Ver. 1.0
Hackers.Com FAQ
Compiled by: Liquid Ch@os

This FAQ contains information regarding Viruses and similarities. It is for informational purposes and is intended for the learning of Viruses and what they do. Included in this version is information on kinds of Viruses, how they infect computer systems, and securing yourself from them.

 Section 1 I. Kinds of Viruses A. Viruses
  B. Trojans
    C. Worms

 Section 2 II. How Viruses work A. Stealth Viruses
    B. Polymorphic Viruses
    C. Slow infector
    D. Fast infector
    E. Sparse infector
    F. Boot Sector Infector (BSI)
    G. Companion Virus
    H. Armored Virus

Section 3 III. Virus Security A. Virus scanners
B. Firewalls

Section 1

Back to Top
I. Kinds of Viruses There are many kinds of viruses. These include Trojan horses and Worms as well. New viruses are released upon the world every day. The next section will list different styles and what they do. This section defines the 3 most common kinds and their definitions.

A. Viruses A virus is a program that infects a computers files and copies itself to them. Thus damaging the file. Most common viruses infect .COM or .EXE file extensions and corrupts them, rendering the program useless and/or infecting other files when run. Viruses are commonly recieved thru email and downloaded programs. Email viruses (depending on what you use for your mail) can access your address book and forward itself on to the people on the list, without the users knowledge.
B. Trojans Trojans are programs that do something which the writer means it to do that the user does not know about. These programs can be attached to another program so when the original program (that which may be any common good program people will use) is run the trojan virus will be installed. These range in the way of invisible keyloggers to the common trojans like NetBus, Sub7, and Back Orfice. There are amny kinds of trojans out there. Some can damage your computer, some will allow others access to your files, and some are there but dont do to much. But at any rate these can be malicious and are in many cases can be as bad as a virus that can destroy your computer. The common names for these viruses unattached from another program is "patch" and "server" alltho they may have other names as well depending on what it has been changed to.
 C. Worms Worms are programs that replicate over and over using up system resources and/or clowing down the computer. These include "resource hoggers" and "HDD fillers" (hard drive fillers). These programs may produce thousands of smaller files in a folder deep in the hard drive and keep making them until the hard drive is full. As well as using up resources of the computer. These little programs are hard to find. Due to having to find the original virus to stop the damage being done. There are other kinds of worms as well. Different ones depending on the writers needs.

Section 2

Back to Top
II. How Viruses work This section will explain on a few types of viruses and how they work. This is only a partial list of the different kinds out there. There are many other kinds but these are the main ones. This will be updated about every 6 months adding new ones out.

A. Stealth Viruses A stealth virus is one which hides the modifications it has made in the file or boot record, usually by monitoring the system functions used by programs to read files or physical blocks from storage media, and forging the results of such system functions so that programs which try to read these areas see the original uninfected form of the file instead of the actual infected form. Thus the viral modifications go undetected by anti-viral programs. However, in order to do this, the virus must be resident in memory when the anti-viral program is executed.
B. Polymorphic Viruses A polymorphic virus is one which produces varied (yet fully operational) copies of itself, in the hope that virus scanners will not be able to detect all instances of the virus.These viruses are hard to detect because of their constant change. Most viruses scanners will detect the original but not the newer versions of the virus all the time.
C. Slow infector A slow infector is a virus that which runs in the memory and infects programs that are modified or created. This is to fool many programs that check for modifications in programs for the virus hides what it has done.
D. Fast infector A fast infector is a virus which, when it is active in memory, infects not only programs which are executed, but even those which are merely opened. The result is that if such a virus is in memory, running a scanner can result in all (or at least many) programs becoming infected all at once.
E. Sparse infector A sparse infector virus will only infect a file occasionaly. These will count however many programs it was designed to count then infect and so on. Making it harder to track down the orginal source of the virus. These are hard to find due to the originaly has to be found thru many infected files that could be the original.
F. Boot Sector Infector (BSI)  A BSI is a virus that attacks the computer on boot. Sometimes halting the boot procedure alltogether and/or damaging boot files making the system either unstable and crash on startup or not able to start at all. These are some of the worst viruses to get because once infected you are unable to run system virus scans thru the OS.
G. Companion Virus  A companion virus modifies a file so that when it is run it runs a seperate program as well. (Many trojans work as this kind of virus) When the original file is run the virus is run instead of the original program. Once the virus is done, which is commonly fast enough to go unnoticed, the original program will start. The user will normaly have no clue as to anything was happening they did not know about.
H. Armored Virus An armored virus will use different things to stop the user from deleting, editing, tracing, and more. These can sometimes be deleted by virus scanners but not always.

Section III

Back to Top
III. Virus Security Virus security starts with a good virus scanner and never ends. There are many ways to prevent viruses. Thousands of new viruses are created each week and scanners are constantly being updated. The best way to be secured from them is to only download files from trusted sites/people and to keep a good updated scanner.

A. Virus Scanners

Virus scanners are the number one way to keep viruses off your system. There are hundreds of different scanners available. There are a few companies who keep up with them. (we all know who they are) So here is what you should do to keep them updated and working properly.

Always watch their website, they often have info on the latest bad viruses out and updates for your scanner. Also keep up monthly/weekly with your updates of your scanner. This will drastically reduce your vulnerability towards most the common viruses out. Another tip is when you hear of another big virus out, manualy update your scanner. Most the good scanners available have auto and manual update programs on your computer.

B. Firewalls Firewalls are very good protection for personal computers. Some of them will block against viruses and most will, or have the ability, to block trojan viruses. As with scanners there are many to choose from. It is the users personal preference on what they want to use. Firewalls provide good protection towards more than viruses/trojans as well. They will protect your whole computer from many kinds of other "cracking" attacks. They watch over your computer and watch open ports on your system for incoming data and either let it pass or block it depending on what the user wants. They work as nets, allowing what the user wants to go thru and blocking what the user does not want to go thru
Home Back to Top