You are on page 1of 9

What is a computer virus?

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk. Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail attachment. Computer viruses can be disguised as attachments of funny images, greeting cards, or audio and video files. Computer viruses also spread by using downloads on the Internet. Computer viruses can be hidden in pirated software or in other files or programs that you may download.

Symptoms of a computer virus
If you suspect or confirm that your computer is infected with a computer virus, obtain the current antivirus software. The following are some primary indicators that a computer may be infected: • The computer runs slower than usual. • The computer stops responding, or it locks up frequently. • The computer crashes, and then it restarts every few minutes. • The computer restarts on its own. Additionally, the computer does not run as usual. • Applications on the computer do not work correctly. • Disks or disk drives are inaccessible. • You cannot print items correctly. • You see unusual error messages. • You see distorted menus and dialog boxes. There is a double extension on an attachment that you recently opened, such as a .jpg, • .vbs, .gif, or .exe. extension. An antivirus program is disabled for no reason. Additionally, the antivirus program • cannot be restarted. An antivirus program cannot be installed on the computer, or the antivirus program will • not run. New icons appear on the desktop that you did not put there, or the icons are not • associated with any recently installed programs. • Strange sounds or music plays from the speakers unexpectedly. A program disappears from the computer even though you did not intentionally remove • the program.

Use updated antispyware software on the computer. To download the Malicious Software 3.How to remove a computer virus Even for an expert. You never hear about viruses on these operating systems because the security features keep viruses (and unwanted human visitors) away from your hard disk. computer by using the antivirus software. removing a computer virus can be a difficult task without the help of computer virus removal tools. install. such as spyware. • If you simply avoid programs from unknown sources (like the Internet).microsoft. even reinstall themselves after the viruses have been detected and removed. To remove a computer virus. follow these steps: On the computer. you can help permanently remove unwanted software. turn on the firewall. • If you are using an unsecured operating system. and instead stick with commercial software purchased on CDs. To protect your computer against viruses. follow these steps: 1. 3. Some computer viruses and other unwanted software.mspx How to protect your computer against viruses 1. 4. Keep the computer operating system up-to-date. by updating the computer and by using antivirus tools. Use updated antivirus software on the computer. then buying virus protection software is a nice safeguard. Install the latest updates from Microsoft Update on the computer. Update the antivirus software on the visit the following Microsoft Web site: http://www. Removal Tool. and then run the Microsoft Malicious Software Removal Tool to remove existing viruses on the computer. perform a thorough scan of the 2. Download. Then. you should be running a more secure operating system like UNIX. How to Protect Your Computer from Viruses You can protect yourself against viruses with a few simple steps: • If you are truly worried about traditional (as opposed to e-mail) viruses. Fortunately. 2. you eliminate almost .

XLS).JPG graphic file attachments. some viruses can now come in through .DOC). COM or VBS is an executable. and that will eliminate the risk of a boot sector virus coming in from a floppy disk accidentally left in the drive.GIF). are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above)..all of the risk from traditional viruses. . as shown. and an executable can do any sort of damage it wants. Attachments that come in as Word files (. spreadsheets (.most computers now allow you to do this. etc. A file with an extension like EXE. and you should NEVER run macros in a document unless you know what they do. There is seldom a good reason to add macros to a document. you have given it permission to do anything on your machine. In addition. Open the Options dialog from the Tools menu in Microsoft Word and make sure that Macro Virus Protection is enabled. The only defense is to never run executables that arrive via e-mail. so avoiding all macros is a great policy. images (. However. • You should make sure that Macro Virus Protection is enabled in all Microsoft applications. Once you run it. you should disable floppy disk booting -. • • You should never double-click on an e-mail attachment that contains an executable.

Most commercial antivirus software uses both of these approaches. Antivirus software typically uses two different techniques to accomplish this: • • Examining (scanning) files to look for known viruses matching definitions in a virus dictionary Identifying suspicious behavior from any computer program which might indicate infection. thwart and eliminate computer viruses and other malicious software (malware). . port monitoring and other methods.Antivirus software consists of computer programs that attempt to identify. with an emphasis on the virus dictionary approach. Such analysis may include data captures.

