Computer Viruses

<body topmargin=0 leftmargin=0 marginheight=0 marginwidth=0> <table cellpadding=0 cellspacing=0 border=0><tr> <td valign="top" colspan=2 height=95 BGCOLOR="#3333FF" TEXT="#080000" bgproperties="fixed" background="061005f0egbsod.gif"> <div> <FONT SIZE="5" COLOR="#FFFFFF" FACE="Arial" ><B>Silent Surfers' Security Site</B></FONT><B>     </B><B>|     </B><A HREF="index.htm" TARGET="_top" TITLE="Silent Surfers Security Site"><U><B>home</B></U></A></div> <div> <A HREF="id51.htm" TARGET="_top" TITLE="Introduction"><U>Introduction</U></A>   |   <A HREF="id2.htm" TARGET="_top" TITLE="Just the basics"><U>Just the basics</U></A>   |   <A HREF="id6.htm" TARGET="_top" TITLE="Firewalls"><U>Firewalls</U></A>   |   <B>Computer Viruses</B>   |   <A HREF="id7.htm" TARGET="_top" TITLE="Data Encryption"><U>Data Encryption</U></A>   |   <A HREF="id42.htm" TARGET="_top" TITLE="Actual Data Deletion"><U>Actual Data Deletion</U></A>   |   <A HREF="id43.htm" TARGET="_top" TITLE="Surfing Anonymously"><U>Surfing Anonymously</U></A>   |   <A HREF="id53.htm" TARGET="_top" TITLE="Test your internet vulnerabilities"><U>Test your internet vulnerabilities</U></A>   |   <A HREF="id44.htm" TARGET="_top" TITLE="Software"><U>Software</U></A>   |   <A HREF="id47.htm" TARGET="_top" TITLE="Silent Sufer Mail"><U>Silent Sufer Mail</U></A>   |   <A HREF="id48.htm" TARGET="_top" TITLE="Help Links"><U>Help Links</U></A>   |   <A HREF="id65.htm" TARGET="_top" TITLE="Silent Web Browser"><U>Silent Web Browser</U></A>   |   <A HREF="id66.htm" TARGET="_top" TITLE="Search"><U>Search</U></A></div> <div> </div> </td> </tr><tr> <td valign="top" width=190 BGCOLOR="#FFFFFF" TEXT="#080000"> <bR> <div> <A HREF="index.htm" TARGET="_top" TITLE="Silent Surfers Security Site"><U><B>Home</B></U></A></div> <div> <B> <MOREOVER_CLONE_JAVASCRIPT_START_DO_NOT_DELETE> <SCRIPT LANGUAGE="Javascript"> // the array global_article is used to allow multiple categories var global_article = new Array() var global_article_counter = 0 var article = null var early_exit = 0 var moreover_text = 0; // do not remove this function clone() function load_wizard() { var newwin = window.open("","clone","resizable,scrollbars,width=500"); document.forms.moreover_clone.submit(); return true; } // end of do not remove this function clone() </SCRIPT> <SCRIPT LANGUAGE="Javascript" SRC="http://p.moreover.com/cgi-local/page?index_viruswarning+js"> </SCRIPT> <SCRIPT LANGUAGE="Javascript"> // load global_article array with articles from cluster if (article != null) { for (var article_counter = 0; article_counter < Math.min(10,article.length); article_counter++) { global_article[global_article_counter] = article[article_counter] global_article[global_article_counter].url += "' TARGET='_blank" global_article[global_article_counter].document_url += "' TARGET='_blank" global_article_counter++ } } else { if (early_exit == 0) { document.writeln("<center>Please reload this page to view the headlines</center>") early_exit = 1 } } </SCRIPT> <SCRIPT LANGUAGE="Javascript" SRC="http://p.moreover.com/dont_redirect/wizard_text.js"></SCRIPT> <SCRIPT LANGUAGE="Javascript"> if (early_exit == 0) { var width = "100" var category = "" var numberofarticles = global_article.length var item_spacing = "5" var cluster_bgcolor = "ffffff" var cluster_border = "0" var heading_display = "Yes" var time_display = "Yes" var cell_spacing = "0" var cell_padding = "1" var heading_bgcolor var heading_font var heading_font_size var heading_fgcolor var headline_bgcolor var headline_font var headline_font_size var headline_fgcolor var source_font var source_font_size var source_fgcolor var access_font var access_font_size var access_fgcolor var time_font var time_font_size var time_fgcolor var time = new Array(global_article.length) // Print out the table containing the headlines document.writeln("<CENTER><TABLE BORDER="+cluster_border+" BGCOLOR='#"+cluster_bgcolor+"' WIDTH='"+width+"' CELLPADDING=2 CELLSPACING=0>") document.writeln("<tr><td align='center'><img src='http://i.moreover.com/images/moreover_wizard_link.gif' border='0'></td></tr>") document.writeln("<TR><TD><CENTER><TABLE BGCOLOR='#"+cluster_bgcolor+"' CELLPADDING="+cell_padding+" CELLSPACING="+cell_spacing+" WIDTH='100%'>") // Start loop for articles for (var counter=0; counter < numberofarticles; counter++) { // Reset formatting settings to original values heading_bgcolor = "ffffff" heading_font = "Times New Roman, Times, serif" heading_font_size = "-1" heading_fgcolor = "333333" headline_bgcolor = "ffffff" headline_font = "Times New Roman, Times, serif" headline_font_size = "-1" headline_fgcolor = "333333" source_font = "Times New Roman, Times, serif" source_font_size = "-1" source_fgcolor = "0000ff" access_font = "Times New Roman, Times, serif" access_font_size = "-1" access_fgcolor = "0000ff" time_font = "Times New Roman, Times, serif" time_font_size = "-1" time_fgcolor = "0000ff" if ((counter == (global_article.length - 1)) && moreover_text == 1) { headline_fgcolor = source_fgcolor; time_display = "No"; } // Check for new category if ((category != global_article[counter].cluster) && (heading_display == "Yes")) { // Set current category to new category category = global_article[counter].cluster // Print a new category heading document.writeln("<TR BGCOLOR='#"+heading_bgcolor+"'><TD>") document.writeln("<FONT SIZE="+heading_font_size+" FACE="+heading_font+" COLOR='#"+heading_fgcolor+"'>") document.writeln("<B>"+global_article[counter].cluster+"</B></FONT></TD></TR>") } // Print out the headline document.writeln("<TR BGCOLOR='#"+headline_bgcolor+"'><TD><A HREF='"+global_article[counter].url+"' >") document.writeln("<FONT SIZE="+headline_font_size+" FACE="+headline_font+" COLOR='#"+headline_fgcolor+"'") document.writeln(">"+global_article[counter].headline_text+"...</FONT></A><br>") // Print out the source if ((counter != (global_article.length - 1)) || moreover_text != 1) { document.writeln("<A HREF='"+global_article[counter].document_url+"' >") document.writeln("<FONT FACE="+source_font+" SIZE="+source_font_size+" COLOR='#"+source_fgcolor+"'>") document.writeln(""+global_article[counter].source+"</FONT></A>  ") } // Print out reg/sub if appropriate if (global_article[counter].access_status == "sub" || global_article[counter].access_status == "reg") { document.writeln(" <A HREF='"+global_article[counter].access_registration+"'>") document.writeln("<FONT FACE="+access_font+" SIZE="+access_font_size) document.writeln(" COLOR='#"+access_fgcolor+"'>"+global_article[counter].access_status+"</FONT></A>  ") } // Print out the harvest time if (time_display == "Yes") { // Make a new date object time[counter] = new Date(global_article[counter].harvest_time) time[counter].setHours(time[counter].getHours() - (time[counter].getTimezoneOffset() / 60 )) // adjust the time to local document.writeln("<FONT FACE="+time_font+" SIZE="+time_font_size+" COLOR='#"+time_fgcolor+"'>") document.writeln(""+time[counter].toString()+"</FONT>") } document.writeln("</TD></TR><TR BGCOLOR='#"+headline_bgcolor+"'><TD BGCOLOR='#"+headline_bgcolor+"' HEIGHT="+item_spacing+"></TD></TR>") } // End of article loop // Start of clone button code // // Note: Do not remove any of the code in this section // document.writeln("<FORM METHOD='POST' ACTION='http://w.moreover.com/cgi-local/wizard_clone.pl' target='clone' name='moreover_clone'>") document.writeln("<INPUT TYPE='hidden' NAME='heading_font_size' VALUE='-1'><INPUT TYPE='hidden' NAME='source_font_size' VALUE='-1'>") document.writeln("<INPUT TYPE='hidden' NAME='cluster_width' VALUE='100'><INPUT TYPE='hidden' NAME='time_display' VALUE='Yes'>") document.writeln("<INPUT TYPE='hidden' NAME='time_font' VALUE='Times New Roman, Times, serif'><INPUT TYPE='hidden' NAME='cluster_cellspacing' VALUE='0'>") document.writeln("<INPUT TYPE='hidden' NAME='heading_font' VALUE='Times New Roman, Times, serif'><INPUT TYPE='hidden' NAME='number_of_headlines' VALUE='10'>") document.writeln("<INPUT TYPE='hidden' NAME='cluster_bgcolor' VALUE='ffffff'><INPUT TYPE='hidden' NAME='time_fgcolor' VALUE='0000ff'>") document.writeln("<INPUT TYPE='hidden' NAME='access_fgcolor' VALUE='0000ff'><INPUT TYPE='hidden' NAME='time_font_size' VALUE='-1'>") document.writeln("<INPUT TYPE='hidden' NAME='headline_bgcolor' VALUE='ffffff'><INPUT TYPE='hidden' NAME='cluster_name' VALUE='index_viruswarning'>") document.writeln("<INPUT TYPE='hidden' NAME='access_font_size' VALUE='-1'><INPUT TYPE='hidden' NAME='heading_display' VALUE='Yes'>") document.writeln("<INPUT TYPE='hidden' NAME='headline_fgcolor' VALUE='333333'><INPUT TYPE='hidden' NAME='source_font' VALUE='Times New Roman, Times, serif'>") document.writeln("<INPUT TYPE='hidden' NAME='access_font' VALUE='Times New Roman, Times, serif'><INPUT TYPE='hidden' NAME='headline_font_size' VALUE='-1'>") document.writeln("<INPUT TYPE='hidden' NAME='headline_font' VALUE='Times New Roman, Times, serif'><INPUT TYPE='hidden' NAME='heading_bold' VALUE='Yes'>") document.writeln("<INPUT TYPE='hidden' NAME='item_spacing' VALUE='5'><INPUT TYPE='hidden' NAME='wizard_brand' VALUE='moreover'>") document.writeln("<INPUT TYPE='hidden' NAME='heading_bgcolor' VALUE='ffffff'><INPUT TYPE='hidden' NAME='cluster_cellpadding' VALUE='1'>") document.writeln("<INPUT