DETAILS OF VIRUS!!!!
Page 1 of 1
DETAILS OF VIRUS!!!!
by mr.fr3ak Sat Dec 06, 2008 1:57 am
VIRUS>>
Viruses are "programs" that
modify other programs on a computer, inserting copies of themselves.
Viruses are not distinct programs - they cannot run on their own, and
need to have some host program, of which they are a part, executed to
activate them.
VARIETIES OF VIRUSES>>>
Stealth Virus: A stealth virus
has code in it that seeks to conceal itself from discovery or defends
itself against attempts to analyze or remove it. The stealth virus adds
itself to a file or boot sector but, when you examine, it appears
normal and unchanged. The stealth virus performs this trickery by
staying in memory after it is executed. From there, it monitors and
intercepts your system calls. When the system seeks to open an infected
file, the stealth virus displays the uninfected version, thus hiding
itself.
Macro viruses: Macro languages are (often) equal in
power to ordinary programming languages such as C. A program written in
a macro language is interpreted by the application. Macro languages are
conceptually no different from so-called scripting languages. Gnu Emacs
uses Lisp, most Microsoft applications use Visual Basic Script as macro
languages. The typical use of a macro in applications, such as MS Word,
is to extend the features of the application. Some of these macros,
known as auto-execute macros, are executed in response to some event,
such as opening a file, closing a file, starting an application, and
even pressing a certain key. A macro virus is a piece of
self-replicating code inserted into an auto-execute macro. Once a macro
is running, it copies itself to other documents, delete files, etc.
Another type of hazardous macro is one named for an existing command of
the application. For example, if a macro named FileSave exists in the
"normal.dot" template of MS Word, that macro is executed whenever you
choose the Save command on the File menu. Unfortunately, there is often
no way to disable such features.
Linux/Unix: The most famous of
the security incidents in the last decade was the Internet Worm
incident which began from a Unix system. But Unix systems were
considered virus-immune -- not so. Several Linux viruses have been
discovered. The Staog virus first appeared in 1996 and was written in
assembly language by the VLAD virus writing group, the same group
responsible for creating the first Windows 95 virus called Boza.
Like
the Boza virus, the Staog virus is a proof-of-concept virus to
demonstrate the potential of Linux virus writing without actually
causing any real damage. Still, with the Staog assembly language source
code floating around the Internet, other virus writers are likely to
study and modify the code to create new strains of Linux viruses in the
future.
The second known Linux virus is called the Bliss virus.
Unlike the Staog virus, the Bliss virus can not only spread in the
wild, but also possesses a potentially dangerous payload that could
wipe out data.
While neither virus is a serious threat to Linux
systems, Linux and other Unix systems will not remain virus-free.
Fortunately, Linux virus writing is more difficult than macro virus
writing for Windows, so the greatest virus threat still remains with
Windows.
SIGNS OF VIRUS INFECTION>>>]
* You get confirmations for e-mails you did not send.
* Your system seems unusually slow or certain programs will not run.
*
You have hardware problems such as stuck keys that repeat the same
character over and over, keyboard locking in CAPS mode, black
rectangles appearing on the screen at random, system lock-ups, etc.
*
You have software problems such as program lockups for no reason, menu
items react strangely, mode indicators like "CAPS LOCK" stop working,
etc.
* Error messages like "Incompatible file error" or "Not enough memory," appear for no apparent reason.
* You get unusual messages on your monitor, such as “Hacked by Chinese”.
ACTIONS AGAINST VIRUS>>>>
* Turn off your computer. DO NOT
click Start>Shut Down>Shut Down the Computer. That takes too
long. Simply push the power button and hold it until the computer shuts
off. This will prevent continued spread of the virus.
* Inform your IT department immediately and let them handle the problem. Do not panic or interrupt other users.
*
What if your company does not have its own IT department? What if you
are infected with a virus on your home PC? What should you do?
* The
first thing to do when you realize you are infected is to disconnect
your computer from your Internet connection. This will limit the spread
of the virus. If you have an “always on” connection, such as a network,
cable modem, or DSL, physically unplug the connection from your PC.
*
If your virus definitions are up to date and you simply neglected to
scan an attachment, scan it now to determine which virus has infected
your computer.
* If you need to update your definitions in order to
scan for the virus, try to download the definitions using another
computer and transfer them to your PC using diskettes or a CD.
*
Once you have determined the name of the virus, find the removal
instructions on the website of your anti-virus software (again, using
another computer), and follow them step-by-step. It is very important
to follow the instruction precisely. If you skip a step, you can
exacerbate the problem. Be very careful when making changes to the
registry and other system files. You can inadvertently do more damage
than the virus if you delete the wrong file.
Viruses are "programs" that
modify other programs on a computer, inserting copies of themselves.
Viruses are not distinct programs - they cannot run on their own, and
need to have some host program, of which they are a part, executed to
activate them.
