The CIH virus is spread via executable files - which end in '.exe' - and deletes the first 1MB of each hard disk it infects. If it is active in memory, then every time an anti-virus scanner scans a Windows file, the virus attempts to infect that file.
The ICSA said newsgroups with infected downloadable programs are largely responsible for the widespread infection of the virus. It says the virus - known as CIH - is capable of overwriting the hard drive as well as the flash Bios (basic input...
Intel has sold its flash memory business to Boston-based PC card specialist, Centennial Technologies. The flash memory card market is becoming important as devices such as PC cards and portable digital cameras and MP3 players proliferate, however...
Unlike mass-mailing worms, SQL Slammer does not write files to a computer's hard disk but resides in memory. While this makes it easy to remove - a computer simply has to be rebooted - it also makes it difficult for anti-virus software to detect it...
Quis spreads itself via Outlook as an email containing a destructive payload. Upon completion of the quiz, the program executes the infection code again, and directs the user to a website which promises information on how to remove the worm.
Of course, once inserted inside a clean machine the infection the disk contained was passed on and distributed over any networks the system was connected to. The disk would either appear to be empty or it would contain a lot of files.
Did you find this white paper useful? 
White Paper RSS
Download
Register
