the Internet Windows Android
Expand
the main

Examples of exposure to macro and virus script. Script viruses

It should also be noted the script viruses that are a subgroup of file viruses. These viruses are written on various scripts languages \u200b\u200b(VBS, JS, BAT, PHP, etc.). They either infect other scripts (command and service files MS Windows or Linux), or are parts of multicomponent viruses. Also, these viruses can infect files of other formats (for example, HTML) if scripts are performed in them.

Trojan programs.

Trojan programs differ in each other by the actions that they produce on an infected computer.

Backdoor - Trojan remote administration utilities

Trojan programs of this class are utilities of remote administration of computers on the network. In terms of its functionality, they largely resemble various administration systems developed and distributed by software manufacturers of software products.

The only feature of these programs makes it classify them as harmful Trojan programs: no warning of installation and launch. When you start the "Trojan" sets itself in the system and then monitors it, with no messages about the actions of the Trojan in the system. Moreover, the link to the "Trojan" may be absent in the list of active applications. As a result, the "user" of this Trojan program may not know about its presence in the system, while its computer is open for remote control.

The hidden control utilities allow you to do everything with a computer that the author laid in them: to receive or send files, run and destroy them, display messages, erase information, restart the computer, etc. As a result, these Trojans can be used to detect and transmit confidential information to launch viruses, data destruction, etc. - The affected computers are open for malicious actions of hackers.

Thus, Trojan programs this type are one of the most dangerous types of malicious softwareSince they laid the possibility of a wide variety of malicious actions inherent in other types of Trojan programs.

Separately, it should be noted a group of backdrops capable of spreading over the network and implement into other computers, as computer worms do. Distinguished by such "Trojans" from the worms The fact that they apply over the network is not spontaneously (as worms), but only on a special team "host", which manages this copy of the Trojan program.

Trojan-PSW - Password Tast

This family combines Trojan programs, "Warning" of various information from an infected computer, usually - system passwords (PSW - Password-Stealing-Ware). When starting PSW-Trojans are looking for scenic files that store different confidential information (Usually phone numbers and passwords access to the Internet) and send it to the email address or addresses specified in the code "Trojan".

There are PSW-Trojans who report other information about the infected computer, for example, information about the system (memory size and disk space, version operating system) type used mail client, IP address, etc. Some Trojans of this type "steal" registration information to various software, access codes for network games and so on.

Trojan-Aol - a family of Trojan programs, "Warning" Access Codes for AOL (America Online). Allocated to a special group due to their numerous.

Trojan-Clicker - Internet Clicks

Family of Trojan programs, the main function of which is the organization of unauthorized calls to Internet resources (usually to web pages). This is achieved by either sending the relevant browser commands, or replace system fileswhich indicate the "standard" addresses of Internet resources (for example, hosts file In MS Windows).

The attacker may have the following targets for such actions:

an increase in attendance of any sites in order to increase advertising posts;

dOS-attack organization (DENIAL OF SERVICE) on any server;

attracting potential victims to infect viruses or Trojan programs.

Trojan-Downloader - Delivery of other malicious programs

Trojan programs of this class are designed to load and install on a computer-sacrifice of new versions of malware, the installation of the Trojans or advertising systems. The program loaded from the Internet is then either run to execution, or are recorded by the "Trojan" on the autoload in accordance with the capabilities of the operating system. These actions occur without the user's knowledge.

Information about the names and location of the downloaded programs is contained in the code and data of the Trojan or downloads the Trojan from the "Managing" Internet resource (usually from a web page).

Trojan-Dropper - Installands of other malicious programs

Trojan programs of this class are written in order to secretly install other programs and are almost always used to "apply" on the computer sacrifice of viruses or other Trojan programs.

These Trojans are usually without any messages (either with false error messages in the archive or an incorrect version of the operating system) discount to a disk to any directory (to the root of the C:, in the temporary directory, in the Windows directories) other files and run them for execution.

Usually the structure of such programs is as follows:

Main Code

The "main code" highlights the remaining components from its file (file 1, file 2 ,.), writes them to the disk and opens them (starts to execute).

Usually one (or more) components are Trojan programs, and at least one component is a "deceiving": a joke program, game, picture or something like that. "Fucking" should divert the user's attention and / or demonstrate what the started file really does something "useful", while the Trojan component is installed in the system.

As a result of the use of programs of this class, hackers reaches two purposes:

secretory of Trojan programs and / or viruses;

protection against antivirus programs, since not all of them are able to check all components within the files of this type.

