Computer virus, types of computer viruses. Types of computer viruses

Today we are going to learn about the types of computer viruses. In fact, this issue requires a lot of attention. After all, in modern world virus attacks began to take up quite a lot of “space”. And now absolutely every user is faced with a computer infection. Depending on what virus is on the computer (its type), we use different variants computer treatment. Let's get started with today's question. Maybe this will help many people save important and personal data.

Worms

It is worth noting right away that types of viruses can be dangerous and not very dangerous. We'll start with the least terrible ones - worms. Just 10 years ago, such an infection was considered quite serious and caused panic among many users. Only now it has become clear that this is not at all as dangerous as it might seem at first glance.

A worm is a malicious program that makes copies of itself, thereby cluttering up the computer. The action of such a virus, as a rule, is aimed at slowing down the system and disabling it (as a result - the appearance of “brakes”). Worms cannot penetrate or infect other programs. So, if you are faced with such an infection, then it will be enough to simply scan your PC with an antivirus and identify the “habitat” of the worm and then remove it. But types of viruses are not limited to such “fun”. There are much more unpleasant options. Which ones exactly? Let's get to know them.

Spam

The next "candidate" on the list is spam. To be honest, this cannot be attributed to a virus. Rather, it is some kind of malware. But what is she doing?

Probably many people have encountered constantly popping up advertising banners, as well as annoying advertising. This is exactly what spam is. It penetrates the computer, is encrypted, and then begins to embed itself in browsers and other applications. Next it shows us a lot of advertisements and banners. Often there are so many of them that it is impossible to work.

The types of viruses are varied. Spam is just as varied. The thing is that there is such an infection that shows us operating system blocker banners on the entire screen. And they can’t be moved anywhere. The user is informed that his computer is locked, and to unlock it he needs to send special code on short number from a mobile phone. In truth, this is a well-known method of fraud.

In general, as practice shows, spam is not particularly dangerous. Unless, of course, he was “picked up” on sites of an intimate nature. You will simply be surrounded by advertising everywhere, and your computer will experience slowdowns. Plus, sometimes your personal data stored in the browser is at risk. But there is no need to be afraid. This type of computer infection can be treated like worms - by scanning your computer with an antivirus and then removing the threats. As you can see, there is nothing difficult yet. But the types of viruses are not limited to just two types. There are also several other quite interesting options.

Zombie

Not long ago, such a concept as a zombie virus appeared. This is a rather interesting point that is worth considering when studying computer infections.

After all, the so-called zombies help their owner (in our case, a hacker) to manage an infected computer. As a rule, such an infection penetrates a computer under the guise of an application or useful utility. A virus in the form of a program is very difficult to recognize.

Once infiltrated into the operating system, the hacker gains access to your computer. And here you may experience various “glitches” - deleting and moving data, installing new content, and so on. True, often such signs are not observed. They just secretly send spam and make malicious mailings from your computer. So you may not even realize that your computer is “zombified.”

Kinds harmful viruses, as you can see, are varied. But, nevertheless, they are all detected in the same way - using an antivirus program. Set it to deep scanning and wait for the process to complete.

To be honest, it is extremely difficult to get rid of a zombie virus. It is much easier to simply reinstall the operating system and be more careful when surfing the Internet in the future. But the types of computer viruses do not end there. There are also a number of more dangerous infections that have to be looked for extremely quickly. About what we're talking about? Now we will find out about this.

Spies

Now we are moving on to more dangerous types of computer infections. Let's start with perhaps the most common option - spies. What it is?

There are types of PC viruses that are aimed at obtaining information about user behavior. We have already studied spam. Some of its types, as already mentioned, are capable of stealing browser data. But there are also so-called computer spies.

This type of virus is encrypted several times better than spam. It is aimed solely at obtaining data about the user and his personal information. For example, passwords and logins from online wallets. The spyware does not appear in any way in the operating system if there are no more viruses on the computer. Sometimes, to tell the truth, you may notice system “brakes”, as well as small system failures - all this is the work of the “spy”.

