What Is A Computer Virus?
What Is A Computer Virus?
A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk. Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail attachment. Computer viruses can be disguised as attachments of funny images, greeting cards, or audio and video files. Computer viruses also spread by using downloads on the Internet. Computer viruses can be hidden in pirated software or in other files or programs that you may download.
should be running a more secure operating system like UNIX. You never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from your hard disk.
If you are using an unsecured operating system, then buying virus protection
If you simply avoid programs from unknown sources (like the Internet), and
instead stick with commercial software purchased on CDs, you eliminate almost
all of the risk from traditional viruses. In addition, you should disable floppy disk booting -- most computers now allow you to do this, and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.
You should make sure that Macro Virus Protection is enabled in all Microsoft
applications, and you should NEVER run macros in a document unless you know what they do. There is seldom a good reason to add macros to a document, so avoiding all macros is a great policy.
Open the Options dialog from the Tools menu in Microsoft Word and make sure that Macro Virus Protection is enabled, as shown. You should never double-click on an e-mail attachment that contains an
executable. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). However, some viruses can now come in through .JPG graphic file attachments. A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Once you run it, you have given it permission to do anything on your machine. The only defense is to never run executables that arrive via e-mail.
Antivirus software consists of computer programs that attempt to identify, thwart and eliminate computer viruses and other malicious software (malware). Antivirus software typically uses two different techniques to accomplish this:
Examining (scanning) files to look for known viruses matching definitions in a virus dictionary Identifying suspicious behavior from any computer program which might indicate infection. Such analysis may include data captures, port monitoring and other methods.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.
THE BRIEF HISTORY OF VIRAL TIME Once Brain showed the way, many derivative PC viruses followed in the late 1980s. With no built-in protection, Microsoft's DOS operating system made it easy. Before long, there were about 100 known computer viruses. (Today there are about 300,000, according to some estimates.) The Lehigh virus, discovered at Lehigh University in 1987, was the first to attack an executable file, specifically COMMAND.COM. The Jerusalem virus (1987), which infected both .EXE and .COM files, was the first to trigger its payload (the subroutine within a virus or worm that actually does the damage) on a specific date -Friday the 13th. Several other Friday the 13th viruses would follow. The Cascade virus (1988) was the first encrypted virus, which made it difficult to alter or remove. The first worm to spread widely over the Internet was the Morris worm, released in 1988 by Robert T. Morris, then a graduate student at Cornell University and now an MIT professor. Morris claimed to have created the worm as an intellectual exercise to measure the size of the Internet; however, it spread farther than intended, and many machines were infected multiple times. Infected computers -- Unix machines rather than PCs -slowed down so much that they became unusable. In the early 1990s, the computing world saw its first mass-generated computer viruses as virus creation libraries (VCLs) were uploaded to renegade BBSes known as VX Exchange Boards. Here, members of hacker clubs could download virus source code, personalize it, and release their own virus with little effort or true knowledge of programming. Fortunately, VCLs tended to create viruses -- such as Kinison, Donatello, Earthday, Genocide, and Venom -- that were too buggy to ever spread far or cause much concern.
Polymorphic viruses: A virus that can encrypt its code in different ways so that it appears differently in each infection. These viruses are more difficult to detect. Examples: Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101 Macro Viruses: A macro virus is a new type of computer virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infects the Normal template (Normal.dot)-a general purpose file that stores default document formatting settings. Every document you open refers to the Normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers. Examples: DMV, Nuclear, Word Concept. Active X: ActiveX and Java controls will soon be the scourge of computing. Most people do not know how to control there web browser to enable or disable the various functions like playing sound or video and so, by default, leave a nice big hole in the security by allowing applets free run into there machine. There has been a lot of commotion behind this and with the amount of power that JAVA imparts, things from the security angle seem a bit gloom. These are just few broad categories. There are many more specialized types. But let us not go into that. We are here to learn to protect our self, not write a thesis on computer virus specification.