Thread: PC_Tweaks
View Single Post
  #9  
Old Sunday, October 25, 2009
Waseemtabish's Avatar
Waseemtabish Waseemtabish is offline
Senior Member
 
Join Date: Oct 2006
Location: Bhakkar
Posts: 646
Thanks: 735
Thanked 702 Times in 333 Posts
Waseemtabish is a jewel in the roughWaseemtabish is a jewel in the roughWaseemtabish is a jewel in the roughWaseemtabish is a jewel in the rough
Default What'S a Virus

What'S a Virus



1) Virus is a little program that its activity can destruct/destroy
some files and a computer system. If this program does not open, It still stays
inactive and could not or will not destroy anything.

2) Virus program is brought by an email-virus as attachment, Where it
has a server itself (virus server). Virus attachments cannot go to
another email to be an attachment, Such as an email was sent by user
(netter), Member, Moderator Etc. It must be brought by its email
itself, Called EMAIL VIRUS.

3) EMAIL VIRUS would send by any email address of any account that it
finds from some mailbox and address-book's another person at anywhere.
So that a virus attachment could to become look like sent by our
friend, Our member, Our moderator etc... In this case even my be able
the virus attachment was sent by your email address yourself.

4) Identification of virus attachment: it has a small size file,

Quote:
100KB, And it has file name extension such as:


Quote:
*.scr
*.clp
*.pif
*.bat
*.exe
*.com
*.txt
*.doc
*.lhz
*.rhz
and some time it's compressed by *.zip file.
Also probably its name is HotMovie.MPEG__________scr.
Actualy the file is virus attachment file with extension . scr


5) Beside said above you may be able to know an EMAIL VIRUS from its
subject (an amazing name), Such as:

Quote:
Weah )
Hokki=)
Hi
ello !=))
Hello -)
Hey, dude, it's me
access Mpeg
Re: your text
Re: Text message
Re: Msg reply
Re: Is that your document?
Re: Hot Movie( MPEG)
Re: Information...
Re; Important info
Re: This is your photos!
and more, and more...

If you should received emails with extensions or subject matter as
above , You should delete it. And under no circumstances open it.
By the way don't give your email subject with a name look like EMAIL
VIRUS subject otherwise your email would be deleted by the recipient.

*** If one of your file in your hard disk has infected by virus, It'll
change into function to be virus and might could infected all of files
in your hard disk.
Classification of Virus:- Viruses can be subdivided into a number of types, the main ones being:

Quote:
*

Boot sector viruses
*

Companion viruses
*

Email viruses
*

Logic bombs and time bombs
*

Macro viruses
*

Cross-site scripting virus

Two other types of malware are often classified as viruses, even though they may not meet the standard criteria:

*

Trojan horses
*

Worms


Boot sector virus:-

A boot sector virus alters the boot sector, usually the 1st sector, of a bootable disk or hard drive. Boot sector viruses were prevalent in the 1980s.
Companion virus:-A companion virus does not have host files per se, but exploits MS-DOS. A companion virus creates new files (typically .COM but can also use other extensions such as ".EXD") that have the same file names as legitimate .EXE files. When a user types in the name of a desired program, if a user does not type in ".EXE" but instead does not specify a file extension, DOS will assume he meant the file with the extension that comes first in alphabetical order and run the virus. For instance, if a user had "(filename).COM" (the virus) and "(filename).EXE" and the user typed "filename", he will run "(filename).COM" and run the virus. The virus will spread and do other tasks before redirecting to the legitimate file, which operates normally. Some companion viruses are known to run under Windows 95 and on DOS emulators on Windows NT systems. Path companion viruses create files that have the same name as the legitimate file and place new virus copies earlier in the directory paths. These viruses have become increasingly rare with the introduction of Windows XP, which does not use the MS-DOS command prompt.

E-mail virus:-

An E-mail virus is a virus which uses e-mail messages as a mode of transport. These viruses often copy themselves by automatically mailing copies to hundreds of people in the victim's address book.

Logic bomb:-

A logic bomb employs code that lies inert until specific conditions are met. The resolution of the conditions will trigger a certain function (such as printing a message to the user and/or deleting files). An example of a logic bomb would be a virus that waits to execute until it has infected a certain number of hosts. A time bomb is a subset of logic bomb, which is set to trigger on a particular date and/or time.

Macro virus:-

A macro virus, often written in the scripting languages for Microsoft programs such as Word and Excel, is spread in Microsoft Office by infecting documents and spreadsheets.
Cross-site scripting virus:-A cross-site scripting virus (XSSV) is a type of virus that utilizes cross-site scripting vulnerabilities to replicate. A XSSV is spread between vulnerable web applications and web browsers creating a symbiotic relationship.

Trojan horse:-
Trojan Horses are impostor files that claim to be something desirable but, in fact, are malicious. Rather than insert code into existing files, a Trojan horse appears to do one thing (install a screen saver, for example) when in fact it does something entirely different, and potentially malicious, such as erase files. Trojans can also open back doors so that computer hackers can gain access to passwords, and other personal information stored on a computer.

Although often referred to as such, Trojan horses are not viruses in the strict sense because they cannot replicate automatically. For a Trojan horse to spread, it must be invited onto a computer by the user opening an email attachment or downloading and running a file from the Internet, for example. Trojan.Vundo is an example of a Trojan horse.

Worm:-

A worm is a piece of software that uses computer networks and security flaws to create copies of itself. A copy of the worm will scan the network for any other machine that has a specific security flaw. It replicates itself to the new machine using the security flaw, and then begins scanning and replicating anew.

Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. W32.Mydoom.AX@mm is an example of a worm.
Effects of computer viruses:-Some viruses are programmed to damage the computer by damaging programs, deleting files, or reformatting the hard disk. Others are not designed to do any damage, but simply to replicate themselves and make their presence known by presenting text, video, and audio messages. Even these benign viruses can create problems for the computer user. They typically take up computer memory used by legitimate programs. As a result, they often cause erratic behavior and can result in system crashes. In addition, many viruses are bug-ridden, and these bugs may lead to system crashes and data loss.
Host types:-Viruses have targeted various types of hosts. This is a non-exhaustive list:

Binary executable files (such as COM files and EXE files in MS-DOS, Portable Executable files in Microsoft Windows, and ELF files in Linux)

Volume Boot Records of floppy disks and hard disk partitions

The master boot record (MBR) of a hard disk

General-purpose script files (such as batch files in MS-DOS and Microsoft Windows, VBScript files, and shell script files on Unix-like platforms).

Application-specific script files (such as Telix-scripts)

Documents that can contain macros (such as Microsoft Word documents, Microsoft Excel spreadsheets, AmiPro documents, and Microsoft Access database files)
__________________
~It is possible to fail in many ways...while to succeed is possible only in one way.~
Reply With Quote
The Following 2 Users Say Thank You to Waseemtabish For This Useful Post:
ambren_kanval (Saturday, October 31, 2009), khanzada_111 (Tuesday, November 10, 2009)