Definition Of Trojan Horse

What is a Trojan Horse?

Trojan Horse is a program designed to breach the security of a computer system while ostensibly performing some innocuous and malicious function.

Trojan Horse can cause destruction of data, unexpected system behaviour, and trepass the security of systems without your knowledge. However the main difference between the Trojan Horse with the computer virus was that a Trojan Horse inability to replicate itself because it does not infect other programs or data. A Trojan Horse, named from Greek mythology's Trojan Horse, typically comes in good packaging in file but has some hidden malicious intent within its code. When the infection of Trojan Horse occurs, it will put the computers’ user in the way that will likely experience unwanted system problems in operation, or sometimes loss of valuable data; i.e. automatically delete the information from discs, make the system freeze or slower than before, steal personal information, and etc.

Routes Of Infections Of Trojan Horse

The majority of the infections of the Trojan Horse occurs because the user were tricked in to running an infected program. That’s why it was advised not to open a suspicious attachment and email. However, the infections will be directly occurs if the suspicious program sent through the Instant Message i.e. the famous Windows Live Messenger, downloaded from web sites or by USB flash drive ( the physical infections were seldom occurs). Most of the Trojan Horse hidden in the cute animate picture and image and the infections of the Trojan Horse were very rare, the infections often occur through the download.

Method Of Deletion Of The Trojans Horse From Your Computer

Deleting the Trojan Horses From your computer was not a simple way since computers’ user may not conscious about the existing of the Trojan Horse. However, there were several methods to deleting the Trojan Horse. The method was by clearing the temporary internet file regularly, or finding the suspicious file and deletes it by manually. Normally, the antivirus programs can be detect and delete the Trojan Horse automatically. If the antivirus can not do this, just reboot your computer into the safe mode or without networking, then run your antivirus programs to search the unwanted programs again and then the Trojan Horse could be deleted already.

In short, what is more important was the computers’ user should updates the antivirus data regularly to keep their computer from infected by unwanted programs and if there is an infection, the antivirus program can be deleting them.

Definition Of Computer Viruses

What is a VIRUS? What differences between Viruses with worm?

A computer Virus is a piece of codes or more simple an unwanted program that was surreptitiously loaded into your computer system without your knowledge in order to corrupt and destroy your computer data.

In fact, viruses are programs that infect other programs by adding to them a virus code to get access at an infected file start-up. This simple definition discovers the main action of a virus infection. The level of destructions of computer viruses are more powerful than those the computer worm, however spreading speed of computer viruses is lower than those of computer worms.

The effect of computer viruses varies from different damage so that you are unaware your computer has been infected and damaged little by viruses that wiping out the entire contents of disks. Viruses come in many different forms, are manmade and most are intentionally designed to replicate themselves automatically. When the virus program runs it makes a copy of itself and adds itself to another computer program. Each time the infected program is run the virus is also run. If your system is infected, you can easily spread the virus to others through shared disks and email attachments.

Types of viruses

Boot viruses - These viruses infect floppy disk boot records or master boot records in hard disks. They replace the boot record program (which is responsible for loading the operating system in memory) copying it elsewhere on the disk or overwriting it. Boot viruses load into memory if the computer tries to read the disk while it is booting.
e.g.: Form, Disk Killer, Michelangelo, and Stone virus

Program viruses - These infect executable program files, such as those with extensions like .BIN, .COM, .EXE, .OVL, .DRV (driver) and .SYS (device driver). These programs are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk.
e.g.: Sunday, Cascade

Multipartite viruses - A hybrid of Boot and Program viruses. They infect program files and when the infected program is executed, these viruses infect the boot record. When you boot the computer next time the virus from the boot record loads in memory and then start infecting other program files on disk.
e.g.: Invader, Flip, and Tequila

Stealth viruses - These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file’s size shown in the directory listing. For instance, the Whale virus adds 9216 bytes to an infected file; then the virus subtracts the same number of bytes (9216) from the size given in the directory.
e.g.: Frodo, Joshi, Whale

Metamorphic Viruses - A virus that can reprogram itself. Often, it does this by translating its own code into a temporary representation, edit the temporary representation of itself, and then write itself back to normal code again.

Polymorphic viruses - A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect by the anti-virus search engine.
e.g.: Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101

Macro Viruses - A macro virus is a new type of computer virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infects the Normal template (Normal.dot)-a general purpose file that stores default document formatting settings. Every document you open refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers.
e.g.: DMV, Nuclear, Word Concept.

Active X - ActiveX and Java controls will soon be the scourge of computing. Most people do not know how to control their web browser to enable or disable the various functions like playing sound or video and so, by default, leave a nice big hole in the security by allowing applets free run into their machine. There has been a lot of commotion behind this and with the amount of power that JAVA imparts; things from the security angle seem a bit gloom.

These are just few broad categories. There are many more specialized types. But let us not go into that. We are here to learn to protect our self, not write a thesis on computer virus specification.

Nowadays, Metamorphic Viruses & Polymorphic Viruses have been being the most deadly of malware for now. The table below show the differences between the Polymorphic Viruses and Metamorphic viruses.

The Differences Of The Polymorphic Viruses and Metamorphic Viruses.

