Top 5 Damaging Computer Viruses of all time and prevention

Introduction

In this article we are going to discuss about some computer viruses that are very dangerous for the computer users while browsing internet the user should be very careful. these viruses can be in the form of links or some attracting doodles. Before clicking on the link make sure that the link is safe if you find some doubt don’t click on link.A computer virus is a program that can copy itself and infect a computer without the permission or the knowledge of the user.

A computer virus has two major characteristics the ability to replicate itself and the ability to attach itself to another computer file. How do I know if I been infected virus there are many different symptom of a virus infected computer a few telltale sign that your computer may have a virus include slow response response time random hard drive crashes and extensive pop-up ads.

1. MyDoom

MyDoom has myriad of names including “W32.mydoom@mm” , NOVARG , MIMAIN.R and SHIMGAPI. This computer worm affect Microsoft windows and was first spotted on January 26^th 2004 .known as the fastest–spreading e-mail worm to date, the worm is believed to have spread from Russia through the actual location and even creator are unknown. The virus would come in an  e-mail starting “Andy;  I am just doing my job , nothing personal ,sorry”. The virus is another that spam our e-mails and its believed that it was created to target the “SCO Group” as 25 % of the infected hosts targeted www.sco.com in January of 2004 Microsoft offers a reward of $250,000 leading to the arrest of the creator which again has still to be claimed “Mydoom” and its variants are said to have caused $38.5 billion in damages. Making it the worst reported computer worm in history.

Prevention

The easiest way to protect a computer or oneself from computer viruses such as MyDoom is to not open attachments from unknown email addresses. Also, computer security systems should be upgraded and updated regularly and computer activity should be monitored closely on a regular basis.

Many computer viruses by nature are sneaky and new viruses are being created all day, every day. An investment in anti-virus software with a subscription for updates and monitoring is an investment worth making. The cost of avoiding future damage by buying an anti-viral program will cost far less than suffering the consequences of contracting a computer virus or similar problematic program known as malware.

It is important to protect one’s computer by installing and updating anti-viral software programs such as www.safebytes.com.

-Don’t let curiosity kill the computer

2. Slammer Worm

The slammer worm is also called SQL worm, this one being a bit misleading as it did not utilize the SQL language and sapphire worm. The SQL slammer worm forced denial of service on certain internet host’s and exploited a buffer overflow bug in Microsoft’s flagship. SQL server and desktop engine database product which in turn greatly reduce the speed of general internet traffic. It was first notice on January 25^th 2003 and spread at an unprecedented speed, infecting most of it’s estimated 75,000 victims within 10 minute of the initial launch and caused roughly $1 billion in damages.

Prevention

The worm can be removed by rebooting an infected system, however that solution does not guard against infection again at a later time. The underlying Server Resolution service buffer overrun flaw exploited by SQL Slammer was first reported in June 2002 and patched in MS02-039. Additional information is available in the SQL Elevation of Privilege patch MS02-061. Systems already patched by installing SQL 2000 Service Pack 3 are not affected. Until a patch can be installed, system administrators may block the following SQL server ports at their firewall/gateway:

ms-sql-s 1433/tcp #Microsoft-SQL-Server
ms-sql-s 1433/udp #Microsoft-SQL-Server
ms-sql-m 1434/tcp #Microsoft-SQL-Monitor
ms-sql-m 1434/udp #Microsoft-SQL-Monitor

Removal
Vendors McAfee, Symantec, and Trend Micro have removal tools available for systems infected with SQL Slammer.

3. Zeus

The Zeus virus also known as ZBOT virus ,it is a malware program that allows someone to construct their very own Trojan Horse. This toolkit was sold across the black market ranging from $3000 to $10000 , as it is so easy to use non-programmers could use to make their own horses successfully . the malware would remain document on the infected users machines until they came across a web with a form of fill out . it gained its major bit of notoriety in 2006 ,as common choice for hackers and criminals to steal online banking credential .the worms built by the Zeus toolkit are so adaptable ,that they are often time overlooked by anti-virus programs and according to a report by Trusteer nearly 77% of all PCs that are infected with Zeus Trojans have current up-to-date anti-virus programs.