which made it difficult to alter or remove.COM. according to some estimates. VCLs tended to create viruses -.000. and many machines were infected multiple times. and Venom -. there were about 100 known computer viruses. Infected computers -. was the first to attack an executable file. Donatello. Morris. Here.EXE and .Unix machines rather than PCs -slowed down so much that they became unusable. The Jerusalem virus (1987). members of hacker clubs could download virus source code. With no built-in protection. discovered at Lehigh University in 1987. Genocide. was the first to trigger its payload (the subroutine within a virus or worm that actually does the damage) on a specific date -Friday the 13th. the computing world saw its first mass-generated computer viruses as virus creation libraries (VCLs) were uploaded to renegade BBSes known as VX Exchange Boards.THE BRIEF HISTORY OF VIRAL TIME Once Brain showed the way. In the early 1990s. Several other Friday the 13th viruses would follow. it spread farther than intended. The first worm to spread widely over the Internet was the Morris worm. Fortunately. and release their own virus with little effort or true knowledge of programming. The Cascade virus (1988) was the first encrypted virus.) The Lehigh virus. Morris claimed to have created the worm as an intellectual exercise to measure the size of the Internet. specifically COMMAND. Microsoft's DOS operating system made it easy.such as Kinison. Before long. personalize it. many derivative PC viruses followed in the late 1980s. . which infected both . Earthday.that were too buggy to ever spread far or cause much concern. (Today there are about 300. released in 1988 by Robert T.COM files. then a graduate student at Cornell University and now an MIT professor. however.

. They infect program files and when the infected program is executed.DRV (driver) and . They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected file’s size shown in the directory listing. these viruses infect the boot record. and Tequila Stealth viruses: These viruses use certain techniques to avoid detection. When you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk. the Whale virus adds 9216 bytes to an infected file. Michelangelo. Boot viruses load into memory if the computer tries to read the disk while it is booting. . Whale . making copies of itself and infecting files on disk. Examples: Frodo.OVL.COM. The virus becomes active in memory. Types of viruses Boot viruses: These viruses infect floppy disk boot records or master boot records in hard disks. and Stone virus Program viruses: These infect executable program files. Examples: Form. These programs are loaded in memory during execution. then the virus subtracts the same number of bytes (9216) from the size given in the directory.EXE. such as those with extensions like . Examples: Sunday. For instance.Viruses – Types and Examples Let us study the basic category of viruses. Flip. . Examples: Invader.BIN. Cascade Multipartite viruses: A hybrid of Boot and Program viruses. They replace the boot record program (which is responsible for loading the operating system in memory) copying it elsewhere on the disk or overwriting it. taking the virus with them. Disk Killer. Joshi. .SYS (device driver).

Proud.Polymorphic viruses: A virus that can encrypt its code in different ways so that it appears differently in each infection. Stimulate. the infection can spread if such documents are opened on other computers. and hence gets infected with the macro virus. These are just few broad categories. Phoenix. These viruses are more difficult to detect. Cascade. When you open a word processing or spreadsheet document. the macro virus is activated and it infects the Normal template (Normal. leave a nice big hole in the security by allowing applets free run into there machine. things from the security angle seem a bit gloom. There are many more specialized types. Examples: DMV. not write a thesis on computer virus specification. Evil. Most people do not know how to control there web browser to enable or disable the various functions like playing sound or video and so. . Since this virus attaches itself to documents. Nuclear. But let us not go into that. There has been a lot of commotion behind this and with the amount of power that JAVA general purpose file that stores default document formatting settings. Word Concept. We are here to learn to protect our self. Active X: ActiveX and Java controls will soon be the scourge of computing. Virus 101 Macro Viruses: A macro virus is a new type of computer virus that infects the macros within a document or template. by default. Every document you open refers to the Normal template. Examples: Involuntary.

When you execute program code that's infected by a virus. Then the infected floppy disks may infect other computers that boot from them.HOW DO VIRUSES SPREAD? The exchange of documents between users is a favorable way of spreading macro viruses. can spread both by infecting files and by infecting the boot areas of floppy disks. running the file may also infect their computers. either on the same computer or on other computers connected to it over a network . If your computer is infected with a boot sector virus. Some viruses. and files from those computers may spread the infection to yet more computers. . And the newly infected programs will try to infect yet more programs. the virus code will also run and try to infect other programs. and the virus copy on the hard disk will try to infect still more floppies. known as 'multipartite' viruses. boot viruses lost their popularity because the floppy disks are more and more rarely used. In the last years. the virus tries to write copies of itself to the system areas of floppy disks and hard disks. When you share a copy of an infected file with other computer users.

the analogy between computer and biological viruses stretches things a bit. Unlike a cell. There are similarities at a deeper level. as well. Once it is running. In some cases. A computer virus passes from computer to computer like a biological virus passes from person to person. Instead. The viral DNA then uses the cell's existing machinery to reproduce itself. it is then able to infect other programs or documents. . Obviously. and the cell remains alive. a biological virus must inject its DNA into a is not alive. the cell fills with new viral particles until it bursts. a virus has no way to do anything or to reproduce by itself -. releasing the virus. In other cases. A biological virus is not a living thing. but there are enough similarities that the name sticks. the new virus particles bud off the cell one at a time.How Computer Viruses Work Computer viruses are called viruses because they share some of the traits of biological viruses. A computer virus shares some of these traits. A virus is a fragment of DNA inside a protective jacket. A computer virus must piggyback on top of some other program or document in order to get executed.