MINDPRIDE Computer Services

 
Home | About Us | Our Services | Contact Information | Tutorials, Articles & Dictionaries | Site Map

HOME 

 

About Us

WhyUS

Services

Virus Alerts

 

Contact

Estimates

Refer A Friend

Site Map

 

Links

Privacy Policy

Disclaimer

MakePayment

 

VIRUS AWARENESS

 

Virus Awareness

Virus ABCs
How viruses are contracted
Virus properties
How viruses may infect files
What viruses may do
Detecting viruses
Virus myths
Virus Definitions
 

VIRUS ABCs

One of the biggest fears of having computers are viruses, viruses are malicious programs designed entirely for destruction and havoc. Viruses are created by people who either know a lot about programming or know a lot about computers. 

Once the virus is made it will generally be distributed through shareware, pirated software, e-mail or other various ways of transporting data, once the virus infects someone's computer it will either start infecting other data, destroying data, overwriting data, or corrupting software. 

The reason that these programs are called viruses is because it is spreads like a human virus, once you have become infected either by downloading something off of the Internet or sharing software any disks or write able media that you placed into the computer will then be infected. When that disk is put into another computer their computer is then infected, and then if that person puts files on the Internet and hundreds of people download that file they are all infected and then the process continues infecting thousands if not millions of people.

HOW VIRUSES ARE CONTRACTED

The majority of viruses are contract by floppy's by bringing information from one source and then put onto your computer. VIRUSES can infect disks and when that disk is put into your computer your computer will then become infected with that virus, a recent survey done in 1997 by NCSA given to 80 percent of PC users showed that 90% of PC users contract viruses by floppy diskettes.

In the survey done above it showed that the other 20% of viruses were contracted by email attachments and over the Internet. This means that you received an email with an attached file and opened the file. Or downloaded a file over the Internet.

VIRUS PROPERTIES

Your computer can be infected even if files are just copied. Because some viruses are memory resident as soon as a diskette or program is loaded into memory the virus then attaches itself into memory.

Can be Polymorphic. Some viruses have the capability of modifying their code which means one virus could have various amounts of similar variants.

Can be memory / Non memory resident. Depending on the virus can be memory resident virus which first attaches itself into memory and then infects the computer. The virus can also be Non memory resident which means a program must be ran in order to infect the computer.

Can be a stealth virus. Stealth viruses will first attach itself to files on the computer and then attack the computer this causes the virus to spread more rapidly.

Viruses can carry other viruses and infect that system and also infect with the other virus as well. Because viruses are generally written by different individuals and do not infect the same locations of memory and or files this could mean multiple viruses can be stored in one file, diskette or computer.

Can make the system never show outward signs. Some viruses will hide changes made such as when infecting a file the file will stay the same size.

Can stay on the computer even if the computer is formatted. Viruses have the capability of infecting different portions of the computer such as the CMOS battery or master

HOW VIRUSES MAY EFFECT FILES

VIRUSES can effect any files however usually attack .com, .exe, .sys, .bin, .pif or any data files. Viruses have the capability of infecting any file however will generally infect executable files or data files such as word or excel documents which are open frequently.

It can increase the files size, however this can be hidden. When infecting files virtues will generally increase the size of the file however with more sophisticated viruses these changes can be hidden.

It can delete files as the file is ran. Because most files are loaded into memory and then ran once the program is in memory the Virus can delete the file.

It can corrupt files randomly. Some destructive viruses are not designed to destroy random data but instead randomly delete or corrupt files.

It can cause write protect errors when executing .exe files from a write protected disk. Viruses may need to write themselves to files which are executed because of this if a diskette is write protected you may receive a write protection error.

It can convert .exe files to .com files. Viruses may use a separate file to run the program and rename the original file to another extension so the exe is ran before the com.

It can reboot the computer when a files is ran. Various computers may be designed to reboot the computer when ran.

WHAT VIRUSES MAY DO

The following are possibilities you may experience when you are infected with a virus. Remember that you also may be experiencing any of the following issues and not have a virus.