It is very difficult to remove such an infection. An antivirus is not enough for this. As a rule, you can now find special anti-spyware applications. They are the best at finding and removing this infection. For example, there is such an application as SpyHunter. This is the unsurpassed leader in the fight against spies. But there are also more dangerous types of viruses. Which ones exactly?

Trojan

For example, the most dangerous infection is considered to be a Trojan. This is a virus that is introduced into the system and encrypted under secure applications. More precisely, it becomes part of them. Once they reach your computer, Trojans begin to operate.

What are they aimed at? To obtain data, delete it, move it, install new unnecessary content, destroy the operating system - everything that only negatively affects the computer. The Trojan's actions are varied and unpredictable. This virus cannot reproduce on its own. But it is difficult to remove. In advanced cases, only reinstalling the operating system helps.

Conclusion

Today we learned about the types of computer viruses. As you can see, they are all diverse and differ in their effect and the degree of damage to the system.

If you notice the appearance of “brakes” on your computer, as well as the deletion/movement/change of data, then it is worth checking the system with an antivirus. Don't delay this. Do you doubt your own abilities? Then contact service center. They will definitely help you there.

Imagine that the Internet is a city. Surely it would be the most original and diverse, but at the same time the most dangerous city on the planet. The best libraries in the world would coexist here with the most suspicious pornographic cinemas.

In such a city, not everyone is who they seem, and it’s impossible to vouch even for yourself. You may suddenly discover that you are a persistent offender, although you yourself are not aware of it. Perhaps you have been used for a long time, and you don’t even know how to stop it.

This is roughly the situation the owner of a zombie computer finds himself in. Burglar - computer hacker, who uses his talents for evil, secretly penetrates the system of an unsuspecting user and uses it to carry out illegal activities. The victim most often has no idea that her computer has been taken over by an attacker: after all, you can use it the same way as before, except that the speed of operation is reduced. Meanwhile, the infected computer becomes the main source of spam or attacks on WEB pages, turning its owner into the main suspect in all kinds of investigations.

A user may unexpectedly discover that their Internet service provider has terminated their contract with them, or even find themselves under investigation for criminal activity. Meanwhile, the burglar will simply cross him off from his endless list of zombies and move on to the next one. And he has a lot of them: they say that during one investigation, a hacker's computer was discovered that controls an entire network of more than one and a half million zombies (source - TechWeb).

In this article we will talk about how hackers take over other people's computers, why they need it and how to protect themselves from them.

Hacking a computer

Hackers turn computers into zombies using special applications exploiting operating system vulnerabilities. At first glance, they may seem like they are great computer experts, but in fact, many hackers have virtually no programming experience or knowledge. Sometimes they are called young amateurs, because most often they are really young people who do not even know how to write a script or code properly. Investigators who specialize in botnets note that the programs used by hackers are usually primitive and very poorly designed. But despite this, they quite successfully cope with their main task - to turn as many computers as possible into zombies.

Most often, Trojans are distributed via email. Their developers typically use mass mailing techniques to send their applications to hundreds or even thousands of unsuspecting users at once. Those who open such emails and download the attached files become victims of system infection.

To infect a computer, an attacker must first force the user to install the zombie application. Such applications are distributed through Email, peer-to-peer networks and even using regular WEB sites. Most often, malware is hidden behind harmless names and extensions so that the victim thinks that he is opening absolutely secure file. However, users in Lately are becoming more attentive, and hackers are forced to look for new ways to deceive. You've probably seen pop-up windows asking you to open or install something and a "No Thanks" button. We hope you didn’t click on it - very often such buttons simply serve as a cover and, instead of closing the annoying window, start downloading malware.

