Types of Computer Viruses Types and their properties

| Kamis, 14 April 2011

Types of Computer Viruses Types and their properties
For the umpteenth time I will make a related article from a virus, a rare but once there you will be made dizzy by it, here I will write about the types of viruses, there is probably among us who do not know about the types of viruses that normally attack our computers, do not know it was love pal

1. Virus Compiler,
virus that has been compiled so that it can be executed directly. This is a virus that first appeared in the computer world, and now experiencing rapid development. The first Virs is very tough to eradicate because it is made with low language, assembler. Indeed, the language is suitable to create a virus but it is hard to use them. The advantages of this virus is capable of doing almost all the manipulation that where this is not always accompanied by another type of virus because it is more limited.

2. Virus Files,
This virus is a virus that uses a file that can diijalankan / executed directly. Usually the files *. EXE or *. COM. But it can also infect files *. SYS, *. DRV, *. BIN, *. OVL and *. OVY. Type virus can move from one media to any type of storage media and spread on a network.

3. Virus Systems,
The virus is better known as a Boot virus. Why this is so because the virus utilizes the files used to create a computer system. Often found in the floppy disk / storage place without us. We will use a computer (restart), then this virus will infect the Master Boot Sector and System Boot Sector if an infected floppy disk in the floppy drive / storage.

4. Boot Sector Virus,
viruses that are utilizing the relationship between computers and storage area for the spread virus.Apabila on the boot sector there is a program that is able to spread themselves and be able to stay in memory for a computer to work, then the program can be called a virus. Boot sector virus that is two viruses that attack and virus that attacks the floppy disk and partition table.

5. Dropper Virus,
the characteristics of the virus iini is when a program is modified to install a computer virus that becomes the target of attacks. after installed, the virus will spread but did not participate Dropper spread. Dropper can be a filename like Readme.exe or through Command.com which becomes active when the program runs. One program can Dropper there is some kind of virus.

6. Virus Script / Batch,
you know this virus was originally known by names such as the first batch viruses contained in a batch file that is in DOS.Virus script usually often obtained from the Internet because of the benefits of flexible and can run when we play on the internet, this type of virus usually stay in the file HTML (Hype Text Markup Language) is created by using a script such as Javascript, VBScript, 4 and combination of the scripts that activate Active-X programs from Microsoft Internet Explorer.

7. Macro Viruses,
viruses are made by using modular programming facilities in an application program such as Ms Word, Ms Excel, Corel WordPerfect, and so forth. Although this virus contained in a particular application but the danger posed no less berbahanya from other viruses.

8. Polymorphic Viruses,
you know that this virus can be said smart virus because the virus can change its structure after carrying out the task so difficult to detect by antivirus.

9. Stealth Viruses,
In contrast with this virus Viruses in general that is by modifying the file structure to meyembunyikan additional program code in it. This code allows the virus to menyembunyika themselves. All kinds of other viruses also take advantage of this code. The sizes of the files did not change after the virus infects a file.

10. Companion Virus,
This type of virus is looking for *. EXE file to create a *. COM file and copy to put the virus. The reason, the files *. COM *. EXE file run before.

11. Worm,
Viruses are very often we meet, this virus is a program that is parasitic because it can duplicate itself. However, the worm does not resemble viruses because they do not infect other computer programs. Therefore, the worm is not classified into the virus. Mainframe computers are the type that is often attacked by worm. Spread on other computers over a network. In the development Worm experience "genetic mutation" that in addition to create a new file, he will try to attach itself to a file, the virus is usually called Hybrid.

12. Hybrid Virus,
This virus is a virus that has two abilities can usually get into the boot sector and also to get into the file. One example of this virus is a virus Mystic made in Indonesia.

13. Trojan horses,
Just Like Virus Worm Can Say Quite often in the encounter virus called Trojan horses. Trojan Horse does not spread like the others. Therefore, it is not classified as a Trojan Horse virus although the same characteristics. Trojan infects a computer through a file that looks harmless and usually it seems to do something useful. But eventually become dangerous viruses, such as formatting the hard drive.

Virus Type VBScript
VBScript type of virus attacks are still very high, as is evident from the many reports that complain about these types of script viruses. One virus that shot high into the first sequence is Discusx.vbs. If you still remember with these viruses, the Virus Top-10 March 2011 edition, Discusx.vbs virus is in the order 5, but this time he shot up into the first order. The following list details:

1. Discusx.vbs
VBScript viruses this one, have a size around 4800 bytes. He will try to infect at some drive in your computer, including flash disk drive, which if infected will create the file autorun.inf and System32.sys.vbs on the root drive. In addition, he will change the caption of Internet Explorer into ".:: Discus-X SAY MET LEBARAN! [HAPPY LEBARAN ?!]::.".

2. Reva.vbs
virus type VBScript Make us quite a bit of throe. He will try to spread itself to every drive on your computer including flash disk drive. On the drive there will be infected reva.vbs files, autorun.inf, and shaheedan.jpg. In addition, he will change the default page of Internet Explorer to point to the site http://www.arrahmah.com.

3. XFly
PC Media Antivirus recognizes two variants of this virus, namely XFly.A and XFly.B. Just like most other local viruses, he created using Visual Basic. Has the body size of 143,360 bytes without in-compress. And he can masquerade as folders, MP3 files with WinAmp or other direct means to change the existing resource icon on his body. It would be more difficult for ordinary users in recognizes. At the infected computer, when running Internet Explorer, its caption will change to "..:: x-fly ::..", and when you start Windows also will display the message of the creator of the virus in the default browser. Or every time show at 12:30, 16:00, or 20:00, even this virus will display a black screen that also contains a message from the creator of the virus.