Trojan-Proxy - Trojan Proxy Servers

Family of Trojan programs hidden anonymous access To various Internet resources. Usually used to send spam.

Trojan-Spy - Spyware

These Trojans exercise electronic spying for the user's infected computer: information entered from the keyboard, screen screens, the list of active applications and user actions are saved to any file on the disk and periodically go to the attacker.

Trojan programs of this type are often used to steal user information various systems Online payments and banking systems.

Trojan - Other Trojans

These Trojans include those who carry out other actions falling under the definition of Trojan programs, i.e. Destruction or malicious data modification, computer impairment and other.

In this category, there are also "multipurpose" Trojan programs, for example, those of them that are simultaneously spying for the user and provide a proxy service to a remote attacker.

Rootkit - concealment of presence in the operating system

The concept of RootKit came to us from UNIX. Initially, this concept was used to designate a set of tools used to obtain ROOT rights.

Since the Rootkit Tools today "passed on" and on other OS (including Windows), it should be recognized as a similar definition of Rootkit morally outdated and not responding to the real state of affairs.

Thus, RootKit is a software code or technique aimed at hiding the presence in the system of specified objects (processes, files, registry keys, etc.).

For Rootkit behavior in the Kaspersky Lab classification, the absorption rules include: Rootkit is the most junior behavior among malware. That is, if the rootkit program has a Trojan component, it is detected as Trojan.

ArcBomb - "bombs" in archives

They are archives specifically decorated in such a way as to cause an abnormal behavior of archivers when trying to unzip data - freezing or substantial slowdown in the computer or filling the disk with a large number of "empty" data. Especially dangerous "archival bombs" for file and mail servers, if a server is used on the server any automatic processing of incoming information - "archive bomb" can simply stop the server operation.

There are three types of similar "bombs": an incorrect archive header, repetitive data and identical files in the archive.

The incorrect archive header or spoiled data in the archive can lead to a collection of a specific archiver or an unzip algorithm when analyzing the archive content.

Significant sizes file containing repeating data allows you to archive such a file to the archive small size (For example, 5GB of data are packaged in 200kb RAR or in 480KB zip-archive).

Great amount identical files The archive also practically does not affect the size of the archive when using special methods (for example, there are receptions for packing 10100 of the same files in 30 kb RAR or 230KB zip-archive).

Trojan-Notifier - alert on a successful attack

Trojans of this type are designed to messages to their "host" about an infected computer. At the same time, information about the computer is sent to the "host" address, for example, computer IP address, number open Port., address email etc. Squeeze is carried out different ways: electronic letter specifically decorated to the host web page, ICQ message.

These Trojans are used in multicomponent Trojan sets to notify their "host" on the successful installation of the Trojan component in the attacked system.

The virus is a program capable of creating its copies (not necessarily coinciding with the original) and implement them into files, system areas of the computer, computer networks, as well as carry out other destructive actions. At the same time, the copies retain the ability of further distribution. Computer virus belongs to malicious programs.

Malicious Program is a computer program or a laptop code designed to implement the threats of information stored in the COP or for the hidden inappropriate use of the COP resources, or other impact impeding the normal functioning of the COP. Malware includes computer viruses, Trojans, network worms, etc.

2. Vius life cycle.

Since the distinctive feature of viruses in the traditional sense is the ability to reproduce within a single computer, the division of viruses to the types occurs in accordance with the methods of reproduction.

The reproduction process itself can be conditionally divided into several stages:

- Penetration on the computer

- Activation of the virus

- Search for objects for infection

- Preparation of viral copies

- introduction of viral copies

Features of the implementation of each stage give rise to attributes, the set of which is actually determined by the virus class.

3. Macroviruses. Script viruses. Give examples.

Macroviruses are viruses written in the Macrocomand language and executable in any application. In the overwhelming majority of cases, we are talking about macros in Microsoft Office documents.

Examples. One of the most destructive macro volumes are representatives of the Macro.Word97.thus family. These viruses contain three Document_Open procedures, Document_Close and Document_New, which replaces standard macros, running when opening, closing and creating a document, thereby providing contamination of other documents. On December 13, the destructive function of the virus is triggered - it deletes all files on a C: drive, including directories and subdirectories. Modification of Macro.Word97.thus.aa In addition to the specified actions, when opening each infected document, chooses a random file on the local disk and encrypts the first 32 bytes of this file, gradually leading the system into an inoperable condition.

