Author: Andrew Thomas

Andrew Thomas is a publisher of Webbaster, specializes in Internet security and an effective defense against spam.

Email and Internet Security [Simple Guide]

A computer user has to be aware of the incredible dangers lurking on the internet. Here are the two computer viruses causing the most damage in the digital land. Included are suggestions on how to deal with them in the most efficient way.

Downloader.Agent.Family – 26% of coverage

General Description

Trojans are programs that include in their code hidden features – harmful to the user’s computer system.

Principle of Operation

Trojans from downloader.agent.family group are self installing on your computer, in addition they download other Trojans or malicious files from the Internet on to your system, as well. Most Trojans run every time Windows starts using the system registry entries.

Email and Internet Security

Sample key:

HKLM SOFTWARE Microsoft Windows CurrentVersion Run

Trojan files can be placed into folders
Because of variety and different types, the list does not cover all possibilities, but her are the most common:

C: Windows

C: Windows system32

C: Windows Temp

Recommended Action

Immediate removal of the file before downloader.agent.family Trojan downloads and installs other Trojans. BitDefender software is right now the most effective tool in dealing with internet security threats.

Family Worm.Autorun – 23% of coverage

It uses worms to spread widely using a mechanism for Windows AutoPlay Media. Infected media (especially USB drives) contain specially crafted file autorun.inf which is responsible for automatically running specified applications when you connect the drive to your computer.

Here is a sample autorun.inf file used by the worm:

[AutoRun]

open = f7g.exe

shell open Command = f7g.exe

In this example, the system automatically starts the worm file named f7g.exe located in the root directory of the connected media.

Infection of the computer system in most cases is through stored copies of the file autorun.inf and a copy of the worm files in the main directory of all drives available in the system.

Additional mechanisms used by the worm

Depending on the version of the worm, it also activates a mechanism for hiding the fact that the system is infected in the first place. Some variants also create auxiliary processes in the computer system, whose task is to prevent a simple end of the worm’s execution code, even to remove the worm files from the disk. For this purpose, the processes are created with names similar to the names of system processes, such as:

C: WINDOWS svchost.exe

C: WINDOWS services.exe

C: WINDOWS servets.exe

Etc.

Most of the worms variations from worm.autorun are also capable of downloading recent versions of the infecting scripts.

The functions performed by the worm

The most common function is effected by a mass mailing worm, mail (spam). The infected system becomes a part of a botnet-u used for directing spam to selected target groups.

Recommended Action

Mailwasher is by far a leading software tool of any anti spam programs, most efficiently dealing with spam and email threats, by processing your mail on the remote exchange server, before allowing the messages to be loaded on your computer system or network.