Computer Viruses A virus is a program that copies itself without the knowledge of the computer user. Typically, a virus spreads from one computer to another by adding itself to an existing piece of executable code so that it is executed when its host code is run. If a virus if found, you shouldn’t panic or be in a hurry, and you should work systematically. Don’t rush! A Virus may be classified by it’s method of concealment (hiding).
Some are called stealth viruses because of the way that they hide themselves, and some polymorphic because of the way they change themselves to avoid scanners from detecting them. The most common classification relates to the sort of executable code which the virus attaches itself to.
These are: Partition Viruses Boot Viruses File Viruses Overwriting Viruses As well as replicating, a virus may carry a Damage routine. There is also a set of programs that are related to viruses by virtue of their intentions, appearances, or users likely reactions. For example: Droppers Failed viruses Packagers Trojans Jokes Test files THE DAMAGE ROUTINE Damage is defined as something that you would prefer not to have happened. It is measured by the amount of time it takes to reverse the damage. Trivial damage happens when all you have to do is get rid of the virus. There may be some audio or visual effect; often there is no effect at all.
Minor damage occurs when you have to replace some or all of your executable files from clean backups, or by re-installing. Remember to run Find Virus again afterwards. Moderate damage is done when a virus trashes the hard disk, scrambles the FAT, or low-level formats the drive. This is recoverable from your last backup. If you take backups every day you lose, on average, hal a day’s work.
The Essay on Hacking Defined Hackers And Who Deliberately Damage Computer
A. What is hacking? Hacking is the act of penetrating computer systems to gain knowledge about the system and how it works. Hacking is illegal because we demand free access to ALL data, and we get it. This pisses people off and we are outcaste d from society, and in order to stay out of prison, we must keep our status of being a hacker/ a secret. We can't discuss our findings with anyone but other ...
Major damage is done by a virus that gradually corrupts data files, so that you are unaware of what is happening. When you discover the problem, these corrupted files are also backed up, and you might have to restore a very old backup to get valid data. Severe damage is done by a virus that gradually corrupts data files, but you cannot see the corruption (there is no simple way of knowing whether the data is good or bad).
And, of course, your backups have the same problem. Unlimited damage is done by a virus that gives a third party access to your network, by stealing the supervisor password. The damage is then done by the third party, who has control of the network.
CLASSIFICATION OF VIRUSES Stealth Viruses If a stealth virus is in memory, any program attempting to read the file (or sector) containing the virus is fooled into believing that the virus is not there, as it is hiding. The virus in memory filters out its own bytes, and only shows the original bytes to the program. There are three ways to deal with this: 1. Cold Boot from a clean DOS floppy, and make sure that nothing on the hard disk is executed. Run any anti-virus software from floppy disk. Unfortunately, although this method is foolproof, relatively few people are willing to do it.
2. Search for known viruses in memory. All the virus scanners do this when the programs are run. 3. Use advanced programming techniques to probe the confusion that the virus causes.
A process known as the “Anti-Stealth Methodology” in some scanners can be used for this. Polymorphic Viruses A polymorphic virus is one that is encrypted, and the decrypt or / loader for the rest of the virus is very variable. With a polymorphic virus, two instances of the virus have no sequence of bytes in common. This makes it more difficult for scanners to detect them.
Many scanners use the “Fuzzy Logic” technique and a “Generic Decryption Engine” to detect these viruses. The Partition and Partition Viruses The partition sector is the first sector on a hard disk. It contains information about the disk such as the number of sectors in each partition, where the DOS partition starts, plus a small program. The partition sector is also called the “Master Boot Record” (MBR).
The Essay on Information About Viruses Floppy Disk
Information About Viruses growing problem in using computers is computer viruses. Viruses are pesky little programs that some hacker with too much time on his hands wrote. Viruses have been known to create annoyances from displaying messages on the screen, such as 'Your PC is now stoned,' to completely obliterating everything that is contained on the computer's hard disk. Viruses are transferred ...
When a PC starts up, it reads the partition sector and executes the code it finds there. Viruses that use the partition sector modify this code.
Since the partition sector is not part of the normal data storage part of a disk, utilities such as DEBUG will not allow access to it. However, it is possible to use Inspect Disk to examine the partition sector. A floppy disk does not have a partition sector. How to Remove a Partition Sector (MBR) Virus 1. Cold Boot from a clean DOS diskette. 2.
Run the DOS scanner. 3. Select the drive to clean and “Repair” it. 4. Follow the instructions.