TYPE='hidden' NAME='heading_fgcolor' VALUE='333333'><INPUT TYPE='hidden' NAME='source_fgcolor' VALUE='0000ff'>") document.writeln("<INPUT TYPE='hidden' NAME='cluster_border' VALUE='0'><INPUT TYPE='hidden' NAME='cluster_layout' VALUE='<br>'>") document.writeln("</FORM>") // End of clone button code // document.writeln("</TABLE></CENTER></TD></TR></TABLE></CENTER>"); // ************************************************************************************ // This code is subject to the copyright and warranty restrictions detailed at // http://w.moreover.com/wizard_copyright.html // Copyright 1999 Moreover.com Inc. All rights reserved. // ************************************************************************************* } </SCRIPT> <a href='http://www.moreover.com'><img src='http://i.moreover.com/images/moreover_link.gif' border=0 height=1 width=1></a> <MOREOVER_CLONE_JAVASCRIPT_END_DO_NOT_DELETE>  </B></div> </td> <td valign="top" height=385 BGCOLOR="#FFFFFF" TEXT="#080000"> <div> Computer Viruses</div> <div>                                                                                                                      <A NAME="p4"><IMG BORDER="0" SRC="1x1.gif" HEIGHT="1" ALIGN="bottom" WIDTH="1" HSPACE="0" VSPACE="0" ></A></div> <div> <I><B><U>What is a computer virus?</U></B></I></div> <div> According to Encarta Encyclopedia, a computer virus is a:</div> <bR> <div> <I>  "self copying computer program that interferes with a computers hardware, data files or operating system. Viruses are designed to avoid detection. Other harmful computer programs do not both self-copy and avoid detection. A Trojan Horse virus looks harmless, but may have harmful effects. A logic bomb has a trigger, such as a date or a time. A worm only copies itself, but it can fill memory and slow the computer."</I></div> <div>   That is by far the simplest definition I have found since I began researching computer viruses for this web site.</div> <div> There is an astounding amount of material available on the internet that deals with computer viruses, but the perplexing part of all of this is that there or no recognized standards for categorizing, defining or identifying them. At least not that I was able to locate. (You can read more <A HREF="http://www.vnunet.com/News/1112012" TARGET="_top" TITLE="http://www.vnunet.com/News/1112012"><U>here</U></A>)</div> <div> The evolution of computer related technology is matched stride for stride by the advent and implementation of new computer viruses. The problem, in my opinion, is that there is no cooperation between the software research and development firms who study viruses and implement their findings into programs that will detect, isolate and/or remove the virus. For instance a particular virus may be detected by any number of software programs available, but there is the distinct possibility that each anti-viral (AV.) utility may detect the virus with their own personal identification. This means that if you use more than one AV. utility, you may be under the impression that you have more than one virus. It can become pretty confusing to say the least..</div> <div>   For the basis of this tutorial, I will break things down to their simplest terms and attempt to avoid the technical jargon that tends to confuse rather than educate.</div> <div> <B><U>Viruses can be classified into different categories.</U></B></div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">Boot Viruses, reside in the disk boot sectors. (The program on a floppy disk or CD that contains information necessary to execute whatever information is on that disk.) and on the Master Boot Record (The programs your computer uses to start your computer.</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">Macro Viruses, commonly infect and are transmitted via document files. Common word processing utilities can be used to transmit the virus, the scary side of these viruses is that they can infect your PC simply by opening an infected file. Such as an e-mail.</div> <div> <IMG SRC="0a7110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">File Viruses, infect  executable programs. (Files or programs that end in exe. or .com) These viruses are brought to life every time that file or program is opened. (For instance, if you receive a screen saver that is infected with a file virus, every time your screen saver appears on your monitor, the virus is alive and replicating and possibly performing more malicious activities.</div> <div> Note: As it is generally agreed upon that Trojan Horse programs are not self replicating and as such, are not actually viruses. These programs are simply grouped into the same category by default. I will detail these programs later in this chapter.