But getting the user to download the program is only half the battle: you need him to run it. In most cases, victims of hackers launch malicious applications thinking that they are opening something completely different - an image, video or other recognizable file format. When you try to open such a file, nothing usually happens. Experienced users are immediately alarmed by this, and they begin to scan the system with anti-spyware applications. Unfortunately, many people simply decide that they downloaded a corrupted file and leave everything as is.

Meanwhile, running program infects one of the components of the operating system and then runs every time the computer is turned on. Hackers always infect different parts of the system, so it can be very difficult for the average user to find and delete the problematic file.

A malicious program usually contains instructions to perform a particular task in certain time, or simply allows the attacker to control all network activity of the user. Many programs of this kind work using the IRC protocol (Internet Relay Chat - a system of interactive communication over the Internet). IN IRC networks There are even communities of botnets in which hackers exchange information or, conversely, try to steal botnets from each other.

Once a user's computer is infected, the hacker can do whatever he wants with it. Most attackers try to hide their presence from users - otherwise they risk losing their zombies. True, for many of them this is not a problem: there are still hundreds of millions of zombies on some networks.

How can you protect your computer from turning into a zombie? First of all, you need to understand that security is an ongoing process: it is impossible to protect a system once and for all. And of course, disaster cannot be prevented without following basic principles of common sense and caution on the Internet.

Required condition effective protection from burglars is to use an antivirus software. Whether it's a paid product like McAfee VirusScan or free application like AVG Anti-Virus Free Edition, it must be activated and updated regularly. Some experts believe that for greater efficiency antivirus databases should be updated every hour. This, of course, is unreasonable, but once again emphasizes how important it is to have the maximum current version antivirus.

Be sure to install anti-spyware software to identify malicious spyware applications. The latter include programs that monitor which sites the user visits, as well as applications that record all entered data and log any user activity. Therefore, it is necessary to install a good anti-spyware scanner such as Ad-Aware from Lavasoft and update it regularly.

Set to protect local computer network. Firewalls are often bundled with other software and are even built into some network devices- for example, routers and modems.

Create passwords that are difficult or nearly impossible to guess. Try not to use the same passwords for different applications. It’s more difficult to remember them this way, but it provides additional protection against hacking.

Problem solving

If your computer is already infected and turned into a zombie, there are only a few ways to solve the problem. It is best, of course, to contact technical specialist. If you do not have this option, run an antivirus to try to break the connection between the attacker and your computer. Unfortunately, very often the only way out is to delete all data from hard drive And complete reinstallation system, so don't forget to do it regularly backups important files, having previously checked them with an antivirus for infection.

The computer is a wonderful resource. Unfortunately, hackers think exactly the same way - they dream of making this wonderful resource their own. However, by following our advice and being careful on the Internet, you will most likely be able to protect your computer from any hostile intrusions.

“Viruses and antiviruses” - Receiving updates through a network server. Monitor, scanner, control center, quarantine, update manager. ? Incorrect setting BY. Slow work computer. Harm caused by viruses: ? "Holes" in the software. Trade-off: Centralized viewing of log files. Information carriers. Antivirus resources. "Holes" in the software. Habitat.

"Kaspersky Anti-Virus for Windows" - Gateway. Prerequisites. Viruses Network worms Trojans Riskware / adware. 14. Kaspersky Anti-Virus for Windows Workstations 6.0 R2. Viruses Network worms Trojans Riskware / adware Advertising Hacker attacks. 12. Installation steps. 18. 19. Implementation Guide. 3.

“Protection against malware” - Models for organizing protection against malware. Antivirus software is installed on individual computers. Threat vectors. Signature search Heuristic analysis Behavior analysis. Multi-level protection systems. Levels of protection. Network protection. Characteristics of malware. Activation mechanisms. Viruses. Traditional approach.

“Informatics, computer viruses” - According to the “habitat”. Bad-Joke, Hoax - evil jokes, misleading the user. Suspiciously tall outgoing traffic. A little history. Do not copy programs for your own needs from random copies. Passive stage The virus practically does not manifest itself, trying to remain invisible. Duration: from several minutes to several years.

