Many viruses have modified over time and learned to give files very plausible names, such that you will not even suspect tricks. This infection is a file virus that can infect all the free space on your computer. computer worm, getting on the computer, copies itself and places copies in various directories (folders) of your PC, with the aim that you run these files by chance.
What does the worm virus do to the computer after you run one of the malicious files:
- Computer takes a long time to boot
- Programs start to freeze
- The PC is able to boot "tightly"
- You can't freely navigate your computer's folders
There are at least a good dozen of these signs. And they all revolve around the fact that your computer starts to hang in a terrible way. The worm is similar in appearance to the Svchost.exe virus.
Remove the wir32 worm virus. Removal price
How to remove the worm virus yourself through the Task Manager
We go down to the taskbar and right-click on the taskbar field. Select [Task Manager]. A window opens - Task Manager, which shows the entire list of processes that are in the computer's RAM.
If you scroll through all this, you will notice that there is a choice of [Image Name], which will be shown by the name of the process or by the username, or by how much CPU resources the computer takes, or by how much memory this process takes. If you switch to the [Applications] tab, you will see which applications are currently running. But the most interesting thing is [Processes], because if you have a virus on your computer and something goes wrong with your computer, then you will not see it in [Applications]. You can only find it in [Processes].
The [Processes] tab shows, if you have the [Display processes of all users] checkbox, the processes of all users that are on the computer. We recommend checking this box if it is not checked. Now you need to look at the entire list of processes, if in the [User name] column the process is displayed as SYSTEM, this is a process that is busy by the system. All that is running by the system is system files, it is better not to turn them off, then an error will pop up and the system will stop working with the corresponding warning window. There are also files under the name of the user who started the computer.
If it is not clear which process belongs to what and what this process does, you can proceed as follows. Right-click on this process and select [Open file storage location]. Or we launch [My Computer\Disk C] and simply start searching for a file and write the name of a file you do not know. After the search is completed, all results will be shown. Multiple results can be shown at once. Right-clicks [Open containing folder object]. We got to the folder where the desired file is located. The search continues. To find out what it is? Right click on it and click [Properties]. The properties of our file open, where we see: File type and Description. You can also see the publisher's version. All files that are written by an official publisher will always have Copyright. If you have some kind of virus, then you will not find any description.
We also recommend paying attention to the time the file was created on the computer. All files that belong to the Windows system will have approximately the same release and creation time. If something happened to your computer quite recently, then the date of creation of a fresh file will be dated by the date when you caught viruses, worms, trojans, otherwise you may need computer repair.
Through the control menu of the Task Manager, you can stop the suspicious process of the worm virus. Click on it and confirm [End Process]. A confirmation window pops up, where you need to click [Yes]. After that, the process disappeared, thereby unloading this program from memory. Thus, if you have something suspicious in your computer's memory, you can safely turn it off. In this regard, you can easily disable unnecessary processes that are in memory, but this does not always work. If your virus has penetrated deeply, then this may not work and the process will fail to install. But even if you know how to use the Task Manager, it will be much easier for you to keep track of the vital activity of the processes that occur in the memory of your computer.
How to Get Rid of a Worm Virus Using Antivirus Prevention
You will need to scan your entire PC for computer worm viruses. After all viruses are detected, it is necessary to remove unnecessary processes from startup (Press the keys and then enter the command in the window that appears), which do not lead to Windows.
Good to know about these viruses:
Basically, all people refer to any kind of malicious software as "Computer Virus", but in fact, this is not quite true. There are many types of malware, including viruses, trojans, and worms, and each type has its own behavior and spreads differently.
Instead of the name "computer viruses", it is more correct to use "malicious programs", because. A computer virus is just another type of malware, just like a Trojan or a worm. So if you want a general term for unwanted and bad programs then use the word malware. But antivirus programs do not care what the name or type of malware is - they can remove Trojans, viruses, worms and other types of malware. But in this article we will not talk about antivirus programs, we will tell you about the main types of malware, namely, what a virus, trojan and worms are, and what is the difference between them.
A computer virus infects other files and programs, much like a biological virus infects living cells. In most cases, viruses infect files with the .exe extension, so by themselves, just being in the memory of the hard drive, viruses cannot infect other files, but only when the .exe file with the virus is launched. Simply put, if you open an .exe file containing a virus, then only the virus will begin to spread.