Prevention

A few key steps will lower the chance of you getting re-infected with Zeus (or any other virus). Here’s a look at the best methods.

• Keep your PC up to date. Microsoft frequently releases security updates for your computer. Always keep on top of these. They’re often your first defense from virus threats.
• Update your antivirus software and malware protection. Similarly, keep your antivirus software and malware protection up to date. New virus definitions are released regularly and these keep your PC informed on what to look for with new virus and malware based threats. 
• Scan your system on a regular basis. With software installed, you shouldn’t ever be infected with anything, but it’s wise to run regular system scans to double check that nothing got through.
• Be careful online. Don’t click on links you don’t recognize, and only download files from sites you feel confident about. Never click on pop-up ads. If you see a pop-up that warns of a virus or threat, make sure it’s actually coming from your antivirus software and not from a website you’re browsing. If in doubt – don’t click.

4. Sasser

A slightly newer virus then the one just mentioned those who running windows 2000 and windows XP were vulnerable to the Sasser virus. This virus first notice on April 12^th 2004 this worm is yet another that exploits buffer overflow of the LSASS.it begins effecting the effected computers by scanning across different ranges of IP addresses containing to the victims computer via tcp port 445. The overall effect of this virus was Global ,including blocking all satellite communications to Agence France Presse or the APP delta Airlines canceling numerous flights , both the Nordic Insurance company if and parent company Sampo bank hitting a complete halt and closing 130 offices in Finland alone. In the end Microsoft issued a $250,000 bounty reward on the creator, which quickly led to the arrest of 18 year old German computer science student “Sven Jaschan”

Prevention

• track and kill the worm. To do this:
• Press control-alt-delete once,
• Click on task manager
• Click on the processes tab
• Shut down all processes with the following names: avserve.exe; or 4 or 5 digits followed by _up.exe (e.g. 74354_up.exe).
• Exit task manager.

(If you’re running Windows Me or XP, disable the System Restore feature to avoid  the computer from restoring the virus while backing up)

•  Shut down your computer and disconnect Internet cables or wireless cards.
• Restart the computer in ‘safe mode,’ by pressing the  F8 key when the screen displays the ‘starting Windows’ text.
• Go to the Windows Explorer and delete the file AVSERVE.EXE from your WINDOWS directory (typically c:\windows or c:\winnt)
• Carefully edit the computer’s ‘registry’ to wipe out the worm by
• Click the ‘start’ button.
• Click ‘run.’
• Type REGEDIT and press enter.
• Use the correct plus signs to get to this folder: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
• In the right pane, delete the value: “avserve.exe”=”%Windir%\avserve.exe”
•  Exit registry editor by clicking on the x in the top right of the window. (Do this very, very carefully).

Finally, reboot the computer in default mode, connect to the Internet and run one of the tools from the Web sites listed earlier.

Don’t forget to turn on System Restore if you’ve switched it off.

5. Melissa Virus

 Melissa Virus is described  as macro virus, due to the fact that it’s not a standalone program needing another program to be triggered, in this case through Microsoft Word. In march of 1999 David LSmith would introduce this virus on the internet. The macro virus itself however was written by KWYJIBO also known as VICODINES or ALT-F11 . This virus is responsible for millions of dollars in damage due to the disruptive influence it had over so many networks. Infected computers would send out emails in mass to anyone in the local PCs email system. The original came under an email titled “ Important Message From….( Fill in blanks )”, and had managed to infect thousands of computers including those within government agencies. Although the virus would be minuscule today,in 1999 it had a drastic impact on computers world wide.

Prevention

Whether you have antivirus software on your PC, you can disable automatic macro execution in Word 97. Select Tools, Options, General and make sure the “macro virus protection” box is checked.

All major antivirus software companies have updates that handle Melissa. If you are running antivirus software, you should update it immediately. (Direct update links for major makers are at right.)

If you don’t have antivirus software, consider downloading the free trial software offered by many companies.

To make sure that your PC hasn’t been infected by Melissa, go the Trend Micro’s HouseCall site, which will perform a virus check on your PC via the Internet.