Site hosted by Angelfire.com: Build your free website today!
Viruses
   1)Viruses:
           The virus is a computer program file capable of attaching to disks or other files and replicating itself repeatedly,typically without user knowledge or permission. Some viruses attatch to files so when the infected file exicutes, the virus also exicutes. Other viruses sit in a computers memory and infect files as the computer opens, modifies or creats the files.
   2)Worms:
           Worms are parasitic computer programs that replicate, but unlike viruses, do not infect other computer program files. Worms can create copies on the same computer, or can send the copies to other computers via a network. Worms often spread via IRC (Internet Relay Chat).
   3)Virus Hoaxes:
           Hoaxes are not viruses, but are usually deliberate or unintentional e-messages warning people about a virus or other malicious software program. Some hoaxes cause as much trouble as viruses by causing massive amounts of unnecessary e-mail. Most hoaxes contain one or more of the following characteristics: Warnings about alleged new viruses and its damaging consequences, Demands the reader forward the warning to as many people as possible, Pseudo-technical "information" describing the virus, Bogus comments from officials: FBI, software companies, news agencies, etc. If you receive an e-mail message about a virus, check with a reputable source to ensure the warning is real. Visit McAfee.com’s Virus Hoax page (http://vil.mcafee.com/hoax.asp) to learn about hoaxes and the damage they cause. Sometimes hoaxes start out as viruses and some viruses start as hoaxes, so both viruses and virus hoaxes should be considered a threat.
   4)Trojan Horse Program:
           A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses. A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses.

   Virus Examples
   Worms:
           VBS/Lisa.A@mm - The worm arrives in a e-mail message in the following format . Subject Click yes to vote against war.Body For voting agianst war , please open this message agian and click yes! It is very important! Thank you!
Upon opening this e-mail, the worm then fills the hard disk with up to 5000 folders names made up of random alphabets. These folders are then filled with text file containing the string. I will never stop loving you. It will then proceed to e-mail itself to everyone in the Microsoft Outlook Express Book. The worm also spreads through the MIRC and Kazaa networks altough this was not observed. It drops itself into the download directory for Kazaa as the following filenames: Silvia Saint Gangbang.avi.vbs , Brittney Spears nude.jpg.vbs , Christina Aguilera Nipple.jpg.vbs , Lolita.jpg.vbs , Madonna-Song.mp3.vbs , Jennifer Lopez.mp3.vbs
This worm also deletes all *.DOC files on the hard disk. It also deletes the REGEDIT.EXE and WIN.COM - rendering the victim machine incapable of starting Windows subsequently. In some cases, the worm may delete the data files USER.DAT and SYSTEM.DAT (and their backups after a certain time frame)
Aother payload of this worm is to reformat the C:\ driver by adding the following line into the AUTOEXEC.BAT file (This was not observed in testing)

   Hoaxes:
           This e-mail message is just a Hoax, currently we know of no newsgroup message about the Hoax as the initial email states.It is known to damage your computer very seriously. It is advised for you to delete any files that match this description. The reason being that you do not pass it on to others.

   Trojan Virus:
           McAfee products using the 4.2.40 engine and 4253 DATs (or greater)with program heuristics enabled proactively detect the server component as 'trojan or variant VB-BackDoor2.gen' (assuming scanning of compressed files is enabled). There are multiple variants of this trojan, and the specific actions taken are decided by the hacker who uses this trojan, so this description is a general guide. As with most remote access trojans, this threat appears to consists of multiple components: the configuration, client and server components. Once the server is running on the victim machine, the hacker is able to connect (and administer that machine) using the client component. The configuration component would allow the hacker to create slightly different versions of the trojan. When run on the victim's machine, the server component installs itself onto the system, typically copying itself to the Windows or System directory. For example, as C:\WINDOWS\SYSTEM\SHELL32EXEC.EXE. The server component can be used to offer many remote-administration functions to the hacker. These typically include: Opening/closing CD tray Turning on and off speakers Enabling/Disabling Ctrl+Alt+Del Minimizing windows Forcing system log-off/restart/shut-down/power-off Opening the internet browser/Notepad Retrieving/Sending victim machine information (Windows version/Computer name/Environment variables/passwords)


   Virus:
           This is a macro virus for Word97 documents and templates, and is also famous for its use of email propagation using MS Outlook! This virus was first posted to several newsgroups on March 26, 1999. This virus will infect Office97 systems which have been updated to SR1 update and above. This virus uses a self-check method to check for a setting in the registry to test if the system has already been infected. This virus also sets macro security level to low security in Office2000. Sending email messages via Outlook as mentioned above, text inserted into documents as mentioned above, macro warning when opening infected documents on a non-infected system, registry modifications as mentioned above. Opening infected documents will directly infect the local Word environment and any document used thereafter. It is very common for macro viruses to disable options within Office applications for example in Word, the macro protection warning commonly is disabled. After cleaning macro viruses, ensure that your previously set options are again enabled.