Computer Viruses
Computer Viruses
What are computer viruses?
According to Fred Cohen’s well-known definition, a computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of itself. Note that a program does not have to perform outright damage (such as deleting or corrupting files) in order to be called a “virus”. However, Cohen uses the terms within his definition (e.g. “program” and “modify”) a bit differently from the way most anti-virus researchers use them, and classifies as viruses some things which most of us would not consider viruses.
Computer viruses are bits of code that damage or erase information, files, or software programs in your computer, much like viruses that infect humans, computer viruses can spread, and your computer can catch a virus when you download an infected file from the Internet or copy an infected file from a diskette. Once the viruses is embedded into your computer’s files, it can immediately start to damage or destroy information, or it can wait for a particular date or event to trigger its activity.
What are the main types of viruses?
Generally, there are two main classes of viruses. The first class consists of the file Infectors which attach themselves to ordinary program files. These usually infect arbitrary .COM and/or .EXE programs, though some can infect any program for which execution is requested, such as .SYS,.OVL,.PRG,&.MNU files.
File infectors can be either direct action or resident. A direct-action virus selects one or more other programs to infect each other time the program which contains it is executed ,and thereafter infects other programs when “they” are executed (as in the case of the Jerusalem) or when certain other conditions are fulfilled. The Vienna is an example of a direct-action virus. Most other viruses are resident.
The second class is system or boot-record infectors: those viruses, which infect executable code, found in certain system areas on a disk that are not ordinary files. On DOS systems, there are ordinary boot-sector viruses, which infect only the DOS boot sector on diskettes. Examples include Brain, Stoned, Empire, Azusa, and Michelangelo. Such viruses are always resident viruses.
Finally, a few viruses are able to infect both (the Tequila virus is one example). There are often called “multipartite” viruses, though there has been criticism of this name; another name is “boot-and -file” virus.
File system or cluster viruses (e.g. Dir-II) are those that modify directory table entries so that the virus is loaded and executed before the desired program is. Note that the program itself is not physically altered; only the directory entry is. Some consider these infectors to be a third category of viruses, while others consider them to be a sub-category of the file infectors.
What are macro viruses?
Many applications provide the functionality to create macros. A macro is a series of commands to perform some application-specific task. Macros are designed to make life easier, for example, to perform some everyday tasks like text-formatting or spreadsheet calculations.
Macros can be saved as a series of keystrokes (the application record what keys you press); or they can be written in special macro languages (usually based on real programming languages like C and BASIC). Modern applications combine both approaches; and their advanced macro languages are as complex as general purpose programming languages. When the macro language allows files to be modified, it becomes possible to create macros that copy themselves from one file to another. Such self-replicating macros are called macro viruses.
Most macro viruses run under Word for Windows. Since this is a very popular word processor, it provides an effective means for viruses to spread. Most macro viruses are written using the macro language WordBasic. WordBasic is based on the good old BASIC programming language. However, it has many (hundreds of) extensions (for example, to deal with documents: edit, replace string, obtain the name of the current document, open new window, move cursor, etc.).
What is a Trojan horse program?
A type of program that is often confused with viruses is a ‘Trojan horse’ program. This is not a virus, but simply a program (often harmful) that pretends to be something else.
For example, you might download what you think is a new game; but when you run it, it deletes files on your hard drive. Or the third time you start the game, the program E-mail your saved passwords to another person.
Note: simply download a file to your computer won’t activate a virus or Trojan horse; you have to execute the code in the file to trigger it. This could mean running a program file, or opening a Word/Excel document in a program (such as Word or Excel) that can execute any macros in the document.
What kind of files can spread viruses?
Viruses have the potential to infect any type of executable code, not just the files that are commonly called “program files”. For example, some viruses infect executable code in the boot sector of floppy disk or in system areas of hard drives. Another type of virus, known as a “macro” virus, can infect word processing and spreadsheet documents that use macros. And it’s possible for HTML documents containing JavaScript or other types of executable code to spread viruses or other malicious code.
Since viruses code must be executed to have any effect, files that the computer treats as pure data are safe. This includes graphics and sound files such as .gif, .jpg, .mp3, .wav, .etc., as well as plain text in .txt files. For example, just viewing picture files won’t infect your computer with a virus. The virus code has to be in a form, such as an .exe program file or a Word .doc file which the computer will actually try to execute.
How do viruses spread?
