S1
Introduction Course
S2
Introduction course
Computing
Standard Grade
Information Systems
Intermediate II
Information Systems
Higher
Internet
Safety
Business Studies
Dept

Computer Viruses

A computer virus is a program that makes unauthorised changes to the way in which a computer system operates. Some viruses can be pretty harmless pranks, where a virus writer is simply showing that he has the power to affect a system, even if the payload of the virus (the executable part of the virus) simply displays a screen message that can be closed by the user, and the virus threat is removed. Other viruses can be extremely damaging to a computer system or a whole series of computers on a network if the virus spreads, and can lead to a computer's hard disc being reformatted, wiping the disc clean of all the users programs and, more importantly, personal files.

 

How they Work?

A computer virus attaches itself to a program or file enabling it to spread from one computer to another, leaving infections as it travels. Almost all viruses are attached to an executable file, which means the virus may exist on your computer but it actually cannot infect your computer unless you run or open the malicious program. It is important to note that a virus cannot be spread without a human action, (such as running an infected program) to keep it going. People continue the spread of a computer virus, mostly unknowingly, by sharing infected files or sending e-mails with viruses as attachments in the e-mail.

It is important to note that all viruses must have 2 features: the ability to execute and the ability to replicate or copy themselves.

 

Brief History of Viruses

Viruses first appeared in the late 1980s. Early in the 1990s viruses had become the major problem that they remain to this day. Originally, viruses were transferred by means of floppy discs, which contained the infected code. Today the floppy disc is virually obsolete, but the growth in computer networks, notably with the provision of the World Wide Web (WWW), and peer-to-peer network sites, has meant that the means to spread viruses has become so much easier with payloads that can affect computers in all areas of the globe in no time at all. Virus writers write viruses to have the largest possible impact as possible, and this is why many are directed at server machines, particularly web servers rather than individual client machines. Attacks often try to crash the system, or make it eun so slow that it becomes useless to users. Such an attack is known as a Denial of Service Attack (DoS). One famous technique, known as the ping of death, constantly flooded systems with fake ping messages (ping messages are usually used to detect the presence of a computer on a network).

 

To Do:

  1. In the Glow Group Discussion area, add an entry to the discussion, Viruses and me. Write down as much as you possibly can. Specifically, answer the following points:
    • Do you know what the virus was called?
    • What damage did it do?
    • How long did the problem take to fix?
    • Were people at home able to fix it themselves or was outside help needed?
    • What changes happened regarding how you deal with viruses in the future after this attack?
    • If you've never had a virus, tell us why you think this is? What do you do (or not do) to keep the viruses away?

Continue to torjans and Worms

Types of Viruses

It is generally agreed that there are 5 distinct types of viruses, all of which work in different ways.

File infector viruses
These infect program files, such as applications, games or utilities. They are often memory-resident, meaning that once they have been executed they remain active in the computer's memory and can infect more programs. Examples include Jerusalem and Cascade.

Boot sector viruses
Floppy disks and hard disks store a small program known as the boot record which is run when the computer starts up. Boot sector viruses attach themselves to this program and execute when the computer tries to start up from the infected disk. Once a computer has been infected, any unprotected floppy disk put into the computer will also be infected. Infected machines will often refuse to start. Examples include Michelangelo and Stoned. These viruses are no lnger very threatening as nowadays virtually no-one uses floppy discs and programs are carried on CDs which cannot be infected (as they cannot be changed after creation). Boot sector viruses have also declined because operating systems now protect the boot sector.

Master boot record viruses
Similar to boot sector viruses, but they store an uninfected copy of the original boot record in another location. Many master boot record viruses are also stealth viruses, meaning that they try to hide themselves from antivirus software. Examples include New York Boot (NYB), AntiExe and Unashamed.

Multi-partite or polypartite viruses
These infect both boot records and program files and are very difficult to repair as the virus code must be removed from both locations. Examples include Anthrax and Tequila.

Macro viruses
These infect data files, such as Word documents or Excel spreadsheets, rather than programs. They are very common and can be difficult and expensive to repair. Macro viruses are written using macro programming languages, designed to allow users to automate tasks within an application. They are easy to produce, so there are now thousands in circulation. Examples of macro viruses include W97M.Melissa and WM.NiceDay.

 

Hoax Viruses

As if there isn't enough of a problem with viruses as shown above, there are many virus hoaxes around. These are usually Email messages warning users of a new virus and quoting Microsoft or CNN or suchlike. They often ask users to forward a copy to all their contacts, leading to vast amounts of wasted time. Some hoaxes are malicious, asking users to delete little known system files, which can prevent a computer from running properly.

If you receive such an Email message, the best thing to do is delete it.

To Do:

  1. You should create a presentation naming the virus and giving a brief description of what it did to infected computers and how it was removed. Also write down which of the 5 types of virus shown above that it was.
  2. Present your findings to the rest of the class.
  3. Click here to view some well-known virus hoaxes. Would you fall for any of them?
  4. The Internet is full of hoaxes, some a lot more easy to fall for than others. Click on this link to have a go at the hoax photo test and see how you score.
 

Continue to Trojans and Worms

 

 

Home | S1 Topics | S2 Topics
Computing Standard Grade | Information Systems Int II | Information Systems Higher | Internet Safety
Log into Glow | School Website | Contact Us