|
|
About Viruses and Scanners :
Windows 95 was a major breakthrough from Windows 3.1. Since then it's all just been bells and whistles as MicroSoft tries to improve
an existing almost perfect product. What a shame they never installed a virus scanner in their upgrades, especially since viruses attack the very vulnerabilities inherent in
Windows. I can only assume the reason they have not is to avoid a monopoly lawsuit from Norton and MaCaffe like the one Netscape waged against them. In any event, many PC
owners are left defenseless until they buy and install their own virus scanner.
Different types of viruses infect computers in particular ways; the most widespread types are Macro, Boot and Parasitic viruses.
A macro is an instruction that carries out program commands automatically. Many common applications (e.g. word processing, spreadsheet, and slide presentation applications)
make use of macros. Macro viruses are macros that self-replicate. If a user accesses a document containing a viral macro and unwittingly executes this macro virus, it can then
copy itself into that application's startup files. The computer is now infected--a copy of the macro virus resides on the machine. Any document on that machine that uses the
same application can then become infected. If the infected computer is on a network, the infection is likely to spread rapidly to other machines on the network. Moreover, if a
copy of an infected file is passed to anyone else (for example, by email or floppy disk), the virus can spread to the recipient's computer. This process of infection will end
only when the virus is noticed and all viral macros are eradicated. Macro viruses are the most common type of viruses. Many popular modern applications allow macros. Macro
viruses can be written with very little specialist knowledge, and these viruses can spread to any platform on which the application is running. However, the main reason for
their 'success' is that documents are exchanged far more frequently than executables or disks, a direct result of email's popularity and web use.
The boot sector is the first software loaded onto your computer. This program resides on a disk, and this disk can be either the hard disk inside the computer, a floppy disk
or a CD. When a computer is switched on, the hardware automatically locates and runs the boot sector program. This program then loads the rest of the operating system into
memory. Without a boot sector, a computer cannot run software. A boot sector virus infects computers by modifying the contents of the boot sector program. It replaces the
legitimate contents with its own infected version. A boot sector virus can only infect a machine if it is used to boot-up your computer, e.g. if you start your computer by
using a floppy disk with an infected boot sector, your computer is likely to be infected. A boot sector cannot infect a computer if it is introduced after the machine is
running the operating system. An example of a boot sector virus is Parity Boot. This virus's payload displays the message PARITY CHECK and freezes the operating system,
rendering the computer useless. This virus message is taken from an actual error message which is displayed to users when a computer's memory is faulty. As a result, a user
whose computer is infected with the Parity Boot virus is led to believe that the machine has a memory fault rather than an disruptive virus infection.
Parasitic viruses attach themselves to programs, also known as executables. When a user launches a program that has a parasitic virus, the virus is surreptitiously launched
first. To cloak its presence from the user, the virus then triggers the original program to open. The parasitic virus, because the operating system understands it to be part
of the program, is given the same rights as the program to which the virus is attached. These rights allow the virus to replicate, install itself into memory, or release its
payload. In the absence of anti-virus software, only the payload might raise the normal user's suspicions. A famous parasitic virus called Jerusalem has a payload of slowing
down the system and eventually deleting every program the user launches.
Viruses can be hidden in programs available on floppy disks or CDs, hidden in email attachments or in material downloaded from the web or ICQ. If the virus has no obvious
payload, a user without anti-virus software may not even be aware that a computer is infected.
These days most viruses are not intended to simply vandalize systems, but are used in conjunction with adware packages that sell bandwidth to third parties and sometimes sell
piggyback space for other virus makers looking to stowaway their own ad packages. Windows XP is especially vulnerable to these programs, especially VX2 viruses. As these
multiply exponentially they become impossible to remove because the reinstaller programs are so well camouflaged that in many cases a re-format is the only solution.
If you do not yet have a virus scanner, the following website can scan your hard drive over the internet. Keep in mind this may take a while depending on connection speed (10
to 30 minutes), and also note that this will recognize "joke" files as viruses :
HOUSECALL
VIRUS REMOVAL TOOLS
AVG FREE VIRUS SCANNER (highly recommended)
NEXT
|
|
