Computer Virus Essay, Research Paper
Computer Virus
Melissa, Bubbleboy, WM Concept, Stoned, Michelangelo, ?, the list goes on and on. You might ask what do all these names have in common. The similarity between them is that they can cause damage to your computer. In short they are simply known as ?computer viruses?. For most users, the term ?computer virus? is a synonym of the worst nightmares that can happen on heir system. A computer virus is an illegal and potentially damaging computer program designed to infect other software by attaching itself to any software it contacts. In many cases, virus programs are designed to damage computer systems maliciously by destroying or corrupting data. The viruses can do one or all of the following things: Take control of your computer without your knowledge, cause your computer to act strangely, and cause damage to some files.
An infected file that is loaded into memory and executed causes a computer to catch a virus. In a computer the virus first infects the computer?s memory. The contact can take place by using a virus infected floppy disk, or by opening a virus infected e-mail attachment, or any other method where the virus comes into contact with the computer?s memory to infect the computer. Also, if the infected software is transferred to or accessed by another computer system, the virus spreads to the other system. If an infected file is not opened, the virus cannot infect the computer.
There are millions and millions of viruses out in cyberspace, and that list continues to grow weekly. However, all these viruses are only one of the 3 types of viruses. The three types of viruses are a boot sector virus, file virus, and Trojan horse virus.
The boot sector virus hide on the sector of the disk known as the boot or partition table of a disk. Affecting the computer system during the start-up process. These viruses are difficult to deal with because they read during the start-up process even before the system is able to load its anti-virus software to detect the virus. It will take control after which it will coy itself into RAM so that when other disks are called on for service, the virus will transfer to their boot sectors. One of the most wide spread virus is the application or fie virus. This attaches to executable .exe or .com files. This type of virus takes control after the infected file has been ran or executed. When the infected file is running, the virus is loaded into the computer?s memory where it can infect every program run on the computer till shut down. Some just replicate themselves while others destroy the program being used. Unlike most viruses the stealth virus attempts to hide its presence. Some techniques of hiding include: change in date and time, and hiding the increase in file size. Some prevent anti-virus software for reading the file where the virus is located also encrypting the virus code with encryption techniques aids in the stealth. Macro viruses which attaches to a word-processing or spreadsheet file as a macro. It can start programs that may be able to delete the users files on the computers hard drive and infect all other document spreading its self. Looking at the above we can see the damage that can occur when viruses are unprecedented. The amount of lost processing time and man-hours to correct the problems associated with them and lead to large amounts of money and equipment. When the infected boot program executes, the virus is loaded into the computer?s memory. Once a virus is in the memory, it can spread to any floppy disk inserted in to the computer. A file virus inserts virus codes into program files. The virus then spreads to any program that accesses the infected file. A Trojan horse virus (named after the Greek myth) hides within or is designed to look like a legitimate program.
Some viruses interrupt processing by freeing a computer system temporarily and then displaying sounds or messages. Other viruses contain time bombs or logic bombs. A time bomb is a program that performs an activity when a certain action occurs, such as an employee being terminated. A worm, which is similar to a virus, copies itself repeatedly until no memory or disk space remains.
Most of the viruses are received from the Internet. On Friday, March 26, 1999, a virulent and widespread computer virus was found. This virus spread faster then any other virus all over the globe with in hours if its initial discovery. The virus, known as W97M/Melissa, spread by e-mailing itself automatically from one user to another. The virus is activated by modifying the user?s documents and inserting comments from the TV series ?The Simpsons?. The Melissa virus can send out confidential information from the computer without the users being aware of what is taking place. The virus was discovered late Friday evening European time, early morning US time. Many multinational companies reported widespread infections, to include Microsoft and Intel. Microsoft closed down their entire e-mail system to prevent the virus from creating further damage.
W97M/Melissa was initially distributed in an Internet discussion group called alt.sex. The virus was sent in a file called LIST.DOC, which contained passwords for X-rated websites. When users downloaded the file and opened it in Microsoft word, a macro inside the document executed and e-mailed the LIST.DOC file to 50 people listed in the e-mail ?address book? of the user.