The boot sector and Boot Sector Viruses The boot sector is the first sector on a floppy disk. On a hard disk it is the first sector of a partition. It contains information about the disk or partition, such as the number of sectors, plus a small program. When the PC starts up, it attempts to read the boot sector of a disk in drive A: . If this fails because there is no disk, it reads the boot sector of drive C: . A boot sector virus replaces this sector with its own code and moves the original elsewhere on the disk.
Even a non-bootable floppy disk has executable code in its boot sector. This displays the “not bootable” message when the computer attempts to boot from the disk. Therefore, a non-bootable floppy can still contain a virus and infect a PC if it is inserted in drive A: when the PC starts up. File Viruses File viruses append or insert themselves into executable files, typically.
COM and. EXE programs. A direct-action file virus infects another executable file on disk when its ‘host’ executable file is run. An indirect-action (or TSR – Terminate and Stay Resident) file virus installs itself into memory when its ‘host’ is executed, and infects other files when they are subsequently accessed. Overwriting Viruses Overwriting viruses overwrite all or part of the original program.
The Term Paper on Boot Camp Program Programs Offenders
In the military, boot camp represents an abrupt, often shocking transition to a new way of life. Discipline is strict and there is an emphasis on hard work, physical training, and unquestioning obedience to authority. The new private is told when to sleep, when to get up and when to eat. He marches with his platoon everywhere he goes such as to meals and to training. Orders must be obeyed ...
As a result, the original program doesn’t run. Overwriting viruses are not, therefore, a real problem – they are extremely obvious, and so cannot spread effectively. APPEARANCES AND INTENTIONS OF VIRUSES Droppers Droppers are programs that have been written to perform some apparently useful job but, while doing so, write a virus out to the disk. In some cases, all that they do is install the virus (or viruses).
A typical example is a utility that formats a floppy disk, complete with Stoned virus installed on the boot sector. Failed Viruses Sometimes a file is found that contains a ‘failed virus’.
This is the result of either a corrupted ‘real’ virus or simply a result of bad programming on the part of an aspiring virus writer. The virus does not work – it hangs when run, or fails to infect. Many viruses have severe bugs that prevent their design goals – some will not reproduce successfully or will fail to perform their intended final actions (such as corrupting the hard disk).
In general many virus authors are very poor programmers.
Packagers Packagers are programs that in some way wrap something around the original program. This could be as an anti-virus precaution, or for file compression. Packagers can mask the existence of a virus inside. Trojans and Jokes A Trojan is a program that deliberately does unpleasant things, as well as (or instead of) its declared function. They are not capable of spreading themselves and rely on users copying them. A Joke is a harmless program that does amusing things, perhaps unexpectedly.
We include the detection of a few jokes in the Toolkit, where people have found particular jokes that give concern or offence. Test files Test files are used to test and demonstrate anti-virus software, in the context of viruses. They are not viruses – simply small files that are recognised by the software and cause it to simulate what would happen if it had found a virus. This allows users to see what happens when it is triggered, without needing a live virus.
The Term Paper on Computer Virus Viruses Infected Program
... was developed whereby (MS Encarta 98, Virus [computer], History) "Players created tiny computer programs that attacked, erased, and tried to propagate ... of both boot and program) viruses are all still a threat to anyone who shares files from other computers, or who is ... virus that infects the boot sector of a floppy disk. If the infected floppy was used as a boot disk, it then infected the master boot ...
METHODS OF REMOVING VIRUSES How to Remove a Boot Virus from a Hard Disk 1. Cold Boot from a clean DOS diskette. 2. Run the scanner. 3. Select the drive to clean and “Repair” it.
An alternative method is as follows: 1. Cold Boot from a clean DOS diskette. 2. Type: SYS C: at the DOS prompt.
(if C drive is infected) The clean DOS diskette should be the same version of DOS that is on the hard disk. How to Remove a Boot Virus from a Floppy 1. Cold Boot from a clean DOS diskette. 2.
Run the scanner. 3. Make sure to “Replace the Boot Sector” of the floppy drive. If you find a new virus… If you have some symptoms that you think are a virus, then: 1. Format a floppy disk in the infected computer.
2. Copy any infected files to that floppy. 3. Copy your FORMAT and CHK DSK programs too. As you can see in this essay, viruses are very appalling, and since a virus spreads from one computer to another, it gets worse! Just like a contagious human virus which causes more harm, as more people are infected and more need to be treated. This same concept applies to a computer virus infecting computers continually.
Also, in this essay, various techniques have been explained on how to remove and deal with computer viruses, of different types, inflicting different components in a computer. So, next time you have suspicions that your computer has been damaged by a virus, read through this essay and exercise the remedies indicated.