Script viruses - viruses performed in a specific command shell environment: before - BAT files in the DOS command shell, now more often VBS and JS - scripts in the Windows Scripting Host (WSH) command shell.

Examples. Virus.vbs.sling is written in VBScript (Visual Basic Script). When starting, it is looking for files with extensions.vbs or.VBE and infects them. At the occurrence of June 16 or July, the virus during startup deletes all files with extensions.vbs I.VBE, including itself.

Virus.winhlp.pluma.a - Virus, infecting Windows help files. When opening an infected help file is performed viral scriptUsing a non-trivial method (essentially, a vulnerability in script processing) starts to execute already as a regular Windows file, a specific code string contained in the script. The running code makes the search for the help files on the disk and implements the autorun script to the SYSTEM area.

The history of the appearance of virus is extremely interesting - she is still waiting for his meticulous researcher! There is still no uniform opinion regarding the moment that one could consider the official day of the appearance of a virus, as not to the criteria, which could be summarized by one or another software and to distinguish research experiments from a purposefully written program with malicious functions.

In 1949, John Von Neumann (John Von Naumann), an outstanding American mathematician of Hungarian descent, which made an important contribution to quantum physics, quantum logic, functional analysis, the theory of sets, computer science, economics and other industries, developed a mathematical theory of creating self-reproducing programs. It was the first attempt to create the theory of such a phenomenon, but it did not cause much interest in the scientific community, since it did not have a visible applied value.

There is no consent and about the origin of the name "Computer Virus". According to one version, it happened on November 10, 1983, when a graduate student of the University of Southern California (Fred Cohen) of Fred Cohen during a security seminar at Lehi University (Pennsylvania, USA) demonstrated a program on the VAX system 11/750 Able to embed into other software objects. This program can be fully considered one of the first prototypes of a computer virus.

Cohen introduced the code written by them into one of the UNIX commands, and within five minutes after launching it on the computing machine received control over the system. In four other demonstrations full access It was possible to achieve half an hour, leaving the protective mechanisms that existed at that time.

There is a version that the term "virus" called a copy of himself by the program Scientist Freda, one of the creators of the cryptographic algorithm RSA Leonard Edleman (Leonard Adleman).

A year later, at the 7th Conference on Information Safety, F. Koen gives a scientific definition of the term "computer virus", as a program capable of "infecting" other programs using their modification in order to implement their copies and perform the specified actions. Note that F. COEN was definitely not an innovator in this area. Theoretical arguments on copying from a computer to computer programs and practical implementation has been successfully implemented before. However, it is the presentation of F.Kane forced specialists to seriously speak of potential damage from deliberate attacks. In just fifteen years, the spread of malicious software has acquired a threatening scale, radically reduce which is not possible.

In some sense, F. Cohen's 15-year-old Schoolboy from Pennsylvania Rick Scranta (Rich Skrenta). His favorite occupation was torture over the comrades by modifications of the game code for Apple II, which led to a sudden shutdown of computers or performed other actions. In 1982, he wrote ELK Cloner - self-reproducing boot virus that infected Apple II through a flexible magnetic disk. During each 50th reboot of the PC, a message appeared with the words: "He will post your discs, he will post your chips. Yes, this is Cloner! He sticks to you like glue, it will be in memory. Cloner welcomes you!"

The R. Skrent program did not go far beyond the range of his friends. Lavra went to the "masterpiece" of the programmer's thought that appeared in several years later. The Brain program ("Brain") was created in 1988. Two brothers - immigrants from Pakistan, which are attributed to the infection of the PC through the illegal copies of the program to monitor the work of the heart. The virus contained a copyright notice with the names and phones of the brothers, so users of infectious cars could turn to directly to viruses for the "vaccine". The first version of Brain followed many modifications pursuing purely commercial interest.

In 1988, Robert Tappan Morris Jr. Robert Tappan Morris Jr. in 1988 in 1988 (Robpan Morris Jr.), who had the first widely distributed computer worm, was released, although experimental work in the Sul Securities Agency This area was conducted since the late 1970s. This type of programs most often does not produce any destructive manipulations with user files and sets the goal as quickly and widespread, reducing the efficiency of networks.

According to some estimates, from 5% to 10% connected at the time to the network of machines, for the most part belonging to universities and research organizations, they were attacked by them. The worm used the vulnerability of several programs, including Sendmail. R.T. Morris became the first person convicted on charges of crimes in the computer sphere, and received 3 years conditionally. However, this did not prevent him from becoming a professor of the Massachusetts Institute of Technology (MIT).