Some types of computer viruses can also infect other types of files, such as macros in Word or Excel documents. Such viruses can spread through email attachments, removable storage devices, or network folders.
Computer viruses can wreak havoc on your system. In some cases, they may replace existing program files entirely with themselves, rather than as usual as an additional file to existing files. This means the virus deletes all files, thereby announcing its presence. Viruses can also take up system memory, causing system crashes.
Viruses are very dangerous because they they spread very quickly.
What are computer worms?
A worm (in English Worms) is an independent program that spreads without user intervention. If viruses spread with the help of users themselves, then worms do it on their own. But they don't infect other files, instead they create and distribute copies of themselves.
Some worms, such as the infamous Mydoom worm that has infected over half a million computers worldwide, spread copies of itself via email. And other equally dangerous and rapidly spreading worms, such as Blaster and Sasser, use network vulnerabilities instead of emails. They traverse the network and infect outdated and vulnerable systems that do not have a firewall.
Worms that spread across a network can generate a lot of traffic, slowing down the network. And after it gets into the system, it can perform the same actions as a malicious virus.
What is a Trojan?
The Trojans are named after the mythological Trojan horse. To conquer Troy, the Greeks built a huge wooden horse and gave it to the Trojans as a gift. The Trojans took the gift to their city. Later that night, Greek soldiers stepped out of a wooden horse and opened the gates of the city - and what followed, you can imagine.
A Trojan horse is about the same thing in a computer. The Tryan horse masquerades as useful programs, i.e. pretends to be a normal and useful program, for example, programs such as crackers, key generators, etc. Once in your system, the Trojan opens a backdoor in your system i.e. loophole (vulnerability).
Then, the author of this Trojan will use this loophole for his own purposes. For example, it may use your Internet connection for illegal activities that will eventually only point to you. Or to download other malware, in general, through this back door, the author of the Trojan can do anything.
Other threats
There are other types of malware, here are some of them:
- Spyware These are malicious programs that will monitor your actions on your computer. For example, "Keyloggers" (keyloggers) can remember the keys or key combinations that you pressed and send to their creator. They can steal your credit card information, online banking password, etc. Spyware is designed to make money for its creator.
- Scarware- also known as rogueware. They mostly appear as a fake antivirus alert on a web page. If you believe the alert and download a fake antivirus program, then after downloading the program will inform you about the presence of viruses in your system and ask for a credit card number or insist on payment so that the program removes the viruses. The program will hold your system hostage until you pay for or uninstall the program.
Always keep your operating system and other programs on your computer up to date, and always have an antivirus program to protect yourself from these kinds of dangers.
Do you still have questions about computer viruses, trojans and other types of malware? Leave a comment and we will answer any questions you may have.
America was shocked when, on November 2, 1988, almost all computers that had access to the Internet (in America), around eight o'clock in the morning, as they say, "froze". At first it was attributed to failures in the power system. But then, when the epidemic caused by the "Morris Worm" happened, it became clear that the terminals were attacked by a program unknown at that time, which contained a code that could not be decrypted by the available means. Not surprising! At that time, computers connected to the Internet numbered only in the tens of thousands (about 65,000 terminals) and were mostly represented in government circles or self-government bodies.
Morris worm virus: what is it?
The type itself was the first of its kind. It was he who became the ancestor of all other programs of this type, which today differ from the progenitor quite strongly.
Robert Morris created his “worm” without even realizing how popular it would become and how much harm it could do to the economy. In general, it is believed that it was, as they say now, a purely sporting interest. But in fact, the introduction of APRANET into the then global network, to which, by the way, both government and military organizations were connected, caused such a shock from which America could not recover for a long time. According to preliminary estimates, the Morris Worm computer virus caused damage in the order of 96.5 million US dollars (and this is only the amount known from official sources). The above amount is official. And what is not taken into account, probably, is not subject to disclosure.
The creator of the computer virus "Morris Worm" Robert Morris: some facts from the biography
The question immediately arises as to who this genius programmer was, who managed to paralyze the computer system of the North American continent for several days.
The same respected resource "Wikipedia" indicates that at one time Robert was a graduate student at Cornell University R. T. Morris (accident or coincidence?), at the Faculty of Computer Engineering.
