Welcome to IT
|What is a Virus?
A virus is a program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. The virus can spread from file to file and program to program. Viruses are capable of damaging data, crashing computers, displaying messages, and corrupting operating system files. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
Viruses are generally spread through email attachments or by opening files from an infected disk. New viruses are created each day, so it is important for all users to take precautionary measures in order to protect the information on their computers. By installing a virus detection program on your computer and not opening files you receive from strangers, you can help keep your computer virus-free.
ITS recommends purchasing and installing a virus protection program. Norton Anti-Virus is recommended and used on campus. Once you have purchased and installed the program, we encourage you to take advantage of the free updates offered by the company. These updates provide protection from the most recently discovered viruses. Directions for obtaining these updates should be provided with the software.
What are Basic Types of Viruses?
Virus codes can be written in many different programming languages and there can be drastic differences in the damage each type of virus can do.
Boot Sector viruses are the most successful viruses in the world. This is because they are easiest to write and can take control of a system at a very low level. This type of virus infects a system when a person attempts to boot a computer from an infected floppy disk. Once the virus is run, it may become "Memory-resident." With every subsequent boot, the virus will be reloaded. The virus will also attempt to infect other floppy disks, thereby potentially infecting other computers.
All Boot Sector viruses have the potential to damage or destroy information on floppy disks. They do this by moving the original boot sector of the floppy to another part of the diskette, which may be occupied by data. The original data will be damaged or destroyed.
A Macro is a set of saved instructions that you can create and edit to automate tasks within certain applications. The most common kinds of Macro Viruses are found in Microsoft Word and Excel.
The Macro Virus will copy itself and be present in all files the user opens. If a user attaches the file to an e-mail message, the virus will be transmitted to the recipient. A Macro Virus can delete or change document contents, change default program settings, set a password to access documents, delete files, copy a DOS Virus to the user's system, or insert harmful lines of code into the config.sys or autoexec.bat files.
Worms are the quickest spread viruses in the world. Worms are notorious for being unleashed in the Microsoft Outlook program. Once activated, the Worm places a copy of itself in a Window's directory. It may rename files on your computer's hard drive, even those essential for running Windows, rendering your operating system useless. The Worm can also e-mail itself out to all the names found in the victim's address book. This can potentially take down the e-mail system of a large company or school. For the longest time it was said that as long as you do not open an e-mail attachment, you were safe from virus infection. This all changed with the Bubble Boy Worm in 1999. Just viewing the e-mail message was enough to infect you with this new virus. This being said, be very careful of e-mail messages from people you do not recognize. Be just as careful of e-mails from people you know because viruses can send themselves out to everyone in an infected computer's e-mail address book.
A Trojan Horse is a program which appears harmless on the outside, but which carries a hidden virus. A Trojan Horse program may run as a relatively benign program does, while erasing files and changing file names. A user may not even be aware that his/her computer was infected for days or weeks.
A Dropper is an executable file that "drops" a virus when run. A Dropper virus cannot be detected by anti-virus programs because the virus' viral code is not created until the file is executed. Once the file is executed, the virus is created and can change system file names and damage data.
A Stealth virus gets its name because of its elusiveness when it comes to detection. This virus uses various and complex techniques for avoiding detection. A Stealth virus may redirect system pointers and information in order to infect a file without actually changing the infected program file. Another Stealth technique is to conceal an increase in file size by displaying the original uninfected file size.
What are Virus Myths and Hoaxes?
There are a lot of viruses out there, and then there are some viruses that aren't really out there at all. At times, you may receive hoax virus warning messages, emails that falsely warn you about viruses. If you receive a virus warning email, before forwarding the email to all your friends, check McAfee Hoaxes or Vmyths to find out if the warning is legitimate or if it's a hoax.