The methodology of virus infection was pretty straightforward when first computer viruses such as Lehigh and Jerusalem started appearing. A virus is a small piece of computer code, usually form several bytes to a few tens of bytes, that can do, well, something unexpected. Such viruses attach themselves to executable files— programs, so that the infected program, before proceeding with whatever tasks it is supposed to do, calls the virus code. One of the simplest ways to accomplish that is to append the virus code to the end of the file, and insert a command to the beginning of the program file that would jump right to the beginning of the virus code. After the virus is finished, it jumps back to the point of origination in the program. Such viruses were very popular in the late eighties. The earlier ones only knew how to attach themselves to .Com files, since structure of a .COM file is much simpler than that of an .EXE file—yet another executable file format invented for MS-DOS operating system. The first virus to be closely studied was the Lehigh virus. It attached itself to the file that was loaded by the system at boot time—COMMAND.COM. the virus did a lot of damage to its host, so after three-four replications it was no longer usable. For that reason, the virus never managed to escape the university network.
When you execute program code that’s infected by a virus, the virus code will also run and try to infect other programs, either on the same computer or on other computers connected to it over a network. And the newly infected programs will try to infect yet more programs.
When you share a copy of an infected file with other computer users, running the file may also infect their computer; and files from those computers may spread the infection to yet more computers.
If your computer if infected with a boot sector virus, the virus tries to write copies of itself to the system areas of floppy disks and hard disks. Then the infected floppy disks may infect other computers that boot from them, and the virus copy on the hard disk will try to infect still more floppies.
Some viruses, known as ‘multipartite’ viruses, and spread both by infecting files and by infecting the boot areas of floppy disks.
What do viruses do to computers?
Viruses are software programs, and they can do the same things as any other program running on a computer. The accrual effect of any particular virus depends on how it was programmed by the person who wrote the virus.
Some viruses are deliberately designed to damage files or otherwise interfere with your computer’s operation, while other don’t do anything but try to spread themselves around. But even the ones that just spread themselves are harmful, since they damage files and may cause other problems in the process of spreading.
Note that viruses can’t do any damage to hardware: they won’t melt down your CPU, burn out your hard drive, cause your monitor to explode, etc. warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings.
Modern viruses can exist on any system form MS DOS and Window 3.1 to MacOS, UNIX, OS/2, Windows NT. Some are harmless, though hard to catch. They can play a jingle on Christmas or reboot your computer occasionally. Other are more dangerous. They can delete or corrupt your files, format hard drives, or do something of that sort. There are some deadly ones that can spread over networks with or without a host, transmit sensitive information over the network to a third party, or even mess with financial data on-line.
What’s the story on viruses and E-mail?
You can’t get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros).
In order to activate a virus or Trojan horse program, you computer has to execute some type of code .This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There’s no special hazard in files attached to Usenet posts or E-mail messages: they’re no more dangerous than any other file.
What can I do to reduce the chance of getting viruses from E-mail?
Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file.
If you E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature.
My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, Who it came from, and why it was sent to you.
The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it.
Some General Tips on Avoiding Virus Infections
1. Install anti-virus software from a well-known, reputable company. UPDATE it regularly, and USE it regularly.
New viruses come out every single day; an a-v program that hasn’t been updated for several months will not provide much protection against current viruses.
2. In addition to scanning for viruses on a regular basis, install an ‘on access’ scanner (included in most good a-v software packages) and configure it to start automatically each time you boot your system. This will protect your system by checking for viruses each time your computer accesses an executable file.
3. Virus scans any new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections.
4. Anti-virus programs aren’t very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or ‘dubious’ sources. This includes posts in binary newsgroups, downloads from web/ftp sites that aren’t well-known or don’t have a good reputation, and executable files unexpectedly received as attachments to E-mail.
5. Be extremely careful about accepting programs or other flies during on-line chat sessions: this seems to be one of the more common means that people wind up with virus or Trojan horse problems. And if any other family members (especially younger ones) use the computer, make sure they know not to accept any files while using chat.
6. Do regular backups. Some viruses and Trojan horse programs will erase or corrupt files on your hard drive and a recent backup may be the only way to recover your data.
Ideally, you should back up your entire system on a regular basis. If this isn’t practical, at least backup files you can’t afford to lose or that would be difficult to replace: documents, bookmark files, address books, important E-mail, etc.
Dealing with Virus Infections
First, keep in mind “Nick’s First Law of Computer Virus Complaints”:
“Just because your computer is acting strangely or one of your programs doesn’t work right, this does not mean that your computer has a virus.”
