Monday, July 23, 2012

Virus Information

What is a VIRUS?

Computer viruses make headlines! Frequently in the news is some new virus that's causing -- or will soon cause -- havoc on business computers, personal computers, and Web services. To combat the virus problem, the best weapons are knowledge and preparation, beginning with the definition of a virus.

Everyone knows how a biological virus operates: it can injure and potentially kill a host. A software virus will do the same thing. This kind of virus is a tiny program that causes your computer to perform in a manner you consider undesirable, and that then may attempt to replicate itself. The virus action may be as simple as displaying a text box that says, "John Doe is a creep."  

Or it may be as destructive as the Melissa virus, which can tear down networks and ultimately shut down a business -- at least temporarily. Some viruses, called retroviruses, actually attack virus-scanning software!
Keep in mind that a virus cannot run on its own. It must be attached to "host" software that runs legitimate software; while running the legit software, the host software becomes a host for the virus as well.


What are WORMS?


Technically, worms are not viruses. In general, a worm is a  program that enters your computer in some fashion and then  begins to perform a function. Keep in mind that worms do not  require a host program to operate. 

Some of the more famous  worms are programs such as the Morris worm, Anna Kournikova  (not the tennis player but the worm named after her), Code  Red I and II, and Annoying. Such worms wreak havoc among  unsuspecting persons who inadvertently run the offending  programs.

Unlike viruses, worms do not need any kind of user intervention or action to begin their nefarious activity. Once on a computer, a worm immediately begins its destructive task, and at the same time, looks for connections by which it can replicate and transmit itself to other host computers. In a contest between viruses and worms, worms win as potentially the more destructive of the two.

Virus Hoaxes


Do any of these names sound familiar: It Takes Guts To Say Jesus, Budweiser Frogs, Elf Bowling, Pen Pal Greetings, and Sandman? What do these have in common? They are all virus hoaxes. A virus hoax is usually transmitted in the form of an email stating that a new horrible virus is running amok and you'd better be informed, or else. The email usually ends with something like, "Send this to everyone you know."

Now, believe it or not, virus hoaxes are almost as bad as real viruses. Many viruses and worms clog bandwidth, slow down servers, and clog networks. The Internet chain-mail hoax unintentionally may cause the same problems. 

Many times people receiving these emails, unknowingly send them to 20 or 30 -- or more -- people thinking that they are doing good. Actually, they're simply placing undo burden on the servers that must handle these emails.

If you receive an email claiming to warn you about the horrors of a new virus and asking you to send it out to others, it's probably a hoax. There is a link to an article at the bottom of this page along with a link to a Web page that contains nothing but virus hoaxes. Use it to determine whether the email is legitimate. If not, put the email where it belongs, in the trash bin.

Virus Scanners


The way most virus-scanning products work is by using a massive database of known viruses to scan your hard drive for files or stubs that are known virus offenders. Many products also have email scanners, monitors, and continual scanners, along with other features.

The problem with many of these products is the "continual-scan" feature. If you're on a work-based network, this function is usually controlled by the network administrator, and should be left alone. If you're a home computer user, the continual-scan function is not very useful if you perform regular scans. In addition, the constant scanning greatly slows down your system. Also, many scanning products perform a boot scan of applications at start-up that greatly increases the boot time.

My advice would be either to schedule a scan of your computer at regular intervals depending upon email and Internet use, and turn off the auto-scan. This will greatly improve computer performance, and as long as you are running your scans yourself, will not significantly decrease your system's protection mechanism.

Email Attachments


Virus programmers will often attempt to disguise their program as another file by naming it something like wacky.jpg.vbs. When you open the attachment in Windows, you see the 'wacky.jpg' but the .vbs extension (meaning Visual Basic Script), is omitted. 

Such a file extension could potentially be dangerous to your system, if it's a virus or a worm. (Note: If you ever see a file attachment that has an icon that looks like a light blue 'S', do NOT open it.) Watch for these file extensions and don't open any attachments bearing any of them: .js, .jse, .vbs, .scr, .shs, and .shb

The issue here is that Microsoft, in an attempt to make their products more friendly, has the default for double-clicking an email attachment as an 'OPEN' command. 

You can add a layer of security by changing this default to an 'EDIT' command. To do so:
1). Windows Me: Go to the Control Panel and select the Folder Options icon. Now, select the File Types tab and a small flashlight will appear. You may have to wait a moment. Now, when the files are displayed, find one with one of the extensions I listed above. Select it, and click the Advanced tab. Now, highlight Edit and press the Set Default button.
2). Windows 95/98: This is a bit more difficult. Go to an Explorer window and select View, then Folder Options. Click the Files tab and scroll through the file types. You will see the extensions in the small window at the bottom. When you find a file with one of the extensions I mentioned above, click Edit. Now select Edit from within the Actions list and click the Default button.

Download Procedures


Do you download stuff from the Internet? These days, who doesn't? The problem is that some of the files downloaded may be worms, or have viruses attached to them. Before running ANY software downloaded from the Internet, no matter the source, run a virus checker against the downloaded files. A few extra seconds worth of work just might save you from several hours of recovery.

Virus Definition files


If you are currently using a virus protection program, that's a good thing. However, if you don't keep your virus definition files up to date, you might as well not have a virus scanner at all.

Virus scanners work by looking for code that matches a worm, virus, or Trojan. After locating this signature, the anti-virus software loads the remedy for that particular virus. No two viruses are exactly the same, and many times their programs are very complex; some may even be polymorphs (programs that can change themselves).

Before doing anything else, download the latest version of software and virus definitions from your anti-virus software's manufacturer. It might cost you a little change, but it only takes one attack to kill a system -- a much more expensive prospect.

Trojan Virus


If you've ever heard the story of the Trojan horse, then you know that no matter how pretty the big pony is, if it gets inside your fortress, then the war's over! The same goes with a Trojan horse program. These programs enter a system, usually one that's protected, then send vital data out over the Internet. Sometimes they transmit IP addresses, payroll information, names, credit card data, and other proprietary information, to the author of the program.

A Trojan virus acts like a spy on the inside of another computer, transmitting secrets without the knowledge of the computer or its owner. Trojans generally do not replicate themselves or cause systems to crash. A Trojan's main job is to be a silent whisperer.

Links to websites with Virus Information...


at
Posted by Labels: , ,