The history of the creation and appearance of the virus
It is believed that initially the virus did not contain any threat. Fred Cohen studied the Morris Worm based on his findings about malicious codes and found an interesting feature in it. It turned out that this is not a malicious program at all.
The Morris worm (although today it is generally considered a virus at the suggestion of the Pentagon) was originally created as a tool for testing the vulnerabilities of systems based on the "intranet" (it is not surprising that APRANET users were the first to suffer).
How does a virus affect a computer system
Robert Morris himself (the creator of the virus) in every possible way denies the consequences inflicted by his "brainchild" on the United States, arguing that an error in the code of the program itself provoked the spread over the network. Considering that he received his education at the university, especially at the Faculty of Informatics, it is difficult to agree with this.
So, the so-called "Morris Worm" was originally focused on intercepting communications between large organizations (including government and military). The essence of the impact was to replace the source text of the letter sent back then on the APRANET network, with the removal of headers and endings in the Sendmail debug mode or when the buffer of the network fingerd service overflowed. The first part of the new letter contained code compiled on a remote terminal, and the third part consisted of the same binary code, but adapted for different computer systems.
In addition, a specialized tool was used that made it possible to guess logins and passwords using remote access to execute programs (rexec), as well as calling a remote interpreter (rsh), which at the command level used the so-called "trust mechanism" (now this is more associated with certificates).
Propagation speed
As it turns out, the creator of the virus was not a stupid person at all. He immediately realized that the longer the code, the longer the virus takes to infiltrate the system. That is why the well-known "Morris Worm" contains the minimum binary (but compiled) combination.
Due to this, the same boom occurred, which is now for some reason customary to be silent at the level of state intelligence services, although the threat of self-copying spread almost exponentially (each copy of the virus was capable of creating two or more of its own analogues).
Damage
No one, however, thinks about what damage can be done to the same security system. Here the problem, rather, is what the Morris Worm computer virus itself is. The fact is that initially, when penetrating a user terminal, a virus had to determine whether a copy of it was contained in the system. If there was one, the virus left the machine alone. Otherwise, it was introduced into the system and created its own clone at all levels of use and management. This applied to the entire operating system as a whole, and installed user programs, and applications or applets.
The official figure given by the US Department (approximately $96-98 million in damages) is clearly an underestimate. If you look only at the first three days, it was already about 94.6 million). Over the following days, the amount did not grow so much, but ordinary users suffered (the official press and the US Department are silent about this). Of course, at that time the number of computers connected to the global web was approximately 65,000 in the US alone, but almost every fourth terminal was affected.
Effects
It is easy to guess that the essence of the impact is to completely deprive the system of efficiency at the level of resource consumption. For the most part, this applies to network connections.
The virus in the simplest case creates copies of itself and initiates the launch of processes masquerading as system services (now even those running as administrator in the Task Manager process list). And it is not always possible to remove threats from this list. Therefore, at the end of the processes associated with the system and the user, you need to act very carefully.
What about Morris?
"Morris Worm" and its creator at the moment feel very good. The virus itself was successfully isolated by the efforts of the same anti-virus laboratories, since they have the source code on which the applet is written.
Morris in 2008 announced the release of the Arc language based on Lips, and in 2010 became a nominee and winner of the Weiser Prize.
By the way, another interesting fact is that the public prosecutor Mark Rush admitted that the virus disabled many computers by force shutting down, but still did not intentionally damage the data of users of any level, since it was not a destructive program initially, but an attempt checking the possibility of interference in the internal structure of existing systems. Compared to the fact that initially the attacker (who voluntarily surrendered to the authorities) was threatened with imprisonment for up to five years and a $250,000 fine, he got off with three years of probation, a $10,000 fine and 400 hours of community service. As many lawyers of that (by the way, and present) time considered, this is nonsense.
Multiple totals
Of course, today it is not worth fearing such a threat, which the "Morris Virus" represented at the early stages of the emergence of computer technology, of course, is not worth it.
But here's what's interesting. It is believed that Windows operating systems are mainly affected by malicious codes. And then it suddenly turns out that the body of the virus was originally developed for UNIX systems. What does this mean? Yes, only that it is time for the owners of Linux and Mac OS, which are fundamentally based on the UNIX platform, to prepare means of protection (although it is believed that viruses do not affect these operating systems at all, in the sense that they were not written). This is where many users of "poppies" and "Linuxoids" are deeply mistaken.
