90 likes | 231 Views
Virus/ Trojans/ Worms etc and some Common issues. What is a Virus. http://www.trendmicro.com/vinfo/virusencyclo/. A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria:
E N D
What is a Virus http://www.trendmicro.com/vinfo/virusencyclo/ • A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. A virus must meet two criteria: • It must execute itself. (i.e. it is a PROGRAM). It will often place its own code in the path of execution of another program. (.exe .com) Viruses have the potential to infect any type of executable file i.e. program files including Macros, as well as some HTML documents which have javascript or active-x controls. Files that contain pure data, including graphics and sound such as .gif, .jpg,.mp3,.wav, or text only files such as txt, .dat, .doc will not infect your computer. • It must replicate itself. Since a virus is a software program it can do anything it is design to do. For example, it may replace, erase or corrupt other files or add to another executable file a copy of the virus infected file. Viruses can infect desktop computers and network servers alike.
What is a Trojan Horse? • A Trojan Horse is not a Virus. It, however, is a program, often harmful, that pretends to be something else. For example, you might download what you think is a new game, but when you run it the files on your hard drive are deleted, or your passwords are e-mailed to another person. • ( Note that the process of Downloading will NOT infect your system. It is only when the downloaded program is executed (run) that the computer becomes infected. N.B. the importance of scanning the downloaded program before opening or running it.) • Trojan Horses are impostors--files that claim to be something desirable but, in fact, are malicious. A very important distinction from true viruses is that they do not replicate themselves, as viruses do. Trojans contain malicious code, that, when triggered, cause loss, or even theft, of data. In order for a Trojan Horse to spread, you must, in effect, invite these programs onto your computers--for example, by opening an email attachment. The PWSteal.Trojan is a Trojan.
What is a Worm? • Worms are programs that replicate themselves from system to system (machine to machine) without the use of a host file. • Worms usually move around and infect other machines through computer networks. This is in contrast to viruses, which requires the spreading of an infected host file. • Worms use up computer time and network bandwidth when they are replicating, slowing down internet traffic. • Usually the worm will release a document that already has the "worm" macro inside the document. As an example the Code Red worm was designed to replicate itself for the first 20 days of the month, replace web pages on infected servers with a page that declares "hacked by Chinese" and finally at a specific time and date, launch a concerted attack on the White House Web server in an attempt to overwhelm it.
What is a virus hoax? • Virus hoaxes are messages, almost always sent by email, that amount to little more than chain letters. • Some of the common phrases used in these hoaxes are: · If you receive an email titled [email virus hoax name here], do not open it! Delete it immediately! · It contains the [hoax name] virus.· It will delete everything on your hard drive and [extreme and improbable danger specified here]. · This virus was announced today by [reputable organization name here]. · Forward this warning to everyone you know! • Most virus hoax warnings do not deviate far from the pattern described above and Warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings. • ! Beware of HOAX HOAXES (my term). If you are unsure if a virus warning is legitimate or a hoax, additional information is available at several Hoax information centers such as Trendmicro Virus Encyclopedia
Symptoms of Virus infections: • Change in File size. • Unusual messages or displays on the monitor • unusual sounds or music played at random times • less available memory than you should have • a disc or volume name has been changed • programs or files are suddenly missing • unknown programs or files have been created • Some files are corrupted or suddenly won't work properly • system slowdown • Symptoms commonly reported include: "My program takes longer to load suddenly." "The program size keeps changing." "My disk keeps running out of free space." "When I run CHKDSK it doesn't show 655360 bytes available." "I keep getting 32 bit errors in Windows." "The drive light keeps flashing when I'm not doing anything." "I can't access the hard drive when booting from the A: drive." "I don't know where these files came from." "My files have strange names I don't recognize." "Clicking noises keep coming from my keyboard." "Letters look like they are falling to the bottom of the screen." "My computer doesn't remember CMOS settings, the battery is new."
What is not a virus infection? • Because of the publicity that viruses have received, it is easy to blame any computer problem on a virus. The following are not likely to be caused by a virus or other malicious code: • Hardware problems. There are no viruses that can physically damage computer hardware, such as chips, boards, and monitors. • The computer beeps at startup with no screen display. This is usually caused by a hardware problem during the boot process. Consult your computer documentation for the meaning of the beep codes. • The computer does not register 640 K of conventional memory. This can be a sign of a virus, but it is not conclusive. Some hardware drivers such as those for the monitor or SCSI card can use some of this memory. Consult with your computer manufacturer or hardware vendor to determine if this is the case. You have two antivirus programs installed and one of them reports a virus. While this could be a virus, it can also be caused by one antivirus program detect the other program's signatures in memory.