The next big malicious step performed in the 90s with an increase in demand for personal computers and the number of email users. Electronic communications provided a much more efficient path of infection of the PC than through media. The sample of the rate of freak was the Melissa virus in 1999, which introduced 250 thousand systems. However, he was harmless, except that every time with the coincidence of time and date - for example, 5:20 and 20 May - a quote from The Simpsons occurs on the screen.

A year later, Love Bug appeared, also known as Loveletter. In a short time, the virus flew around the whole world! He was written by the Philippine Student and came in an electronic message with the theme "I Love You". As soon as the user tried to open the attachment, the virus through Microsoft Outlook. I sent myself to all addresses in the list of contacts. Then I downloaded the Trojan program to collect the information interested in the Philipino. Loveletter attacked about 55 million PCs and infected from 2.5 to 3 million. The amount of damage caused to them was estimated at 10 billion, but the student escaped punishment, because the Philippines did not have at the time legislative base To combat cybercriminals [Born Denis, http://www.wired.com].

An avalanche-like spreading of viruses has become a big problem for most companies and government agencies. Currently, more than a million computer viruses are known and more than 3,000 new varieties appear each month ["Encyclopedia of Viruses", http://www.viruslist.com/en/viruses/encyclopedia.].

Computer virus is a specially written program that can "attribute" yourself to other programs, i.e. "infect them", in order to fulfill various unwanted actions on a computer, in computing or information system and online.

When such a program starts work, first, as a rule, management gets a virus. The virus can act independently performing certain malicious actions (changes the files or table of placement of files on the disk, clogs rAM, Changes addressing appeals to external devices generates malicious application, steals passwords and data, etc.), or "infects" other programs. Infected programs can be transferred to another computer using a floppy disk or local network.

The forms of the organization of viral attacks are very diverse, but in general, they can practically "scatter" in the following categories:

  • remote penetration into the computer - programs that receive unauthorized access to another computer via the Internet (or local network);
  • local penetration into the computer - programs that receive unauthorized access to the computer on which they subsequently work;
  • remote blocking of a computer - programs that via the Internet (or network) block the operation of the entire remote computer or a separate program on it;
  • local blocking of a computer - programs that block the operation of the computer on which they work;
  • network scanners - programs that collect network information to determine which of computers and programs working on them are potentially vulnerable to attacks;
  • scanners of vulnerable programs - programs, check large groups of computers in the Internet in search of computers, vulnerable to one or another attack specifies;
  • "Openings" passwords - programs that detect easily guessing passwords in encrypted password files;
  • network analyzers (sniffers) - programs that listen to network traffic; Often they have the ability to automatically highlight user names, passwords and credit card numbers from traffic;
  • modification of transmitted data or substitution of information;
  • substitution of a trusted object distributed computing network (work on his behalf) or a false object of distributed Sun (RVS).
  • "Social Engineering" - unauthorized access to information otherwise than hacking software. The goal is to mislead the staff (network or system administrators, users, managers) for passwords to a system or other information that will help disrupt the security of the system.

Malicious software includes network worms, classic file viruses, Trojans, hacker utilities and other programs that apply to the computer on which they run to execute, or other computers on the network.

Network worms

The main feature by which the types of worms differ in each other is a way to distribute worm - which way it transmits his copy to deleted computers. Other signs of Differences of the CC among themselves are ways to launch a copy of the worm on an inflection computer, methods of introducing into the system, as well as polymorphism, "stealth" and other characteristics inherent in other types of malicious software (viruses and Trojan programs).

Example - E-mail-worm - postal worms. This type of worms includes those of them that use email for their distribution. At the same time, the worm sends either his copy in the form of an attachment to an email, or a link to its file located on any network resource (for example, a URL to an infected file located on a hacked or hacker website). In the first case, the Code of the Worm is activated when opening an infected attachment (start) in the second - when opening a reference to an infected file. In both cases, the effect of the same is activated by the worm code.

To send infected posts, postal worms use various ways. Most common:

  • direct connection to the SMTP server using the walled library built into the code;
  • use MS Outlook services;
  • using windows functions MAPI.

Various methods are used by postal worms to search for postal addresses to which infected letters will be sent. Postal worms:

  • send yourself to all addresses detected in the MS Outlook address book;
  • reads addresses from the address base WAB;
  • scan "Suitable" files on the disk and highlights the lines that are email addresses;
  • send themselves to all addresses found in letters in mailbox (At the same time, some mail worms "respond" to the letters detected in the box).