VARIETIES OF VIRUSES>>>
Stealth Virus: A stealth virus
has code in it that seeks to conceal itself from discovery or defends
itself against attempts to analyze or remove it. The stealth virus adds
itself to a file or boot sector but, when you examine, it appears
normal and unchanged. The stealth virus performs this trickery by
staying in memory after it is executed. From there, it monitors and
intercepts your system calls. When the system seeks to open an infected
file, the stealth virus displays the uninfected version, thus hiding
itself.
Macro viruses: Macro languages are (often) equal in
power to ordinary programming languages such as C. A program written in
a macro language is interpreted by the application. Macro languages are
conceptually no different from so-called scripting languages. Gnu Emacs
uses Lisp, most Microsoft applications use Visual Basic Script as macro
languages. The typical use of a macro in applications, such as MS Word,
is to extend the features of the application. Some of these macros,
known as auto-execute macros, are executed in response to some event,
such as opening a file, closing a file, starting an application, and
even pressing a certain key. A macro virus is a piece of
self-replicating code inserted into an auto-execute macro. Once a macro
is running, it copies itself to other documents, delete files, etc.
Another type of hazardous macro is one named for an existing command of
the application. For example, if a macro named FileSave exists in the
"normal.dot" template of MS Word, that macro is executed whenever you
choose the Save command on the File menu. Unfortunately, there is often
no way to disable such features.
Linux/Unix: The most famous of
the security incidents in the last decade was the Internet Worm
incident which began from a Unix system. But Unix systems were
considered virus-immune -- not so. Several Linux viruses have been
discovered. The Staog virus first appeared in 1996 and was written in
assembly language by the VLAD virus writing group, the same group
responsible for creating the first Windows 95 virus called Boza.
Like
the Boza virus, the Staog virus is a proof-of-concept virus to
demonstrate the potential of Linux virus writing without actually
causing any real damage. Still, with the Staog assembly language source
code floating around the Internet, other virus writers are likely to
study and modify the code to create new strains of Linux viruses in the
future.
The second known Linux virus is called the Bliss virus.
Unlike the Staog virus, the Bliss virus can not only spread in the
wild, but also possesses a potentially dangerous payload that could
wipe out data.
While neither virus is a serious threat to Linux
systems, Linux and other Unix systems will not remain virus-free.
Fortunately, Linux virus writing is more difficult than macro virus
writing for Windows, so the greatest virus threat still remains with
Windows.
SIGNS OF VIRUS INFECTION>>>]
* You get confirmations for e-mails you did not send.
* Your system seems unusually slow or certain programs will not run.
*
You have hardware problems such as stuck keys that repeat the same
character over and over, keyboard locking in CAPS mode, black
rectangles appearing on the screen at random, system lock-ups, etc.
*
You have software problems such as program lockups for no reason, menu
items react strangely, mode indicators like "CAPS LOCK" stop working,
etc.
* Error messages like "Incompatible file error" or "Not enough memory," appear for no apparent reason.
* You get unusual messages on your monitor, such as “Hacked by Chinese”.
ACTIONS AGAINST VIRUS>>>>
* Turn off your computer. DO NOT
click Start>Shut Down>Shut Down the Computer. That takes too
long. Simply push the power button and hold it until the computer shuts
off. This will prevent continued spread of the virus.
* Inform your IT department immediately and let them handle the problem. Do not panic or interrupt other users.
*
What if your company does not have its own IT department? What if you
are infected with a virus on your home PC? What should you do?
* The
first thing to do when you realize you are infected is to disconnect
your computer from your Internet connection. This will limit the spread
of the virus. If you have an “always on” connection, such as a network,
cable modem, or DSL, physically unplug the connection from your PC.
*
If your virus definitions are up to date and you simply neglected to
scan an attachment, scan it now to determine which virus has infected
your computer.
* If you need to update your definitions in order to
scan for the virus, try to download the definitions using another
computer and transfer them to your PC using diskettes or a CD.
*
Once you have determined the name of the virus, find the removal
instructions on the website of your anti-virus software (again, using
another computer), and follow them step-by-step. It is very important
to follow the instruction precisely. If you skip a step, you can
exacerbate the problem. Be very careful when making changes to the
registry and other system files. You can inadvertently do more damage
than the virus if you delete the wrong file.
mr.fr3ak- New Member
-
Number of posts : 40
Age : 36
Location : bangladesh
mig33 username : mr.fr3ak
Referrer : tears_of_cry
Registration date : 2008-12-05
Similar topics» Mig33 details
» MIG33 MANAGEMENT TEAM!!(DETAILS)
» Intel Details 32nm Westmere Family Processors
» while your away (virus)
» Virus detected
» MIG33 MANAGEMENT TEAM!!(DETAILS)
» Intel Details 32nm Westmere Family Processors
» while your away (virus)
» Virus detected
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum|
|
|