trojan horse designed to drop other types
of malware onto compromised computers.
Backdoor – An application which communicates with remote
attackers, allowing them to gain access to a system and to take
control of it.
Keylogger – (keystroke logger) – A program which records each
keystroke that a user types and sends the information to remote
attackers.
Dialer – Dialers are programs designed to connect to premium‑rate
numbers. It is almost impossible for a user to notice that a new
connection was created. Dialers can only cause damage to users with
dial‑up modems, which are no longer regularly used.
Trojan horses usually take the form of executable files with the
extension .exe. If a file on your computer is detected as a trojan horse,
it is advisable to delete it, since it most likely contains malicious code.
Examples of well‑known trojans are: NetBus, Trojandownloader.
Small.ZL, Slapper
6.1.4 Rootkits
Rootkits are malicious programs that grant Internet attackers
unlimited access to a system, while concealing their presence.
Rootkits, after accessing a system (usually exploiting a system
vulnerability), use functions in the operating system to avoid
detection by antivirus software: they conceal processes, files and
Windows registry data. For this reason, it is almost impossible to
detect them using ordinary testing techniques.
There are two levels of detection to prevent rootkits:
1. When they try to access a system. They are still not present,
and are therefore inactive. Most antivirus systems are able to
eliminate rootkits at this level (assuming that they actually detect
such files as being infected).
2. When they are hidden from the usual testing. ESET NOD32
Antivirus users have the advantage of Anti‑Stealth technology,
which is also able to detect and eliminate active rootkits.
6.1.5 Adware
Adware is a short for advertising‑supported software. Programs
displaying advertising material fall under this category. Adware
applications often automatically open a new pop‑up window
containing advertisements in an Internet browser, or change the
browser’s home page. Adware is frequently bundled with freeware
programs, allowing their creators to cover development costs of their
(usually useful) applications.
Adware itself is not dangerous – users will only be bothered with
advertisements. Its danger lies in the fact that adware may also
perform tracking functions (as spyware does).
If you decide to use a freeware product, please pay particular
attention to the installation program. The installer will most likely
notify you of the installation of an extra adware program. Often you
will be allowed to cancel it and install the program without adware.
Some programs will not install without adware, or their functionality
will be limited. This means that adware may often access the system
in a “legal” way, because users have agreed to it. In this case, it is better
Related products and manuals for Antivirus security software ESET SMART SECURITY
(53 pages)© 2020, manymanuals.com. All rights reserved. | 1.877 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals