Classification

Category :

Malware

Type :

Virus

Aliases :

Virus.w32.[variant], Virus.win32.[variant], Virus:w64.[variant], destroys data on the hard drive, destroys data

Summary

A harmful program that silently integrates its own code into a program or file (referred to as the host file) on a computer.

Removal

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

Viruses were once the most common type of harmful program found, with literally hundreds of thousands of viruses in the wild. Nowadays however, as modern software security practices have made it much harder for attackers to create functional viruses, most harmful programs found today are likely to be trojans.

Installation

A virus almost always arrives as an executable file. The virus file is most popularly distributed as an email attachment, or as part of a trojan's payload. Some viruses are distributed using more sophisticated distribution methods such as:

Other ways viruses can be spread are through removable media such as floppy disks, CDs or USB thumb drives.

Impact

Once the virus file is run, it begins its attack on the files on the computer. Each time a host file is run, the virus code in it will replicate - that is, it will create and insert more unwanted code, either into the same file or into another file on the same machine (essentially infecting the other file as well).

Viruses can be sub-categorized based on the type of files they are designed to infect. The most common sub-types are:

  • File viruses - targets executable or data files, such as applications, games and documents
  • Boot viruses - targets the separate, critical boot sector of an operating system, which holds instructions for starting the computer

As the replication process repeats, the increasing additions of unwanted code can disrupt the host file's normal operations. If it happens often enough, the virus code can completely corrupt the host file. If enough files are infected, the entire computer may be completely disrupted.

In addition to infecting files, a virus can often perform other harmful actions. These actions can range from simple nuisances to severely harmful:

  • Changing the desktop background
  • Playing sounds or displaying images
  • Deleting files and programs
  • Modifying or stealing sensitive data files

Depending on what other actions the virus performs, the impact of an infection can range from annoying to devastating.