Once the hard drive is infected any disk that is non-write protected disk that is accessed can be infected.

dotblack.gif (38 bytes) Deleted files
dotblack.gif (38 bytes) Various messages in files or on programs.
dotblack.gif (38 bytes) Changes volume label.
dotblack.gif (38 bytes) Marks clusters as bad in the FAT.
dotblack.gif (38 bytes) Randomly overwrites sectors on the hard disk.
dotblack.gif (38 bytes) Replaces the MBR with own code.
dotblack.gif (38 bytes) Create more then one partitions.
dotblack.gif (38 bytes) Attempts to access the hard disk drive can result in error messages such as invalid drive specification.
dotblack.gif (38 bytes) Causes cross linked files.
dotblack.gif (38 bytes) Causes a "sector not found" error.
dotblack.gif (38 bytes) Cause the system to run slow.
dotblack.gif (38 bytes) Logical partitions created, partitions decrease in size.
dotblack.gif (38 bytes) A directory may be displayed as garbage.
dotblack.gif (38 bytes) Directory order may be modified so files such as COM files will start at the beginning of the directory.
dotblack.gif (38 bytes) Cause Hardware problems such as keyboard keys not working, printer issues, modem issues etc.
dotblack.gif (38 bytes) Disable ports such as LPT or COM ports
dotblack.gif (38 bytes) Caused keyboard keys to be remapped
dotblack.gif (38 bytes) Alter the system time / date
dotblack.gif (38 bytes) Cause system to hang or freeze randomly.
dotblack.gif (38 bytes) Cause activity on HDD or FDD randomly.
dotblack.gif (38 bytes) Increase file size.
dotblack.gif (38 bytes) Increase or decrease memory size.
dotblack.gif (38 bytes) Randomly change file or memory size.
dotblack.gif (38 bytes) Extended boot times
dotblack.gif (38 bytes) Increase disk access times
dotblack.gif (38 bytes) Cause computer to make strange noises, make music, clicking noises or beeps.
dotblack.gif (38 bytes) Display pictures
dotblack.gif (38 bytes) Different types of error messages

 

DETECTING VIRUSES

The most commonly used method of protecting against and detecting viruses is to purchase a third party application designed to scan for all types of viruses. A list of these protection programs are listed above.

Alternatively a user can look at various aspects of the computer and detect possible signs indicating a virus is on the computer. While this method can be used to determine some viruses it cannot clean or determine the exact virus you may or may not have.

If you have Windows95 / Windows 98 you can click on start, settings, control panel, system, and under system go to performance and determine if the file system is 32-bit. If the file system is running in MS-DOS compatibility mode check the box indicating what is running in MS-DOS compatibility mode to determine if the master boot record has been modified. If the Master boot record has been modified its a good possibility that you may have a virus on the computer.

Another method is to check fdisk. In fdisk choose four to display the partition information if you have multiple partitions such which have scrambled text such as % or strange characters this can be another indication of a virus on the computer.

VIRUS MYTHS

The following text is comments we have heard that are absolutely not true or are false spreading rumors.

"If I download a file onto a disk I don't have to worry about a viruses." - This is not true, just because you place a file on a disk does not mean that your hard drive cannot be infected. Because around half of the computer viruses are memory resident the virus will load itself into memory and will then infect your hard drive and data on the diskette.

"If I buy sealed software I don't have to worry about viruses." - This is not always true just because the program may be surrounded in plastic doesn't mean that it cannot be infected with a virus. When the software is written to the diskette is when the virus will be attached to the diskette. While this does not happen frequently it is still a possibility.

"If I just by registered software I don't have to worry about viruses." - This is not always true because there have been cases were company's did not know that there was a virus on there software and accidentally shipped software that had viruses on it. While this does not happen frequently it is still a possibility.

"If I don't download anything off of the Internet I don't have to worry about viruses." - This is not always true while you may not be on the Internet you still can be infected by viruses on diskettes and or CDs.

"If I just read my E-mail, I will not have to worry about viruses." - Not true there are viruses out there that are distributed through e-mail also files can be attached with e-mail.

"If I don't get on the Internet I don't have to worry about viruses." - This unfortunately is not the case over 90% of users contract viruses with floppy diskettes the other percentage is over the Internet.

"You can contact viruses from just looking at web pages." - Another rumor that is spreading around. You cannot contract a virus just by looking at a web page however can contact a virus if you were to download a file from that web page.

"You can contact a virus by reading your e-mail." - Not fully true, by just opening an e-mail message to read its contents you can not contract a virus, unless that e-mail message contains an attachment and you were to save that attachment to your hard drive or another storage media. Our recommendation to help prevent virus through e-mail would be to not open files that contain attachments from individuals you do not trust / know. Extra Note: A new virus called the Bubble boy can infect computers by a user just opening their mail however requires the user be using Internet Explorer 5.0, Windows 98, and Microsoft Outlook.