As it turns out, even on mobile platforms running iOS, some threats (including the Morris Worm) have begun to manifest their activity. First it's advertising, then - unnecessary software, then ... - system crash. Here you will involuntarily think. But at the origin of all this was some graduate student who made a mistake in his own tester program, which led to the emergence of what is now commonly called computer worms. And they, as you know, have slightly different principles for influencing systems.
In a sense, such viruses become spies (spyware), which not only load the system, but also, in addition to everything else, steal passwords for accessing sites, logins, PIN codes for credit or debit cards, and God knows what else an ordinary user can talk about. not even guess. In general, the impact of this virus and others like it at this stage in the development of computer technology is fraught with quite serious consequences, despite even the most modern methods of protection. And it is with regard to computer worms that one should be as vigilant as possible.
Here is such an entertaining and extraordinary story that will not be forgotten for a long time. Have an interesting and safe time on the net - without data theft, system overload and any spies like the "Morris worm"!
Infecting a computer with malware is a problem that every user who connects to the Internet and copies data from external media encounters from time to time. This kind of “infection” can come anywhere if the computer is not sufficiently protected for some reason. Knowing the features of various programs that destabilize the PC system will help you detect them in time and quickly get rid of them.
What does an infected computer have in common with a sick person?
It is known that a person most often falls ill under the influence of viruses - this kind of infection affects a specific organ or system and weakens the body, affecting its cells. The virus in some way feeds on human cells - and a malicious computer program behaves in much the same way: it captures and “eats” files, fitting into their program code. Virus-affected cells die, and corrupted computer files cannot be recovered.
Both viruses and worms aim to destabilize a single computer or an entire network. Here are some of the most common ways such a "contagion" is transmitted:
- By email if you open an email with a suspicious attachment.
- By opening a link to a dubious site (such links are often found on various “adult” resources).
- in file sharing networks.
- on the OS driver.
Computer virus as a dangerous toy
This type of destructive programs was harmless at first - their creators came up with viruses ... for the game. Under its terms, viruses were sent to friends to see how many copies of themselves such a program could make. The player who managed to completely fill someone else's computer was declared the winner. But then viruses began to be created for destructive purposes, namely, the destruction of data on a computer and the gradual disabling of the operating system. 
After the virus has penetrated the computer, it must be activated - for this, the infected object must receive control. In this regard, there are two types of viruses:
- Boot (capture sectors of permanent and removable media).
- File (capture files).
Once activated, the virus looks for similar objects. For example, a file virus "eats" one Word document and continues to move to other documents until it destroys them cleanly - or is not detected.
Note that viruses have a rather limited specialization - if they are designed for one type of files, then they will infect similar objects. Also, viruses can be created for certain operating systems: for example, a malicious program written for Windows will not work on Linux.
Network Worms: Memory Eaters
If the computer suddenly starts to “slow down” for no apparent reason, some programs start slowly, and the system often freezes, then most likely it is infected with a network worm that managed to bypass the security system or took advantage of some loophole in the OS.
Unlike a virus, a worm is not interested in data and does not affect files: it simply replicates by copying itself and filling free disk space. If the worm is not detected in time, the computer network of an entire organization may freeze, as this malicious program feeds on memory. In addition, the worm can pull a lot of traffic from the Internet.
How to protect yourself from viruses and worms?
The most effective way to protect your computer from a network "infection" is to install a legal and expensive protection system that will block any dangerous programs when they try to penetrate the OS.
But since there is no limit to the imagination of hackers and they constantly produce new viruses and worms aimed at ignoring protection, you need to remember the elementary rules:
- Do not open emails from unknown senders with weird subject lines and .exe file attachments.
- Use reliable mail systems that filter suspicious messages themselves.
- Refuse to download illegal content on dubious sites.
- Be careful with torrents.
- Additionally, check removable media that connects to your computer.
These simple rules will help you protect your computer from unwanted programs.
They are a specific, special type of viruses. The habitat of common malware is the file system, and worms enter our devices through the network. In addition, they can get into a PC not only through e-mail or the Internet, others are also subject to them. Therefore, the topic of this article is network worms and protection against them. After all, they penetrate through the networks of mobile network operators, and local LAN networks, and IRC networks for chats, and P2P networks designed for direct file exchange between users directly, and networks of services used for instant messaging.