POLYMORPHICS VIRUSES	METAMORPHIC VIRUSES
These kind of viruses encrypt it’s code to various codes every times when it replicate itself to infect a new file in order to keep being detected by the antivirus programs. These viruse used the Mutation Engine (MtE) and random- number generator module to encrypt their codes in different form. They are hard to found by the antivirus programs after the Metamorphic Viruses.	These kind of viruses hide themselves by rewrite them themselves completely each times they are to be infects a new executables. Metamorphic Engine was needed to rewrite themselves. Most of these kind of viruses are very large and complicated – almost 90% was it part of its Metamorphic Engine. Very hard to search by the antivirus programs.

Based on the data above, Metamorphic Viruses are more effective than the Polymorphic Viruses. For present time, only 30% of the unknown Polymorphic Viruses can be detected by the best antivirus program search engine. How about the METAMORPHIC VIRUSES which were even more powerful?

Definitions Of Computer Worm

So, what exactly is a computer WORM?

What actually do you know a Worm?

A computer WORM is a self-replicating program, and it able to spread and propagate itself across a network, typically having a detrimental effect.

Host computer that have been affected by worms will be entirely contained in the computer they run on and they will use network connections start to propagate themselves to other computers. Network computer worms consist of multiple parts called 'segments', each running on different machines, possibly performing different actions, and using the network for several communication purposes. Propagating a segment from one machine to another is only one of those purposes.

Worms: this type of Malware uses network resources for spreading. This class was called worms because of its peculiar feature to spread from computer to computer using network, mail and other informational channels in a very high spreading speed.

Worms intrude your computer, calculate network addresses of other computers and send to these addresses its copies. Besides network addresses, the data of the mail clients' address books is used as well. Representatives of this Malware type sometimes create working files on system discs, but may not deploy computer resources (except the operating memory).

A computer worm is different from its other infamous sibling - the virus. A worm does not infect or manipulate files, it makes clones of itself. Therefore a worm is a standalone working program. It can use the system transmission capabilities to travel from machine to machine merrily riding around like a happy-go-lucky vagabond. A worm, after lodging itself on one machine can spawn several clones of itself. Each of these clones then marches forth to conquer the cyber world.

How does the worms spread itself through the internet and network connections?

Haven you ask yourself, how and where do newly cloned computer worms going march to? A worm can open your email address book and, in a jiffy, despatch one clone each to each of the addresses listed. Of course, the machine has to be connected to the net. If it is not, the worm silently bides it time till the connection takes place. Chats and Instant messaging software like MIRC, MSN Messenger, Yahoo IM and ICQ can also act as unwitting carriers enabling the worm to spread like wildfire throughout the cyber world (the "Jitux" worm is an example). Every operating system has vulnerabilities which are thoroughly exploited by worms to propagate themselves. Windows systems are the usual target. A very prominent example of this is the Sasser worm which uses security holes in the Windows LSASS service.

Other worms spread only by using Backdoor infected computers. E.g. the "Bormex" worm relies on the "Back Orifice" backdoor to spread. There is a facility available within peer-to-peer networks known as the P2P folder which all users of the network share. A worm can simply copy itself into the shared folder and quietly wait for the other users to pick it up. If the folder does not exist, the worm simply creates it for the benefit of the users! How benevolent can worms be! In the hall of hoodlums, worm "Axam" gets top honours for such devious activity.

Some worms take on even more deceptive forms to snare users. Sending emails with malicious code embedded within the main text or as an attachment. Some worms act as SMTP proxies (Sircam, Nimda, Sasser & co) to spread quickly. Worms can attempt remote logins (especially on Microsoft SQL servers - the "Spida" worm does this quite elegantly!) to launch DDoS (distributed denial of service) attacks. Another favourite is injecting malicious code in running services on the server like "Slammer". Phew! The arsenal available to these worms is huge and ever growing.

Worms that will be remembered for generations to come for the damage they did to global commerce are Sasser, MyDoom, Sober, Blaster, Code Red, Melissa, and the Loveletter worm. Apart from the sleepless nights it caused the government and industry backed sleuths trying to track the worm, billions of dollars went down the drain to control their menace. The face of internet surfing and computerized operations was radically changed due to these worms.

What exactly is the nature of havoc that these worms bring to bear upon us? Well, Denial of service (DoS) is one situation that users of a server may find themselves in thanks to these programs. Unlike viruses, many worms do not intend to destroy the infected computer. More often than not they have a more important job to do - subvert the computer so that the worm's creator can use it often without the owner of the computer knowing anything about it.

Worm writers nowadays work together with Spammers (they make a nice twosome, don't they?) to send out unsolicited emails to increasingly overloaded inboxes. Their worms install backdoor Trojans to convert the home computer into a "zombie". The countless variants of the "Bagle" worm are the best known examples.

"Phishing" was the lastest fad in town. It tries to prise those secret password of bank accounts and credit cards from you......start to scared of it?!

History Of Internet Security

The first WORM that trespass the internet through the network connectionss has boost the wide attention of the internet users and this worm was actually written by a student! When it was released to an unsuspecting world in 1988, it damaged a lot of BSD UNIX machines before an angry world could track it down and catch both the WORM and its creator red-handed. The boy - Robert Tappan Morris Jr. – just only sixteen years old was convicted and fined.

Internet Security Informations And Tips

Welcome to my blog. In this blog, you will learn about the internet security informations, tips and why it is necessary to know the internet threats. By the way, I will recommended the best internet anti-virus and anti-spyware software to you soon!