Hello There, Guest!
View New Posts  |  View Today's Posts
[Explanation] Everything regarding viruses [Must read]

  • 0 Vote(s) - 0 Average


02-25-2012, 03:56 PM #1
Vexna
Member
**
Posts: 76 Threads:3 Joined: Feb 2012 Reputation: 5

Bug  [Explanation] Everything regarding viruses [Must read]
==============================================
Everything about viruses and spywares.

==============================================

================
What is a virus ?
================

A virus is a malicious software written in order to replicate on other computers.
It can also have the effect, desired or not, to interfere in more or less seriously disrupting the functioning of the infected computer.
It can spread throughout a medium of exchange of digital data such as the Internet, as well as floppy disks, CD-ROMs, USB keys, etc...
A virus is a small program, which, when it runs, loads itself into memory and executes the instructions that the author has programmed.
Viruses residents (also known as TSR, Terminate and Stay Resident) deal in the RAM of the computer to infect executable files launched by the user. Non-resident viruses infect programs on the hard drive from their execution.


==============================
Different type of viruses.

==============================

======================
Virus named "mutant".
======================

In fact, most viruses are clones, or more precisely "mutant virus", it means that the virus has been rewritten by other users to change their behavior or signature.

The fact that there are several versions (called variants, like if you use a botkiller, "Variants of CyberGate", etc) of the same virus makes it more difficult to spot because antivirus companies have to add the new signatures to their databases to be able to detect the viruses.


==========================
Virus named "polymorphic".
==========================

To the extent that the antivirus detects such viruses by their signature (the sequence of bits that identifies them), some virus writers have thought to give them the ability to automatically change their appearance, like a chameleon, by providing the encryption and decryption of their signature. Only these viruses are able to recognize their own signature. This type of virus is named "polymorphic virus".

==================
Virus named "retro".
==================

Named "retrovirus" or "bounty hunter", a virus with the ability to change the antivirus signatures to make them ineffective.
("AV-KILL")

====================
The boot sector virus.
====================

Named "boot sector virus" (or boot viruses), this virus is able to infect the boot sector of a hard disk (MBR or master boot record).


============================================
Virus named "Trans-application" (macro viruses).
============================================

With the proliferation of programs that use macros, Microsoft has developed a common scripting language that can be inserted into most of the documents may contain macros, this is VBScript, a subset of Visual Basic. These viruses are now arriving to infect macros in Microsoft Office documents, it means that this kind of virus may be located inside an ordinary Word document or Excel.
However, more and more applications support Visual Basic, these viruses can be hidden in many other applications that support VBScript.


==============================
Different type of spyware.
==============================

A spyware is a program that collects information about the user of the computer on which it is installed to be sent to the "hacker".

============================
BHO - Browser Helper Objects.
============================

BHOs are small programs that extend the functions of
a parent program such as Internet Explorer. For example, the BHO can
create navigation bars that piggyback on Internet Explorer (like
navigation bars, Yahoo or Google). BHOs can thus serve ads, redirect Internet connections of
users to different sites than those proposed or even cause the display
of pages other than those requested. BHOs have access to all web pages visited and are able
to convey much information about the habits of the users. BHOs are especially used in Internet Explorer.


============================
LSP - Layered Service Provider.
============================

LSPs are network drivers that control all data entering and leaving the computer in network connections as is the case on the Internet. A spyware is also able to control the LSP.
Spyware LSP are simply sniffers who have access, record and transmit to third parties any data exchanged (pages visited, information sent such as passwords for different services or even the account identifiers)


================
Keyloggers, RATs.
================

Keyloggers, RATs are small spy programs that record all keystrokes on a keyboard connected to an infected computer. Periodically, the keylogger sends the collected information to the attacker. The most sophisticated keyloggers do not just record keystrokes but also perform screen captures.
They aim to use all the facilities available to them on the computer of the victim such as:

1. Web camera - video capture of the environment around the computer.
2. Microphone - capture audio and communications environment around the computer.
3. Screenshots - capturing images of the activity of the computer
4. Capture diverse information - passwords, connection identifiers.