The e-mail looked like this:
From: (name of infected user)
Subject: Important message from (name of infected user)
To: (50 names from alias list)
Here is the document you asked for.. Don?t show anyone else
Attachment: LIST.DOC
The Melissa virus can arrive in any document, not necessarily just in the LIST.DOC where it will spread initially. Most recipients are likely to pen a document attachment, especially if it is received from a known user. After sending itself out, the virus continues to infect other Word documents. Eventually these files can end up being mailed to other users. This can be potentially disastrous if the user inadvertently sends out confidential data to outsiders.
The virus activated if the is executed when the minutes of the hour match the day of the month – for example 12:30 on the 30th day of the month. At this time the virus will insert the following phrase into the document the user has pen in Word: ?Twenty-two points, plus triple-word-score, plus fifty points for using all my letter. Game?s over. I?m outta here?. This text, and the alias name of the virus author, ?Kwyjibo?, are references to the popular ?Simpsons? cartoon TV series. When a big company gets infected, their e-mail servers are seriously slowed down and might even crash, as people start to e-mail large document attachments without realizing it.
W97M/Melissa works with Microsoft Word 97, Microsoft Word 2000 and Microsoft Outlook 97 or 98 e-mail clients. You don?t need to have Microsoft Outlook to receive the virus in e-mail, but it will not spread itself further in e-mail without it.
To prevent or destroy the virus within the computer, people can use an anti-virus program. If a virus is found, the program will clean or delete the virus without loss to data, or harm to the computer that is infected. Even though, anti-virus software is widely available, there are many steps that one can take to ensure than a computer may not be infected. First don?t use illegal software! If the software has been obtained illegally, how can one assume that it doesn?t contain a virus? Never boot a computer system from a diskette if at all possible. If the system needs o has to be booted from floppy then the diskette should be clearly marked, write-protected and used only footing up the computer. If your system uses a fixed disk, never boot from a diskette. Always write-protect your systems and program disks. Write-protect tabs are easy to use and very effective. Only copy files from the original distribution disks. Always keep at least one set of back-up copies of all original disks. This will not prevent a virus infection, but it will help in the recovery process if an infection occurs. Do not load out program disks. They may be infected when they are returned. If you must loan out program disks, always check it for viruses or format it before using the disk on your computer system. Make all the .com and .exe system and program fields read only, although some viruses can now circumvent this method it is a good habit. Watch for files that disappear or change size. Notice when there are attempts to access the disks when there should not be any read or write activity. Keep a lookout for lower memory than what is installed or reduction of disk space. Look for unusual displays on the computer screen or different colors being used. Take caution when using public domain and shareware software or any new software. Even though there have been instances where commercial software has been sold with a virus this is not the norm. If you are downloading software from the Internet or other computer network. Always download to a diskette. You should then scan the diskette for possible virus infections. Most important of all is to teach anyone using your computer about computer viruses so that they can recognize them.
Bibliography
WORK CITED
Chambers, AnitaR., and Zachary W. Peters. ?Protecting Against virus Attacks.?
Computers May 1998
Elmhurst, Mark. ?virus Infection: Where to Obtain Assistance? Word 97, Porject 3.
www.scsite.com/wd97/pr3.htm 28 Nov. 2000
The Gael Encyclopedia of Science vol. 6 Detroit, MI 1995
Reed, Margaret E. ?An Introduction to Using Computers? Chicago: West
Davidson Jones Publishing Company, 1998
Rtech-Encyblopedia 30 Nov. 2000
www.techweb.com/ecyblopedia/defineterm?term=virus
Summers, Wayne. Home Page. 29 Nov. 2000
www.jarring.nmhu.edu/notes/security.htm-virus
U=GEEKA 29-Nov-00
www.ugeek.com/glossary/glossary_search.cgi\