However, most programs that were written to penetrate systems running with Windows use *.EXE as their file extension. This allows them to run on the system without alarming the user. Other viruses and worms are written to look similar to Windows system files to avoid detection by the user. The Sasser virus exploited the LSASS (Local Security Authority Subsystem Service) with filename lsass.exe on Windows XP and Windows 2003. Since then several virus emerged and used isass.exe as the filename replacing letter "l" from the original Windows file with "i".
Once a computer system is infected, undesirable things can happen. Malicious applications such as those with EXE, VBS, and COM extensions can call Dynamic Link Library (DLL) files as part of their payloads. DLL's are very important files for Windows systems to properly function. Other malicious programs are designed to delete files with DLL extension resulting to OS corruption and data loss.
Viruses and other harmful programs change registry values either to avoid detection or to remain on a computer system. Most of these programs set themselves on the registry to allow them to automatically run once the computer starts. This also allows them to propagate and look for potential files to ruin.
JPG Quick Info | |
---|---|
Joint Photographic Experts Group image file | |
MIME Type | |
image/jpeg | |
Opens with | |
Microsoft Paint | |
GIMP | |
Paint.NET |