What are computer viruses?
A computer virus is a program that can infect other programs by modifying them to cause damage in the event (delete or damage files) or affect performance or safety.
This software is a very serious threat, is spreading faster than it takes to fix it. Therefore it is necessary for users to stay informed about the virus to escape the ignorance that allowed them to grow up to be a serious problem.
What are the main types of PC viruses?
The first class includes those infected files attached to regular programs, though some can infect any. A direct action virus selects one or more programs to infect each time the program is executed. One resident is hiding somewhere in memory the first time an infected program is executed, and then infects other programs when they are executed.
The second category consists of those infected system files or boot sector. These viruses infect the system area on a disk. There are some that run when Windows starts, and viruses that directly infect the boot sector of hard disks, and may even permanently damage them. There are other viruses that modify the entries to the file table for the virus to run. Keep in mind that these can cause loss of data (files).
How is the virus transmitted?
The most common way viruses are spread is by file transfer, discharge or enforcement of mail attachments. Also you may encounter a virus just by visiting certain types of Web pages that use a component called ActiveX or Java applet. In addition, you may be infected by a virus just by reading an e-mail within certain types of e-mail programs like Outlook or Outlook Express.
What does a virus do?
When a virus carries out the action that had been created, is said to run the load can be quite malicious and try to cause irreparable damage to
computer files destroying, replacing / overwriting the master boot sector, blurring the contents of the hard disk or even writing about the BIOS, leaving the computer unusable. Most viruses do not erase all files on the hard drive. The reason for this is that once you delete the hard disk will remove the virus, thus ending the problem.
Why do people create viruses?
Some viruses are created by the challenge of creating a threat that is unique, not detectable, or simply devastating to its victim. The creator expects the virus to spread in such a way that makes you famous. The notoriety increased when the virus is considered such a threat that antivirus manufacturers have to design a solution.
How do I know if I have a virus?
Many viruses are advertised themselves by producing a sound or displaying a message, but it is also common for a virus shows no signs of their presence at all. Viruses behave in different ways and there is no absolute indicator sign to remind you of their presence, an updated antivirus program is the only one who can tell us if you have an infection.
Virus: Happy99
Sent by mail program opens a window with fireworks. Manipulate Internet connectivity.
Virus: WinWord.Concept
Macro virus that infects the Normal.dot template. Message pops up on screen and Word malfunction.
Virus: FormatC
Trojan that infects the Word, when you open an infected file formats the hard drive.
Virus: VBS / Bubbleboy
Trojan is executed without opening an attachment (attachment), and is activated immediately after the user opens the mail. It creates serious problems.
Virus: I-Worm.Nimda
The virus arrives via e-mail attachment via "README.EXE" in an attached file, the message apparently empty but contains malicious code that exploits an exploit in Outlook and Outlook Express without upgrading (routine that uses the weakness of the system) to run the virus only display the message. When run it copies itself to the system directory under the name load.exe. It also replaces the library riched20.dll modifying itself to be loaded as a DLL. This DLL is used by other applications that work with Richedit Text Format such as Wordpad. To get into the computer the virus uses a well-known Windows vulnerability (from 29/03/2001) that allows the attachment of a message is automatically executed when reading the message.
Virus: W32/Frethem.J
Worm that spreads quickly via email with a message easy to recognize because its subject: Re: Your password!. Furthermore, the message includes the decrypt-password.exe file. Thus, the author of the worm tries to fool the recipient thereof to execute the attached file, thinking it contains a password that supposedly can access relevant information.
Virus: W32.Opaserv.Worm
It is a worm that spies on the network and tries to replicate resources shared by multiple network users. It copies itself to the file "scrsvr.exe" on the remote machine. The worm also tries to download updates www.opasoft.com direction, although the website has already been closed. Indicators of infection can include:
The existence of scrsout.dat scrsin.dat and in the root directory C: indicating local infection (the worm has been executed on the local machine)
The existence of tmp.ini in the root directory C: indicates remote infection (infected by a remote server)
The registry key HKLM \ Software \ Microsoft \ Windows \ Current Version \ Run contains a string value called ScrSvrOld ScrSvr or set to C: \ tmp.iniro
Virus: Win32.Worm.Benjamin
When the infected file is executed by this worm, it generates a lot of files like *. exe and *. scr names of movies, music and software applications in the Windows \ Temp \ sys32. If you installed the Kazaa shared folder change the program to C: \ Windows \ Temp \ sys32 so that if a network user find a file with a name similar to the names generated by the worm downloads a file infected. executables (bat, exe, scr).
Virus: W32/Choke.worm (Shoot)
MSN Messenger Worm Microsoft, also known as President Bush. The worm arrives via MSN Messenger, as a Visual Basic. The file name may vary but will always have the extension. EXE. When this file is executed, the worm displays a window like this: This program Choke Needs Flash 6.5 to run! [OK]. When executed, the worm can send itself to users of MSN that you discuss with the infected user.
Virus: W32.Bugbear @ mm
Alias: WORM_BUGBEAR.A, W32/Bugbear @ MM, I-Worm.Tanatos, W32/Tanat, I-Worm.Bugbear, NATOSTA.A, Win32.BugBear.A @ mm @ mm W32/Bugbear.A
It is a mass-mailing worm e-mail can also spread through network shares. It has backdoor capabilities that allow remotely control the infected system. In addition, several processes interrupts antivirus and firewall applications. It is written in Microsoft Visual C / C + + and compressed with UPX.
Bibliography:
+1 N3T
ReplyDelete