A computer user has to be aware of the incredible dangers lurking on the internet. Here are the two computer viruses causing the most damage in the digital land. Included are suggestions on how to deal with them in the most efficient way.
Downloader.Agent.Family – 26% of coverage
Trojans are programs that include in their code hidden features – harmful to the user’s computer system.
Principle of Operation
Trojans from downloader.agent.family group are self installing on your computer, in addition they download other Trojans or malicious files from the Internet on to your system, as well. Most Trojans run every time Windows starts using the system registry entries.
HKLM SOFTWARE Microsoft Windows CurrentVersion Run
Trojan files can be placed into folders
Because of variety and different types, the list does not cover all possibilities, but her are the most common:
C: Windows system32
C: Windows Temp
Immediate removal of the file before downloader.agent.family Trojan downloads and installs other Trojans. BitDefender software is right now the most effective tool in dealing with internet security threats.
Family Worm.Autorun – 23% of coverage
It uses worms to spread widely using a mechanism for Windows AutoPlay Media. Infected media (especially USB drives) contain specially crafted file autorun.inf which is responsible for automatically running specified applications when you connect the drive to your computer.
Here is a sample autorun.inf file used by the worm:
open = f7g.exe
shell open Command = f7g.exe
In this example, the system automatically starts the worm file named f7g.exe located in the root directory of the connected media.
Infection of the computer system in most cases is through stored copies of the file autorun.inf and a copy of the worm files in the main directory of all drives available in the system.
Additional mechanisms used by the worm
Depending on the version of the worm, it also activates a mechanism for hiding the fact that the system is infected in the first place. Some variants also create auxiliary processes in the computer system, whose task is to prevent a simple end of the worm’s execution code, even to remove the worm files from the disk. For this purpose, the processes are created with names similar to the names of system processes, such as:
C: WINDOWS svchost.exe
C: WINDOWS services.exe
C: WINDOWS servets.exe
Most of the worms variations from worm.autorun are also capable of downloading recent versions of the infecting scripts.
The functions performed by the worm
The most common function is effected by a mass mailing worm, mail (spam). The infected system becomes a part of a botnet-u used for directing spam to selected target groups.
Mailwasher is by far a leading software tool of any anti spam programs, most efficiently dealing with spam and email threats, by processing your mail on the remote exchange server, before allowing the messages to be loaded on your computer system or network.