A bit from the history of network worms
The first information about their action appeared in 1978. Jon Hupp and Jon Schoch, Xerox programmers, wondered about collecting and processing information from all computers to one central one. After some time, each PC of the company, having processed the required amount of work, transferred the result to the program written by our programmers, and it, being all the time in the local network, after processing the data, sent them to the central computer. Quite quickly, friends lost control of their program and for a long time could not understand what was happening.
Uncontrolled traffic appeared, then the entire network was blocked. After investigating the problem, the programmers discovered a variety of viruses, which were called network viruses. Older computer users should also be aware of w32.Blaster.worm, a worm that infected Windows 2000 through XP and prevented Internet access by rebooting the computer. In November 1988, the “Morris Worm” became famous, infecting 10% of all the world's computers due to a small mistake by the code author. For a whole week, these PCs did not function, causing damage of the order of 100 million dollars. Therefore, such a topic as network worms and protection against them is very important and its significance only increases with time.
Types of network worms and their paths to the computer
What are the tasks of these malware? The secondary ones are to get into your device, activate in it and start multiplying, but not only in your PC. Hence the main task is to get through the network into the devices of other people. What are they, their types? The main part of this particular virus is email worms that enter a computer with a file attached to an email. The user himself activates it, trying to open it. This is especially true for inexperienced programmers who do not notice anything suspicious in the extension of the file being launched, since often only a false one is visible.
Therefore, you should always follow the old recommendation - do not respond to letters from unknown people. Once activated, network viruses find email addresses on the device and send them a copy of themselves. In a similar way, worms “spread” through IRC clients, and ICQ, and other similar messengers. Sometimes they get into the PC due to gaps in the operating system, software and browsers. There are other types of network worms: IRC worms, P2P worms, and IM worms. We think it’s clear from the names what they do and how they get into the PC.
Other tasks of network worms and their symptoms on a computer
Their principle of action is similar to the activity of some other malware, for example, after completing their main task, they begin to perform other tasks. Among them: installing programs to control (remotely) an infected computer, stealing data, destroying them, that is, everything that the creator programmed them for.
But even without these additional actions, the amount of traffic on the device increases, performance drops, and communication channels are loaded. This is a clear sign of the presence of a worm in the system. If the work of the antivirus is blocked, then this is another fact that you need to pay attention to. It may even block access to antivirus software sites.
How to protect yourself from network worms?
We have considered the first part of the expression quite well - network worms and protection against them, now let's proceed to the second. We want to immediately warn you that a regular antivirus with basic functionality will not help you much, at best it will detect the very fact of the threat and block it. But this will not prevent another malware company from crawling through your network again. But if your PC is connected to the network, a good antivirus is a necessary condition for its operation.
Protection against network worms is also included in the functionality of the operating system itself. It has the tools to do this, which, at a minimum, significantly reduce the risk of infection. The main ones are automatic OS updates and an activated firewall / firewall. In pirated builds, this is often disabled, which is fraught with serious problems. After all, it is the firewall that checks all the data entering the computer on the network and decides whether to let it through or not.
Third-party protection against network worms
To enhance your computer's protection against network worms, hacker worms, and other viruses, we recommend that you install a third-party firewall as an alternative solution. Such programs, due to a narrower focus, have more flexible settings. Popular among users are: Comodo Firewall - completely free software and Outpost Firewall Pro - paid.
In order to be constantly up to date with all the novelties in the fight against a new “infection”, we advise you to refer to the viruslist ru resource. Network worms are all over the place, the appearance of new ones is monitored, and you will immediately know about it. By the way, in addition to well-known antiviruses, worms also block access to the VirusInfo resource, which has a service for free treatment of devices from various infections.
conclusions
Briefly compatible in a few sentences, the entire life cycle of the development of network worms:
- Penetration into your system.
- An important point is activation.
- Search for potential victims.
- Production and preparation of copies.
Further distribution of copies.
Now draw your own conclusions. We hope that you have already well understood what network worms are, and protection against them is real at the very first stage. Then there will be no problem. So protect your computer from the intrusion of a threat, and then you do not have to spend a lot of effort to deal with the consequences.