Many worms use several of the listed methods at once. There are also other ways to search for email addresses. Other types of worms: IM-Worm - Cherves using Internet pagers, IRC-Worm - Worms in IRC channels, Net-Worm are other network worms.

Classic computer viruses

This category includes programs that distribute their copies for resources. local computer In order to: the subsequent launch of your code with any user actions or further implementation of the computer to other resources.

Unlike worms, viruses do not use network services to penetrate other computers. A copy of the virus falls on remote computers only if the infected object according to any virus-dependent reasons turns out to be activated on another computer, for example:

  • when infected with the available disks, the virus entered the files located on the network resource;
  • the virus copied itself to a removable medium or infected the files on it;
  • the user sent an email with an infected attachment.

Some viruses contain the properties of other varieties of malware, such as the backdoor procedure or the Trojan component of the destruction of information on the disk.

Many tables I. graphic editor, design systems, text processors They have their macro languages \u200b\u200b(macros) to automate the execution of repetitive actions. These macro languages \u200b\u200boften have a complex structure and a developed set of commands. Macro viruses are programs on macro languages \u200b\u200bembedded in such data processing systems. For its reproduction, this class viruses use macro-language capabilities and tolerate themselves from one infected file (document or table) to others.

Script viruses

It should also be noted the script viruses that are a subgroup of file viruses. These viruses are written on various scripts languages \u200b\u200b(VBS, JS, BAT, PHP, etc.). They either infect other scripts (command and service files MS Windows or Linux), or are parts of multicomponent viruses. Also, these viruses can infect files of other formats (for example, HTML) if scripts are performed in them.

Trojan programs

This category includes programs that carry out various unauthorized actions: the collection of information and its transfer to an attacker, its destruction or malicious modification, disruption of the computer's performance, the use of computer resources in unacceptable purposes. Separate categories of Trojan programs are damaged remote computers and networks that do not disturb the performance of an infected computer (for example, Trojan programs developed for massive DOS attacks on remote network resources).

Trojan programs are diverse and differ in themselves for the actions that they produce on an infected computer:

  • Backdoor - Trojan remote administration utilities.
  • Trojan-PSW - theft of passwords.
  • Trojan-Aol - a family of Trojan programs, "Warning" Access Codes for AOL (America Online). Allocated to a special group due to their numerous.
  • Trojan-Clicker - Internet cliques. Family of Trojan programs, the main function of which is the organization of unauthorized calls to Internet resources (usually to Web pages). This is achieved either by sending the relevant browser commands, or the replacement of system files in which the "standard" Internet resources addresses are specified (for example, the Hosts file in MS Windows).
  • Trojan-downloader - Delivery of other malicious programs.
  • Trojan-Dropper - Installands of other malicious programs. Trojan programs of this class are written in order to secretly install other programs and are almost always used to "apply" on the computer sacrifice of viruses or other Trojan programs.
  • Trojan-Proxy - Trojan Proxy Servers. Family of Trojan programs that are hidden exercising anonymous access to various Internet resources. Usually used to send spam.
  • Trojan-Spy - spyware. These Trojans exercise electronic spying for the user's infected computer: information entered from the keyboard, screen screens, the list of active applications and user actions are saved to any file on the disk and periodically go to the attacker. Trojan programs of this type are often used to steal user information from various online payment systems and banking systems.
  • Trojan - other Trojan programs. In this category, there are also "multipurpose" Trojan programs, for example, those of them that are simultaneously spying for the user and provide a proxy service to a remote attacker.
  • Trojan ArcBomb - "bombs" in the archives. They are archives specifically decorated in such a way as to cause an abnormal behavior of archivers when trying to unzip data - freezing or substantial slowdown in the computer or filling the disk with a large number of "empty" data. Especially dangerous "archival bombs" for file and mail servers, if a server is used on the server any automatic processing of incoming information - "archive bomb" can simply stop the server operation.
  • Trojan-Notifier - alert on a successful attack. Trojans of this type are designed to messages to their "host" about an infected computer. At the same time, information about the computer is sent to the "host" address, for example, the IP address of the computer, the open port number, email address, etc. The reference is carried out in various ways: an email, specially decorated access to the host webpage, ICQ message. These Trojans are used in multicomponent Trojan sets to notify their "host" on the successful installation of the Trojan component in the attacked system.