4. Explorea
Viruses that are compiled using Visual Basic comes with a size of about 167,936 bytes, with no in-compress. Using the standard Windows folder-like icon to trick the victim. This virus will attack your Windows Registry to change the default open of several extensions such as. LNK,. PIF,. BAT, and. COM. At the infected computer, at certain times sometimes the error message, for example when opening the System Properties.

5. Gen.FFE
Gen.FFE or manufacturer named Fast Firus Engine is one of the locally made program Virus Generator. By simply using this program, did not take long to be able to create a virus / new variant. Virus output of this program uses the default folder icons like the default Windows image. He also will block access to Task Manager, Command Prompt, and eliminate some of the menu on the Start Menu. He will also read the caption of the current program, if there are strings associated with the antivirus program will soon be closed to him.

6. Empty
Viruses are also made using Visual Basic and had a folder icon has a body size of about 110,592 bytes, without being compressed. Lots of changes he made in Windows, such as the Registry, File System, and so forth, which can even cause Windows can not be used as appropriate. On computers that are infected by this virus, when you start Windows will display a message from the creator of the virus.

7. Raider.vbs
This VBScript virus type measuring about 10,000 bytes, if the virus file is opened with Notepad for example, it is not a lot of strings that can be read because of the condition unencrypted. In the Registry, it also gives recognition to create a new key in HKLM \ Software with the same name as the name of the computer name, the contents of a string value as the name of the virus, Raider, and the date the first time the computer is infected.

8. ForrisWaitme
Viruses are created with Visual Basic using the Windows default folder icon similar to the disguise. Some ulahnya was to swap the function of the left with the right mouse button, removes the Folder Options menu, create a file message "read saya.txt" on the drive is infected, and there are still others.

9. Pray
Local virus was created using Visual Basic. We found 2 variants of this virus, for variant Pray.A has no icon, while for variant Pray.B use Windows Explorer-like icon. If your computer is infected by this virus, when the computer clock on the show at 05:15, 13:00, 16:00, 18:30, or 19:45, the virus displays a message reminding the user to perform prayers.

10. Rian.vbs
VBScript virus has a size of 3788 bytes. When infected, it will create new files autorun.inf and RiaN.dll.vbs at the root of each drive that is installed on the victim's computer, including the Flash Disk. Computers that are infected by this virus, caption of Internet Explorer will change to "Rian P2 Cantiq PR.

Here are examples of Various Kinds of Computer Viruses are often encountered:

Virus: Trojan.Lodear
Trojan Horse attack when we download data from the internet. This virus will inject the file. etc. to internetexplorer.exe that cause system instability.

Virus: W32.Beagle.CO @ mm
Is a virus that sends mass emails to sites that have low security level. This virus can delete registry keys and its parts and may block access to security network website.

Virus: Backdoor.Zagaban
Trojan virus on this one particular computer injects to be used as a refuge to damage the network or network related.

Virus: W32/Netsky-P
The virus is able to deploy bulk mail itself to email addresses that are produced by a file on your PC / local drives.

Virus: W32/Mytob-GH
Virus spreader bulk mail and IRC is a Trojan for the Windows-based computers. Messages sent by this virus with a title chosen at random from lists that already exist such as: warning barring an account, email account suspension, safety measures, member support, a warning is important.

Virus: W32/Mytob-EX
Viruses that spread the bulk mail and IRC Trojan-like W32-mytob-gh. W32/mytob-ex continuously in the background, providing a back door for the server to reach another computer via IRC channels. The virus is spread by itself, particularly to address email attachments.

Virus: W32/Mytob-AS, Mytob-BE, Mytob-C, and Mytob-ER
This virus family have the same karasteristik for what they are doing. They spread the bulk email that can be controlled via Internet Relay Chat (IRC) network. In addition, they can distribute email via a variety of computer operating systems are weak such as LSASS (MS04-011).

Virus: Zafi-D
Brazilians virus bulk email sender and peer-to-peer which makes copies of itself to the Windows system folder with filenames nortonupdate. exe. This virus can make a number of files in the Windows system folder with filenames consisting of 8 random characters and a DLL extension. w32/zafi-d copying itself to folders with names containing share, upload, or music as ICQ 2005anew! . exe or winamp 5.7 new! . exe. W32/zafi-d declarant will also display an error box that deceive with the title "CRC: 04f6Bh" and the text "Error in packed file! ".

Virus: W32/Netsky-D
The virus is also sent through an IRC backdoor attack that serves also infect computers vulnerable.

Virus: W32/Zafi-B
This virus attacks the peer-to-peer (P2P) and email the virus will copy itself to the windows system folder which will be named automated random.

Virus Bagle.BC
BC Bagle virus is one type of virus that is dangerous and has entered the top ranking of the fastest type of virus affecting our computer. Several hours after the release of this virus, there are already 2 pieces Bagle variant (Bagle BD and BE), which spreads via e-mail, computer networks and P2P applications. This virus spreads via e-mail with a variety of different subjects. According to a study from Panda Software BC Bagle virus is seeping into the e-mail with the subject, among others: Re:, Re: Hello, Re: Hi, Re: Thank you, Re: Thanks. Attachment is also diverse, including:. Com,. Cpl,. Exe,. Scr. BC Bagle virus is also able to terminate antivirus programs.

Backdoor Alnica
Viruses are also dangerous this is one type of Trojan horse virus. Is one that if successful backdoor virus infects the computer be able to remotely access and retrieve any information desired by the attacker. The operating system is attacked by the virus include: Windows 200, Windows 95, Windows 98, Windows Me, Windows NT and Windows XP. The virus is about the size of 57,856 bytes.

so hopefully this article can be useful to buddies

0 komentar:


Copyright © 2010 onepointnet