Viruses

Viruses

Something is wrong with your computer-something awful. Strange letters and symbols are appearing in your word-processing document. You have received odd e-mails, and you notice that half of your files seem to be missing. It looks like your computer may have a virus!

What Are Viruses?

Computer viruses are programs that insert themselves into your computer and are activated when you run an infected program or open a file on an infected disk. Then they immediately start replicating themselves by looking for new areas to infect. Like real germs, the most successful computer viruses hide, reproduce, and wait for the opportunity to spread to another victim.

Like illnesses, viruses vary in how "sick" they make your computer. Some are quite harmless and simply cause odd messages to appear on your screen. Others are very destructive; they can destroy all the data on your hard drive or corrupt all your files. The next section gives an overview of viruses and provides a description of some of their symptoms.

An Overview of Viruses

By the end of 2005, there were 114 000 known viruses for PCs. In March 2006 alone, 850 new threats were detected. Viruses cost individuals and businesses billions of dollars a year worldwide. Viruses can be classified into three main categories that describe what part of the computer they infect: boot-sector viruses, file viruses, and macro viruses. A second way of classifying viruses is by the type of infection they cause: overwriting, parasitic, stealth, polymorphic, encrypted, worm, and Trojan.

BOOT-SECTOR VIRUSES

Boot-sector viruses infect the boot sector of a computer's disk or hard drive. A boot-sector virus substitutes its code over code read by your computer when it is turned on or restarted, so that the virus forces the computer to read its code into memory and pass control to the virus code. The effects of boot-sector viruses can be as harmless as changing drive names or as destructive as overwriting the entire contents of a hard drive and destroying all of its files. Examples include brain, stoned, and michelangelo.

FILE VIRUSES

File viruses use a computer's file system to propagate (grow and reproduce). File viruses work by infecting files when they are being opened, renamed, or saved. At their best, file viruses cause messages to appear on the screen. At their worst, they can overwrite the contents of disks, destroying all the information on a disk or computer. Examples of file viruses include jerusalem, dark avenger, dir II, and cabanas.

MACRO VIRUSES

Macro viruses are programs written in macro languages (a specific type of programming language) and are designed to operate in specific software applications. Macros are sets of instructions attached to a document file that tell the software application to perform certain commands automatically. To propagate, or reproduce, macro viruses transfer themselves from one infected file to another. Macro viruses are most common in programs such as Microsoft Word and Microsoft Excel. The effects of macro viruses can be devastating. They can cause servers to crash. They can also cause private information from a computer to be automatically e-mailed to another. Examples of macro viruses include concept, wm/cap, Melissa, and papab.

TROJAN HORSE

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">A Trojan horse is a malicious program that does something undocumented that the programmer intended but the user does not know about. It is named after the wooden horse the ancient Greeks used to infiltrate Troy.

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">QUICK BYTE

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">NIMDA VIRUS

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">In 2001, the nimda (admin spelled backwards) virus appeared on the scene. Nimda, a mass-mailing worm that used multiple methods to spread itself, was one of the most sophisticated viruses to date. It was the first to use many different methods to spread, including sending itself by e-mail, searching for open network shares, and attempting to copy itself to unpatched or already vulnerable web servers.

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">The table below presents some of the main virus infection types.

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Type: Worms <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Description: A worm replicates itself and slithers through networks (including the Internet) or e-mail to infect computers on the network. Worms then replicate themselves, eating up storage space and slowing down the computer. They do not alter or delete files. Worms are malicious code. These are distinct from viruses in that they do not attach themselves to other files or programs. <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Examples: ILOVEYOU

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Type: Trojans, or Trojan Horses <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Description: A Trojan horse is a destructive program that pretends to be something else that users would want on their computers. While most people consider them viruses, they actually are not. Rather, they are a form of malicious code. For example, a user might install a Trojan horse that claims to be a program that will rid her computer of viruses, but, instead, it will introduce viruses onto that computer. <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Examples: W32.DIDer

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Type: Stealth <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Description: A stealth virus hides the modification it has made to files or boot records by monitoring the system functions used to read files or sectors from storage media. This means that programs that try to read infected files or sectors see the original, uninfected form instead of the actual, infected form. <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Examples: Windmill, SMILEYBO

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Type: Polymorphic <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Description: A polymorphic virus is one that produces slightly different copies of itself because it assumes that anti-virus software will not be able to detect the different versions. <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Examples: V2P6

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Type: Armoured <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Description: An armoured virus uses special tricks to make the tracing, disassembling, and understanding of its code more difficult. <span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">Examples: Whale

<span style="font: normal normal normal 17px/normal 'Arial Black'; letter-spacing: 0px; margin-bottom: 0px; margin-left: 0px; margin-right: 0px; margin-top: 0px;">REVIEW IT! AND DO IT!

What are three major categories of viruses? Describe each category.

What is macro?

What is SSL? Describe how it works.

Describe some of the least harmful effects of viruses. What are the most destructive effects?

Go online and visit a site such as McAfee Threat Center to find information on an emerging threat.