How to Keep A Clean And Safe Computer.

[BxR]

Virus.Spyware.Malware.Trojan Guide All You need to know

First let me explain what a virus Is.

Viruses are "programs" that modify other programs on a computer, inserting copies of themselves. Viruses are not distinct programs - they cannot run on their own, and need to have some host program, of which they are a part, executed to activate them.

So with that said. How do you get them?

Most people get them by downloading a program and running an .exe file which executes the virus.

Here are some of the different kind of viruses.

Stealth Virus: A stealth virus has code in it that seeks to conceal itself from discovery or defends itself against attempts to analyze or remove it. The stealth virus adds itself to a file or boot sector but, when you examine, it appears normal and unchanged. The stealth virus performs this trickery by staying in memory after it is executed. From there, it monitors and intercepts your system calls. When the system seeks to open an infected file, the stealth virus displays the uninfected version, thus hiding itself.

Macro viruses: Macro languages are (often) equal in power to ordinary programming languages such as C. A program written in a macro language is interpreted by the application. Macro languages are conceptually no different from so-called scripting languages. Gnu Emacs uses Lisp, most Microsoft applications use Visual Basic Script as macro languages. The typical use of a macro in applications, such as MS Word, is to extend the features of the application. Some of these macros, known as auto-execute macros, are executed in response to some event, such as opening a file, closing a file, starting an application, and even pressing a certain key. A macro virus is a piece of self-replicating code inserted into an auto-execute macro. Once a macro is running, it copies itself to other documents, delete files, etc. Another type of hazardous macro is one named for an existing command of the application. For example, if a macro named FileSave exists in the "normal.dot" template of MS Word, that macro is executed whenever you choose the Save command on the File menu. Unfortunately, there is often no way to disable such features.

Linux/Unix: The most famous of the security incidents in the last decade was the Internet Worm incident which began from a Unix system. But Unix systems were considered virus-immune -- not so. Several Linux viruses have been discovered. The Staog virus first appeared in 1996 and was written in assembly language by the VLAD virus writing group, the same group responsible for creating the first Windows 95 virus called Boza.

Like the Boza virus, the Staog virus is a proof-of-concept virus to demonstrate the potential of Linux virus writing without actually causing any real damage. Still, with the Staog assembly language source code floating around the Internet, other virus writers are likely to study and modify the code to create new strains of Linux viruses in the future.

The second known Linux virus is called the Bliss virus. Unlike the Staog virus, the Bliss virus can not only spread in the wild, but also possesses a potentially dangerous payload that could wipe out data.

While neither virus is a serious threat to Linux systems, Linux and other Unix systems will not remain virus-free. Fortunately, Linux virus writing is more difficult than macro virus writing for Windows, so the greatest virus threat still remains with Windows.


What if your infected with something serious.

Well heres some things to do to get rid of your virus.

• You Should Immedently disconnect yourself from the internet.
• Delete any .exe files that you've just downloaded / ran
• Ctrl + Alt +Delete and look for sucipisious processes.
• Shut Down your computer
• Hold f6 f8 + f12 to bring up safe mode
• In safe mode run virus scanners.
• If all else fails just recover your computer.

Trojans :
What is a trojan.?

Definition: Trojan horse is a destructive program that masquerades as a benign application. Unlike a viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer (are programs that appear to have one function but actually perform another function).
Most trojans are in form of client/server. That means that a trojan has two programs. The one is the client (which the attacker will use) and the server (which the victim will run). In order for a trojan to work, requires "handshake" between client and server. Commands are send from and to the client from the server. The server listens on a specific port (or more than one) and waits for connection request. To connect a client to a server, we must get the ip (read our Tutorial about "Ip & ports" to learn howto). When connected, the attacker perform various commands using the client.


Note: The victim must run the server app on his/her PC in order to be able to connect to the remote PC.

Note: If the victim run the server and the attacker cant connect to the server, that usually means that victim has a firewall or a router (or an antivirus which detected the server and deleted it). This is easily bypassed by using a binder (MBinder find it under binders in d/l's) and an AV/Firewall killer.

Some programs that will help you stop your infection.

Read the Readme's First for important information

Malware Scanner : RapidShare: 1-Click Webhosting

Kaspersky Antivirus: Antivirus Software: Kaspersky Lab - Protection Against CrimeWare 30 day free trial

AvG Anti Virus // Anti Spyware AVG Anti-Virus and Internet Security - Welcome

Note: If you are having trouble with a virus contact me on MSN Or AIM




WILL BE UPDATING