1. If you haven’t used a good, up-to-date anti-virus program on your computer, do that first. Many problems blamed on viruses are actually caused by software configuration errors or other problems that have nothing to do with a virus.
2. If you do get infected by a virus, follow the direction in your anti-virus program for cleaning it. If you have backup copies of the infected files, use those to restore the files. Check the files you restore to make sure your backups weren’t infected.
3. for assistance, check the web site and support service for your anti-virus software.
Note: in general, drastic measures such as formatting your hard drive or using FDISK should be avoided. They are frequently useless at cleaning a virus infection, and may do more harm than good unless you’ re very knowledgeable about the effects of the particular virus you’re dealing with.
Computer Viruses相关推荐
- 初中 计算机文化知识,计算机文化知识(Computer literacy).doc
计算机文化知识(Computer literacy) 计算机文化知识(Computer literacy) In 2011, upgraded the computer test questions ...
- 计算机病毒与信息安全论文,信息安全与计算机病毒……毕业论文.doc
信息安全与计算机病毒--毕业论文 题目:信息安全与计算机病毒 信息安全与计算机病毒 摘 要: -- 本篇论文研究了信息安全的实现目标.安全威胁以及威胁的主要来源.并研究信息安全的策略以及当前条件下保护 ...
- 计算机信息安全与病毒6,信息安全与计算机病毒……毕业.docx
信息安全与计算机病毒--毕业论文 江苏广播电视大学专科毕业论文 题目:信息安全与计算机病毒 第1页共38页 江苏广播电视大学专科毕业论文 信息安全与计算机病毒 摘要:-- 本篇论文研究了信息安全的实现 ...
- 电子计算机时代 英语,2018年英语专四作文范文:计算机时代
2018年英语专四作文范文:计算机时代 1.近年来,计算机的应用越来越广泛 2.计算机能做许多有益的事 3.计算机也有许多副作用 范文: In recent years, computers have ...
- freecodecamp_freeCodeCamp的服务条款
freecodecamp These terms govern use of the website https://www.freecodecamp.org. To use the website, ...
- 计算机病毒解析与防范结束语,2016年04月30日计算机病毒解析与防范题纲_向必青.doc...
2016年04月30日计算机病毒解析与防范题纲_向必青 计算机病毒解析与防范 向必青 摘要:计算机病毒被喻为21世纪计算机犯罪的五大手段之一,并排序为第二.计算机病毒的攻击性,在于它能够破坏各种程序并 ...
- 近5年内有关病毒在复杂网络中传播与控制方面的20篇论文
有关病毒在复杂网络中传播与控制方面的20篇论文 Paper的DOI,发表期刊(会议)以及中英文摘要都已写出,大家可根据doi在scihub进行下载.仅仅只是为了记录一下. 1.Optimal ptim ...
- 我的职业是计算机英语,职业英语系列:计算机英语
职业英语系列:计算机英语 语音 编辑 锁定 讨论 上传视频 <职业英语系列:计算机英语>是根据教育部"就业导向"."能力本位"等新的职教办学理念编写 ...
- 计算机基础知识考点合集
一.计算机的发展.类型及其应用领域 1计算机(computer) 计算机(computer)是一种能自动.高速进行大量算术运算和逻辑运算的电子设备. 其特点为:速度快.精度高.存储容量大.通用性强. ...
- linux技术基础教程 [转载]
转载,原文位置:http://www.sunsway.net/fly/cgi-bin/topic.cgi?forum=8&topic=299&show=0 前言 1999年7月6日&l ...
最新文章
- 机房收费系统总结【1】-整体流程
- Java基础知识强化之IO流笔记03:throws的方式处理异常
- vscode配置记录
- Java入门教程五(数字和日期处理)
- 初学Java Web(9)——学生管理系统(简易版)总结
- C++: C++函数声明的时候后面加const
- 语言 分组计算hr_干货 | HR不得不知的面试技巧
- java tomcat自动安装教程_Tomcat:基础安装和使用教程
- java基础教程哪个好,吐血整理
- ios的延迟执行方法
- ediplus 复制编辑一列_Excel中如何使用公式查找一列中的重复值并且在另一列里面列出来...
- android 调用百度地图api
- 简单总结.NET中的各% %用法及区别
- Chrome广告拦截插件
- ant design vue离线文档
- variance和variation的区别
- skywalking 安装部署以及监控远程应用
- HTML、css基础知识
- java libusb_libusb中断传输
- 网络学习---HTTPS的升级