Types of computer virus

There is no such person today who did not hear about computer viruses. What is it that are types of computer virusand malicious programs, let's try to figure it out in this article. So, computer viruses can be divided into the following types:

Under advertising and information programs are understood by such programs that, in addition to their main function, also demonstrate advertising banners and all sorts of pop-ups with advertising. Such messages with advertising sometimes it is not easy to hide or disable. Such advertising programs are based when working on the behavior of computer users and are quite problematic for system security reasons.

Backdoor (Backdoor)

The hidden administration utilities allow, bypassing the protection system, put a computer of the installed user under its control. A program that works in invisible mode gives hacker unlimited rights to manage the system. With the help of backdoor programs, you can access personal and personal data. Often such programs are used in order to infection with computer viruses and for hidden Installation Malicious programs without user knowledge.

Boot viruses

Often, the main boot sector of your HDD is amazed by special bootable viruses. Viruses of this type replace the information that is necessary for the unimpeded system launch. One of the consequences of such a malicious program is the impossibility of loading the operating system ...

Bot-network

Bot-network is a full-fledged network on the Internet, which is subject to an attacker administering and consisting of many infected computers that interact with each other. Control over such a network is achieved using viruses or trojans that penetrate the system. When working, malicious programs Do not show yourself, waiting for the team from the attacker. Such networks are used to send spam messages or for organizing DDOS attacks to the desired servers. What is interesting, users of infected computers can absolutely not guess what is happening on the network.

Exploit

Exploit (literally breech in safety) is such a script or program that use specific holes and vulnerabilities of the OS or any program. Similarly, programs penetrate the system using which administrator access rights can be obtained.

Hoax (literal joke, lie, hoax, joke, deception)

For several years, many Internet users have received email messages About viruses that apply to alleged e-mail. Such warnings are massively sent with a tear request to send them to all contacts from your personal sheet.

Trap

Honeypot (honey pot) is a network service that has a task to watch the entire network and fix attacks, when the focus occurs. A simple user does not adhere to the existence of such a service. If the hacker explores and monitors the network for the presence of a barley, then it can use the services that such a trap offers. This will record in log files, and automatic alarm will work.

Macrowurus

Macroviruses are very small programs that are written on the macro-language applications. Such programs apply only to those documents that are created specifically for this application.

To activate such malicious programs, you need to start the application, as well as the execution of an infected macro file. The difference from ordinary macros viruses is that the infection occurs applications, rather than launched application files.

Farming

Farming is a hidden manipulation of a browser host-file in order to direct the user to a fake site. Fraudsters contain large volumes, on such servers, a large base of fake Internet pages are stored. When manipulating the HOST file using a trojan or a virus, it is quite possible to manipulate the infected system. As a result, the infected system will only download fake sites, even if you enforce the address in the browser bar.

Phishing

Phishing is literally translated as "lesing" of the user's personal information while on the Internet. An attacker in his actions sends a potential victim an email, where it is indicated that it is necessary to send personal information to confirm. Often this is the name and surname of the user, the necessary passwords, PIN codes to access the user's accounts online. Using such stolen data, the hacker may well give himself for another person and carry out any action on his behalf.

Polymorphic viruses

Polymorphic viruses are viruses using camouflage and reincarnation in work. In the process, they can change their program code on their own, and therefore they are very difficult to detect, because the signature varies over time.

Software viruses

Computer virus is a regular program that has to be independently attached to other working programs, thus amazing their work. Viruses independently distribute their copies, it significantly distinguishes them from Trojan programs. Also, the difference between the virus from the worm is that the virus requires the program to which it can attribute its code.

Ruckit

Rucker is a specific set. softwarewhich is hidden installed in the user system, while ensuring concealment of the personal login of cybercriminator and various processes, while making copies of the data.

Script viruses and worms

Such types of computer viruses are quite simple for writing and distributed mainly by email. Script viruses use scripting languages \u200b\u200bto add themselves to new scripts created or distributed through the operating network functions. Often, infection occurs on e-mail or as a result of file sharing between users. Worm is a program that multiplies independently, but which infects other programs. Worms in reproduction can not be part of other programs that distinguishes them from ordinary species Computer viruses.

Spyware

Spies can forward the personal data of the user without his knowledge to third parties. Spyware It analyze the behavior of the user on the Internet, as well as based on the data collected, demonstrate to the user advertising or pop-up (pop-up windows), which will certainly be interested in the user.

Did not find an answer to your question? Look at here
Doesn't Diablo III start?Doesn't Diablo III start?
How to check the computer to spywareHow to check the computer to spyware
Spyware on the computerSpyware on the computer