What does a worm infect?
Although a worm is similar to a virus, they act in a different way. The difference between a worm and a virus is that worms do not try to infect files. The main aim of worms is to spread using advanced propagation techniques, making copies of themselves in order to infect other computers. In most cases, these infections are carried out through e-mail, computer networks and IRC channels on the Internet. Worms can also replicate in the infected computer’s memory.
Worms that infect other computers copy the program that they use to carry out infection to a certain directory in the target computer. To do this, they spread through any of the possible entry points to other computers. A worm may also consist of several programs. In this case, each program will act under the one considered the main program. This variant is usually called a network worm.
How does a worm work?
Worms carry out infections in the following way:
1. The worm takes advantage of any security holes or vulnerabilities in the system or in a certain software tool to get into computers or a computer network.
2. The worm enters the computers that are accessible though a security hole.
3. From there it makes a copy of itself.
4. It then tries to enter every other computer it has access to from the infected system (either through a network or the Internet).
When a worm is run, it installs itself and remains inactive until the computer is restarted. However, each worm uses different techniques to ensure that it is run every time the infected computer is started up and a Windows session is started, for example, modifying the Windows Registry.
How to protect yourself against worms
The best way to protect yourself against worms is to seal every possible entry point to the system. These include e-mail and IRC connections. Besides these two– which are the most widely used entry points by recent worms -, every other entry point must also be protected.
Worms also exploit vulnerabilities in certain software tools, which Platinum Internet Security is capable of detecting and fixing automatically. This represents an effective protection that will prevent worms from entering the computer by taking advantage of these security holes in certain applications.
Types of worms
There are several types of worm depending on the language in which they are written and their means of propagation. These types include:
· E-mail worms. These worms spread via e-mail messages, using e-mail clients such as MS Outlook Express or MS Outlook.
· IRC worms (mIRC and Pirch worms). These worms spread via IRC (Chat) channels, using programs such as mIRC and Pirch.
· VBS worms (Visual Basic Script). These worms have been written or created using the Visual Basic Script language.
· Windows 32 worms. These worms use Windows API functions to spread.
For more information about viruses consult the Virus encyclopedia on the Panda Software website.