</div> <div> <I><B><U>What can I do to avoid contracting a computer virus?</U></B></I></div> <div> The best way to protect your PC from becoming infected is to understand how viruses are transmitted and to develop and employ safe surfing habits.</div> <div> Computer viruses are transmitted through a variety of means. </div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">The can be transmitted through e-mail as text or as an attachment.</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">They can be attached to legitimate programs such as a screen saver or even an AV. utility.</div> <div> <IMG SRC="0aa110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">They can be disguised as a computer software program.</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">They can be hidden in floppy disks or CD's. (It has been confirmed that a boot sector virus has been transmitted in factory direct, shrink-wrapped CD's.)</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">It has been theorized, though not confirmed, that  viruses can be transmitted through hostile Java applets and ActiveX programs.</div> <div> There are a number of habits you can develop and employ that will drastically reduce the possibilities of contracting a virus.</div> <div> <B>1.</B> Don't download or execute and program unless you are sure of what it is and where it came from. Downloading from "Jose Flybynight Computer Software Warehouse", is just asking for trouble. If you decide that you need or want a particular software program, try to go either to sites that link to the software vendor (such as this site) through an affiliate program, or to the software vendor itself. It may cost you a little time, but that time can be crucial. Avoid hack or crack sites that promise to provide you with retail full version  programs for free, these sites usually have some hidden agenda other than to provide you with full registered version of software. </div> <div> <B>2.</B>Employ at least one good, up to date AV. scanning software utility and take advantage of the free updates. (It is preferred to have more than one AV. scanner as insurance. Some Av.'s will recognize viruses that others will not.)</div> <div> <B>3</B><B>.</B>Scan all floppy disks and CD's you insert into your PC, regardless of where they came from. (The program you receive from your trusted friend might possess a virus that your friend was unaware of.)</div> <div> <B>4</B><B>.</B> Scan all downloads.</div> <div> <B>5</B><B>.</B>Scan all e-mail attachments. (Some viruses have the capability of taking control of a users e-mail program and generating e-mail from that users account to every name in the users address book, along with a copy of the original virus.) A good practice is to verify that any attachment you receive has been generated with the senders express intent to do so. As a courtesy, I always e-mail the recipient before sending an attachment and let them know that it will be following shortly.</div> <div> <B>6.</B> Back up your files. In the event you do contract a computer virus, having your files backed up will make life much simpler when restoring corrupted or deleted files. (It should be noted that CD's or floppy's used for backup purposes should first be scanned for viruses to avoid continuing the virus cycle.)</div> <div> <B>7.</B>Subscribe to your AV. software's alert mailing list. It will keep you appraised of new viruses and what steps you can take to identify and avoid these viruses. Generally, a good AV. software utility will have the capability of being upgraded regularly. This is of paramount importance to keeping your personal and financial records secure.</div> <div> <I><B><U>How can I tell if I have a virus?</U></B></I></div> <div> If your PC has contracted a virus and your AV. utility hasn't picked it up, there are a few symptoms you the user will notice that may strike you as strange .</div> <div> <IMG SRC="0aa110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">You keep running out of disks space. (On your hard drive or on a floppy or CD.)</div> <div> <IMG SRC="0ae110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">Strange file names suddenly appear.</div> <div> <IMG SRC="0aa110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">Your disk drive opens and closes on its' own.</div> <div> <IMG SRC="0b0110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">The drive light keeps flashing when no operation has been enabled. (Such as loading a program or defragmenting the hard drive.)