Computer Virus, Worms, Botnets and Rootkits

[OneFinger]

Boy, it's getting harder than ever to keep up with all the bad things that inflect your computer. But, on todays M4M home page there was a link to an excellent article on a variant to a nasty virus.

 

Bagle, which is a worm virus, apparently has evolved to the point it can install botnets and rootkits on your computer. So, what's a botnet and a rootkit? According to the article:

 

Currently, Bagle is being used by its authors to create botnets, which these people use to sell to others or make money from for themselves. Presumably, the criminal underground operating Bagle is raking in the money. So it's not enough for Bagle to disable active antivirus protection. Now, Bagle's authors want to evade this defense entirely by storing the program's nastiest components deep inside the Windows system kernel, inside what's called a rootkit...

 

Basically, you might find yourself infected with Bagle. While your antivirus app will remove the virus from your system, what it leaves behind could be telegraphing your keystrokes and your personal information onto the Internet--and you'd have no way of knowing. Big win for virus writers; big loss for you and me....

 

http://reviews.cnet.com/4520-3513_7-6481082-1.html?tag=nl.e757

 

So, what are we supposed to do about this one?

 

About 2 weeks ago in Daddy's Place I posted for help with a computer problem. Boston Guy responded and recommended Spy Sweeper. Jackhammer, Delaware Guy, and ArlingtonVAGuy also confirmed they used it. It's now installed on my machine and it automatically updates itself 2-3 times per week!

 

Now, weeks later, the rest of the world is learning about what I heard first on M4M. According the above referenced article:

 

F-Secure offers a product called Backlight that's specifically designed to find and remove rootkits; Webroot's Spy Sweeper also detects some rootkits associated with spyware.

 

Thanks to the guys here that are willing to share valuable info! And, when you're on the internet, be sure to practice "safe hexing". ;-)

 

(I apologize if some find this post too long and boring. But, I thought it was useful info that deserves wide dissemination.)

[+ deej]

It's actually going to get worse before it gets better. The irony of the situation is that the more publicity malware gets, the more effort anti-virus vendors put into wiping them out, the harder malware authors have to work and the "better" they have to get to remain effective. x(

[Guest Tristan]

Another good product that I use is Ad-Aware SE Plus. You can buy the product directly from their web site or at CompUSA. The people at CompUSA felt it was as good as Spy Sweeper, but easier to use. Don't know if that's true, but I do know it has worked well for me. LiveUpdate is included for the first year, after which you buy an annual subscription to LiveUpdate.

 

Don't use the free edition. It finds the Spyware after it gets on your computer. That means having to run the program daily to delete the Spyware. The paid Ad-Aware include Ad-Watch, which keeps the Spyware from getting into your computer.

 

The URL for Ad-Aware is:

 

http://www.lavasoft.com

 

It's a Danish company that's been around for some time now. The Ad-Aware software has had a good reputation with a lot of favorable reviews.