================
Tracking cookies.
================

The tracking cookies are the basis of cookies, nothing more than normal on the Internet, but unlike traditional cookies that are accessible and dedicated them to the only website that has passed, the tracking cookies are available at several Internet sites that which has the effect of allowing sites associated with these tracking cookies to track user activity on the Internet, sites visited and actions made ​​on each site visited.
As such, tracking cookies are not a risk to the computer system on which they are located but can be a strong attack on the privacy of users.
Companies that exploit the tracking cookies are usually shops and are often advertising.
========
Stealer.
========

A Stealer is a virus very popular. It steals all your passwords saved by your system.
When
the virus has completed to steal all information, they are sent to an
email where the creator of the virus has access, or on a CPanel.
Finally, it completely destroys your system.


========
Rootkit.
========

A
rootkit is a set of technics implemented by one or more software, which
aims to achieve and sustain access (generally not allowed) to a
computer.


A rootkit can be installed in another program, library or in the
nucleus of an operating system. Some may change the hypervisor running
on top of systems or firmware embedded in hardware. Most rootkits are
used to install malicious software on machines where access is granted.
Some suppliers of computer hardware, such as Sony, use them to ensure
compliance with the terms and conditions of their products by their
customers. Removing a rootkit is a difficult operation.

They are
generally classified as malware, but not always, they can use "viral
technics" to be transmitted (eg, using a virus or trojan horse). There
are tools for detection and protection methods to counter them but they
are not fully effective.


======
Dialer.
======

A dialer is a small program, usually installed without any action from
the "future" victim. Once installed, the dialer disconnects the active
connection to automatically reconnect, usually by a premium rate number
to another provider to offer access offering other types of content
(games, mp3, cracks, sex...)
In general the re-connection via dial is invisible to users.
It
should be noted that the act dialers by switched telephone lines (PSTN
via a modem) and have no impact on DSL lines in the absence of PSTN
modem connected.




Source: Google and my own knowledge.

If there are mistakes, or if you have something to add, please, send me a private message.

Vexna,
This post was last modified: 02-25-2012, 03:57 PM by Vexna.
Practice makes perfect, things hardly attained, are long retained.


02-25-2012, 04:30 PM #2
Predator
Staff
*****
Moderators
Posts: 2,488 Threads:427 Joined: Jun 2011 Reputation: 11

RE: [Explanation] Everything regarding viruses [Must read]
High quality member.


Very good & informative read. Keep up the good work!


02-25-2012, 04:31 PM #3
Ghoster
٩(◕▽◕)۶
*****
Posts: 1,236 Threads:162 Joined: Jun 2011 Reputation: 16

RE: [Explanation] Everything regarding viruses [Must read]
This is a pretty nice post. I just finished reading, and there's a couple on here that I actually didn't know about. I'll probably do more research on them later. Thank you, I appreciate it.

02-25-2012, 04:41 PM #4
Vexna
Member
**
Posts: 76 Threads:3 Joined: Feb 2012 Reputation: 5

RE: [Explanation] Everything regarding viruses [Must read]
Thank you everyone. Glad to know that it is informative.
This post was last modified: 02-25-2012, 04:43 PM by Vexna.
Practice makes perfect, things hardly attained, are long retained.


02-25-2012, 09:41 PM #5
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: [Explanation] Everything regarding viruses [Must read]
Lots of good information here, this is a good contribution. Hopefully we can back up our computer security area again over time, we've become centralized around programming, gaming, and Windows operating systems lately.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

02-25-2012, 09:44 PM #6
Vexna
Member
**
Posts: 76 Threads:3 Joined: Feb 2012 Reputation: 5

RE: [Explanation] Everything regarding viruses [Must read]
(02-25-2012, 09:41 PM)AceInfinity Wrote:  Lots of good information here, this is a good contribution. Hopefully we can back up our computer security area again over time, we've become centralized around programming, gaming, and Windows operating systems lately.

I hope too. It would be nice!
Practice makes perfect, things hardly attained, are long retained.


02-25-2012, 09:56 PM #7
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: [Explanation] Everything regarding viruses [Must read]
I know at GeekForums, that's ALL they really focus on, so the community there, doesn't fit well with what I do and what i'm interested in for computers. SevenForums is more on the programming, BSOD, and tech side which is what I like, but i'm banned there. There's several other forums that I could go to, but as far as i'm concerned TLF is still my number 1 pick, and MSDN for when I have no one to help here with .NET lol.