</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">You keep getting error messages that contain the text '32bit'.</div> <div> <IMG SRC="0a1110f0.gif" border=0 width="17" height="15" ALIGN="BOTTOM" HSPACE="0" VSPACE="0">Strange messages appear on your screen.</div> <div> <I><B><U>I have a virus, what should I do?</U></B></I></div> <div> <B>1. </B>Stop all data transmissions. Do not send any e-mail or access any sites that require a sign in procedure.</div> <div> <B>2.</B> If you merely suspect it, run your AV. utility and confirm it. If your AV. software is out of date, update it. If the update period has expired,  re-subscribe. It is preferable that you have at least two up to date AV. scanners.</div> <div> <B>3.</B> If your AV. utility found it. The utility will likely have the capability of either isolating or deleting the virus. If it cannot, take a note of the virus name and the AV. utility name and version number and contact your software vendor. They will assist you in ridding your PC of the virus.</div> <div> <B>4.</B> As a last recourse, you can reformat your hard drive using write protected disks that have already been scanned and then re apply your backed up files.</div> <bR> <div> Trojan Viruses</div> <div> As the name implies, Trojans are programs that are often disguised as something useful that the user then downloads and executes. Once executed, these programs can act much like a computer virus, the only difference, is that they are non self replicating.</div> <div> Another difference from the computer virus is that some Trojans have the ability to act as a spy ware. While a computer virus can be damaging, the effect of these 'spy ware' Trojans can be much more devastating because these programs allow a remote user to have full access to everything on your computer, not just one particular hacker, but any hacker that happens to be online at the same time as you.</div> <div> It's very much like having your house ransacked while you are sleeping comfortably in your own bed.</div> <div>   These programs evolved from being legitimate, remote access administrative tools that allowed supervisors of network operations to monitor the actions of their employees without physically looking over their shoulders, to malicious spy ware that actually admits remote access to your machine as if the hacker were sitting along side of you while you surfed the internet.</div> <div> Allowing these programs to exist, even unknowingly, compromises the integrity of all data stored on your PC and any disk that is present in your drives. Given time, any hacker could search through all of your files without your being aware of it.</div> <bR> <div> How can I tell if I have a Trojan Horse program running on my computer?</div> <div> The tell tale signs are the same as are described in computer viruses. They can be avoided by practicing safe surfing habits and regularly running a good, up to date AV. scanner</div> <bR> <div> Aureate spy ware is another thing altogether. These programs come as part of a legitimate shareware or trial ware program you download. These programs allow the software manufacturer to track your surfing habits 'in order to better serve the consumer' according to what I have read at most software sites. (Does this sound familiar?)</div> <div> It should be noted that full, registered versions of software do not come with Aureate spy ware. Also, you can delete the spy ware programs from trial and shareware, but there is the risk that the programs will be rendered useless.</div> <div> It is, in my opinion, best to avoid these programs altogether by using only full registered versions of any software programs you intend to use.</div> <bR> <div> <B>                                               </B><A HREF="id6.htm" TARGET="_top" TITLE="Firewalls"><U><B><IMG SRC="12820200.gif" border=0 width="32" height="32" ALIGN="BOTTOM" HSPACE="0" VSPACE="0"></B></U></A><B>    </B><A HREF="#p4" TITLE="Computer Viruses"><U><B><IMG SRC="12920200.gif" border=0 width="32" height="32" ALIGN="BOTTOM" HSPACE="0" VSPACE="0"></B></U></A><B>    </B><A HREF="id7.htm" TARGET="_top" TITLE="Data Encryption"><U><B><IMG SRC="12c20200.gif" border=0 width="32" height="32" ALIGN="BOTTOM" HSPACE="0" VSPACE="0"></B></U></A></div> <div> <B>  </B>                                             Back    Top    Next                                                             </div> <div>                                                                                           </div> <div>                                                                                                        </div> <bR> </td> </tr></table></body>