"Network worms" - Computer workshop. Email worms use email to spread. Protection against network worms. Worms that exploit software "vulnerabilities". Network worms. Exercise. Mail worms. Worms that use file-sharing networks.

“Viruses on the computer” - According to the features of the algorithm: Examples antivirus programs. Types of viruses. Zombie. Creative project

One of the commandments of safety, as we have already mentioned, is to be sensitive to possible attempt taking control of the computer.

They talk about botnets when the computers of ordinary users come under the control of C&C (command and control) servers, which collect data and, as a rule, send commands to zombie computers. However, such a server is not always necessary. In the case of a P2P botnet, mutual communication between zombie computers is used.

The most common symptoms of computer infection

The first step we need to take is to make sure that our computer exhibits symptoms characteristic of zombie machines.

These include:

• sudden, unexplained slowdown of the computer, repetitive behavior;
• excessive disk activity and network connection;
• sudden changes in the behavior of well-known sites;
• constantly appearing pop-ups, no matter what site we are viewing;
• enhanced activity of the security package - including signals about strange connections;
• messages about undelivered e-mail messages, as well as notifications from friends that we are sending them spam;
• problems starting the computer, frequent freezes computer, error messages;
• additional browser extensions and files appearing and disappearing from the disk;
• programs unknown to us that appear in the task manager, as well as browser extensions that you did not install.

The symptoms described above indicate an increased risk, but this does not mean that our computer is infected.

The cause of certain behavior may be poor system optimization. This could also be the effect of malicious infections, which, however, have no connection with turning our computer into a zombie machine.

The first line of defense is antivirus

The transformation of a computer into a “zombie” is associated with infection with malware. Therefore, first scan your computer with an antivirus. It must be updated and the scan must cover the entire computer, not just system files and user profile.

Scan your computer by using antivirus system- this is half the success. Some of the malware responsible for turning a computer into a zombie can be hidden using rootkits.

To detect the presence of such software, you must scan your computer using the Scan for Rootkits option.

Second line of defense - firewall

A firewall is used for more than just protecting against intrusions. It can be used to block internet traffic at our discretion.

First of all, when we think that our computer is zombied, but the antivirus did not detect anything, it is worth spending a little time analyzing its behavior. The protection level in the Firewall should be set to maximum, and also enable Interactive mode so that any connection attempts are detected.

We then look for activity that is not related to the functioning of any system application or software that we ourselves have installed. Sometimes the infection can also spread to system files, and the identification scheme will be very complex, so it is worth consulting with specialists in case of any doubt.

Network activity is also monitored and recorded in logs, which you can then safely view. As we eliminate malfunctioning processes, the comfort of using the computer will return to its original state.

Load on your computer - you may not notice it

Modern computers are very efficient, so there is a risk that you will not even notice the excessive load on the computer. Therefore, it is necessary to check our computer using the following tools to be sure:

• System Task Manager- in the last Windows versions it allows you to control running applications, and also provides data on the use of computer resources.

After launching the Manager we can:

• view all active processes and identify the software that causes them;
• check Internet access load through any application;
• view list of services, especially those actively working who are not associated with operating system or software;
• check resource usage, in particular the processor, memory.

More detailed information on the use of resources, including the exact specification of active network connections, displayed in Monitor Windows resources . It can be opened by clicking on "Open Resource Monitor" in the "Performance" tab of the Task Manager.

You should also pay attention to the following programs:

• Sysinternals Suite- This popular system monitoring application package can replace system utilities, and thanks convenient interface and decoding necessary information it will be much easier. In this package you will find:
  • TCPView - shows a list of all active connections along with the addresses of target computers, allows you to identify their owner (Whois tool);
  • Process Explorer- an expanded version of the Task Manager process list, groups tasks by application, which allows you to evaluate interdependencies between software;
  • ProcMon - monitors all activity of the hard drive, registry and software, allows you to keep logs for subsequent analysis.