I'm a member there, I enjoy helping people out though, I just wish there were more members with problems here lol, for that reason. Helping people and sharing my knowledge is a hobby in itself for me. Just reminds me of when I was starting to learn about some of the things that I help others with, and I feel good that I can help somebody out in that way :)


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

02-25-2012, 10:15 PM #8
Vexna
Member
**
Posts: 76 Threads:3 Joined: Feb 2012 Reputation: 5

RE: [Explanation] Everything regarding viruses [Must read]
(02-25-2012, 09:56 PM)AceInfinity Wrote:  I know at GeekForums, that's ALL they really focus on, so the community there, doesn't fit well with what I do and what i'm interested in for computers. SevenForums is more on the programming, BSOD, and tech side which is what I like, but i'm banned there. There's several other forums that I could go to, but as far as i'm concerned TLF is still my number 1 pick, and MSDN for when I have no one to help here with .NET lol.

I'm a member there, I enjoy helping people out though, I just wish there were more members with problems here lol, for that reason. Helping people and sharing my knowledge is a hobby in itself for me. Just reminds me of when I was starting to learn about some of the things that I help others with, and I feel good that I can help somebody out in that way :)

Yeah, it is true, the forum is not well known yet, people with problems are active on other forums, but, I think, if we organize a "true" group, like HJT on HF, with teachers, helpers, students, the forum would be very active. I had read that you planned to do it with Quintus/Paradoxum (he is my teacher) but that you have ended the project, what happened?
Practice makes perfect, things hardly attained, are long retained.


02-26-2012, 01:29 AM #9
AceInfinity
Developer
*******
Administrators
Posts: 9,733 Threads:1,026 Joined: Jun 2011 Reputation: 76

RE: [Explanation] Everything regarding viruses [Must read]
Vexna Wrote:I had read that you planned to do it with Quintus/Paradoxum (he is my teacher) but that you have ended the project, what happened?

Where did you hear that I "ended the project"? Confused That is respectfully not true though, i've been waiting for months for Quintus to do anything, and he hasn't done anything. He's talked about it over this whole period of time (last 4+ months or more) and nothing new has happened at all. It was about a month to 2 months ago that he mentioned people were almost graduated, and that he'd move things over here soon to help us out but that is still unheard of, so i'm a bit annoyed with him for keeping us in the dark as to what is really going on here. Either he has been lying to me, or something had happened long the way all these times coincidentally that he's not been keeping us up to date with.

Edit: He does log in and out from time to time, but I really don't hear much from him... Here's his user profile on the forum: http://tech.reboot.pro/member.php?action=profile&uid=24

I am fairly certain that the talk of getting the forum set with a malware analysis team here has been going on for at least 4-6 months though, and that's the frustrating part.
This post was last modified: 02-26-2012, 01:40 AM by AceInfinity.


Microsoft MVP .NET Programming - (2012 - Present)
®Crestron DMC-T Certified Automation Programmer

Development Site: aceinfinity.net

 ▲
 ▲ ▲

02-26-2012, 07:06 AM #10
Vexna
Member
**
Posts: 76 Threads:3 Joined: Feb 2012 Reputation: 5

RE: [Explanation] Everything regarding viruses [Must read]
(02-26-2012, 01:29 AM)AceInfinity Wrote:  
Vexna Wrote:I had read that you planned to do it with Quintus/Paradoxum (he is my teacher) but that you have ended the project, what happened?

Where did you hear that I "ended the project"? Confused That is respectfully not true though, i've been waiting for months for Quintus to do anything, and he hasn't done anything. He's talked about it over this whole period of time (last 4+ months or more) and nothing new has happened at all. It was about a month to 2 months ago that he mentioned people were almost graduated, and that he'd move things over here soon to help us out but that is still unheard of, so i'm a bit annoyed with him for keeping us in the dark as to what is really going on here. Either he has been lying to me, or something had happened long the way all these times coincidentally that he's not been keeping us up to date with.

Edit: He does log in and out from time to time, but I really don't hear much from him... Here's his user profile on the forum: http://tech.reboot.pro/member.php?action=profile&uid=24

I am fairly certain that the talk of getting the forum set with a malware analysis team here has been going on for at least 4-6 months though, and that's the frustrating part.

Oh, I did not know. I hope everything will be up soon.
Practice makes perfect, things hardly attained, are long retained.





Forum Jump:


Possibly Related Threads...
Thread Author Replies Views Last Post
  One Of The Best Methods For Removing Viruses From Your Computer Ghoster 27 16,812 10-16-2011, 08:14 PM
Last Post: Digital-Punk


Users browsing this thread: 1 Guest(s)