MACRO VIRUSES

Macro viruses are becoming a big threat to the computer community, a macro virus is a virus designed in a word processor, which is just a macro designed to destroy, corrupt, infect, erase files or delete files or data on the hard disk drive. These viruses are fast becoming a threat, because they are so easily created and capable of transmitting extremely fast and with a lot of older virus scanners not being able to detect them these are growing fast there are now over 1000 different macro viruses. Because these are becoming such a threat virus companies are becoming aware of this and with new virus scanners are also having the capability of scanning for macro viruses.

Virus Definitions


(B) Boot Sector
(C) Companion
(CMOS) CMOS
(E) Executable
(H) Hoax
(M) Multipart
(MAC) Macro
(MBR) Master Boot Record
(N) Non Resident
(O) Overwriting
(P) Polymorphic
(R) Resident
(S) Stealth

(B) BOOT SECTOR

A Boot Sector Virus is a virus that infects the first or first few sectors of a computer hard drive or diskette drive allowing the virus to activate as the drive or diskette is booted from.

(C) COMPANION

A Companion Virus is a virus that stores its code in a .com file and name it self as a frequently used program file which may be an .exe or .bat file. When a computer command is typed in the computer will execute the .com file before the .exe or .bat

(CMOS) CMOS

A CMOS Virus is a virus that has the capability of infecting the CMOS battery. This means even if the hard disk drive is erased the virus will still reside on the computer.

(E) EXECUTABLE

A Executable Virus is a virus that stores itself and or infects other EXE, BAT, COM files so when ran execute and infect other files.

(H) HOAX

A Hoax is a fake virus that is said to do something which is either impossible or never happens. Generally sent VIA e-mail these are a widespread nonsense.

(M) MULTIPART

A Multipart virus is a virus that infect the Master Boot record as well as executable files on the hard disk drive.

(MAC) MACRO

A Macro virus is a virus that infects Word and or Excel Files. The virus is essentially a destructive Macro that modifies, deletes or otherwise tampers with the files stored on the computer.

(MBR) MASTER BOOT RECORD

A Master Boot Record virus that modifies and or infects the Master Boot Record generally causing the computer to loose CD-ROM support and or cause the computer to run in compatibility mode.

(N) NON RESIDENT

A Non resident virus is a virus that does not store itself in the memory and instead will say within a executable file. Once this file is ran the virus will then activate.

(O) OVERWRITING

A Overwriting virus is a virus that will eliminate sections of files and replace these sections of files with its own code, generally causing the file to be irreparable.

(P) POLYMORPHIC

A Polymorphic virus is a virus that has the capability of changing its own code allowing the virus to have hundreds sometimes thousands of different variants making it much more difficult to detect.

(R) RESIDENT

A Resident virus is a virus that will store itself within memory allowing it to infect certain files instantaneously and does not require the user to run the executable file to infect files.

(S) STEALTH

A Stealth virus is a virus that hides its tracks after infecting the computer. Once the computer has been infected the virus can make modifications to allow the computer to appear that it has not lost any memory and or that the file size has not changed.

 

Awareness

Viruses on the Internet and email are becoming more and more prevalent. The biggest contributor of spreading viruses is ignorance. By learning just a little bit about viruses you can help avoid the spread of them as well as protect yourself from being infected. Here are some Do's & Don'ts to help you out:

  1. Install an anti-virus software on your system that will alert you to viruses that are attacking. Most importantly that it will check incoming email. Check out AVG AntiVirus.
  2. Make sure you do regular updates for your anti-virus software so that it will recognize the latest viruses on the net.
  3. Beware of attachments. Most of all viruses come as attachments in e-mail, many of which, are from people you know. The viruses are being sent automatically from a computer that is infected and the person sending is not even aware that they are sending it to you. If someone you don't know sends you an attachment, it is best that do not open it and simply delete it.
  4. Install a firewall. If you are on a permanent connection such as DSL, Cable, or some other sort of broadband service you may be vulnerable to hackers and trojan viruses. Routers may give you some protection as a firewall or you may install a software program such as BlackIce or ZoneAlarm.
     

 

 

 

  Services What We Offer Areas Covered Rates & Discounts
Estimates Maintenance Plans Links Phone Tech Support
About Us Refer A Friend Why Us? Reference Dictionaries Tutorials
Privacy Policy Service Protocol Disclaimer Contact Us

Web Page Designed By  ADAM
Copyright © 1981 - 2008
MINDPRIDE CONSULTING All rights reserved.
Revised: November 21, 2007