A virus has two objectives: propagate secretly and activate an attack against the data of the computer at a given moment.
If you import files of the Internet, or receive from it of a person, always to verify these against viruses. If you have a computer at the house, it's essential to have a good detector of virus, and to keep it up to date. Most of the companies that offer an antivirus program have an update on their Web site to counter the new viruses that appear. prepare an emergency floppy disk with that you can restart your computer. In case of an attack of virus, you can start your computer from this one knowing that it has no virus.
Another known cracker only under the name of " Dark Avenger " enjoys day and night creating new viruses. It develops the art to create viruses even more sneaky and invisible in the detectors of virus. It even created a program to create viruses and distributed it freely on the Internet. One counted more than 10 000 viruses and the variants.
81 % of attacks cause a loss of productivity.
There is loss of data in 35 % of the cases.
More than 70 % of the corporate networks was infected one less once.
The average time to put back a server in good condition is of 5,8 hours(o'clock).
In 37 % of the cases, the recovery of the caused damage no virus costs more than 1 999 $.
Virus types
Boot sector
It was the first type of virus most rependu. It can go from a small ball that
appears to the screen (ping pong) or of a message ( stoned ) until the destruction
of the contents of your hard drive. On every floppy disk, there is a space reserved
for the case or there would be a system of operation such as BACK, OS / 2, Windows
95 on this one. This space is called it " boot sector ". Unless opposite instructions,
your computer verifies first the contents of the reader A: every
time it ignites. If this one contains a floppy disk, the computer verifies him(it,her)
" boot sector " to try to find there the program of starting up of the system
of operation. The viruses settle down in this privileged space. When the computer
ignites, it's the virus that is activated before even the system of operation.
Then it propagates on the hard drive and the other floppy disks. Once on the
hard drive, it bustles also before the system of operation; So it becomes difficult
to get rid of it. It's for that reason that you need a startup disk. It's
never necessary to put of floppy disks in the reader A: in the starting up of
the computer unless this one is a startup disk.
Polymorph virus
This type of virus disguises by taking the "signature" of another known virus.
An old detector of virus sees that there is a virus but removes that the "signature"
and not the virus itself. This type of virus is almost disappeared from the
traffic because the detectors of the most recent viruses recognize them and
delete them. But, for reasons of security, even if your detector informs
you that it erased the virus, re-verify the floppy disk or the hard drive. You
could avoid each other of big surprises.
File infectors
This type of virus becomes attached to the programs that are on your hard drive. It can be all the types of files the extension of that is " .exe ", "
.com ", " .sys ", and " .dll ". When you start the program, the virus is active
too. This type of virus almost disappeared.
Almost but not completely. There is a new variant that is called CIH who is
potentially very dangerous. Besides erasing the contents of your hard drive,
this virus erases the instructions of the BIOS (BASIC Input / output System)
of your computer. It's these instructions that start your computer and transfer
then control in a system of operation such as BACK, Windows 95 / 98 / NT, UNIX
and the others. Because the BIOS is not any more there, your computer can not
restart any more. It's necessary to bring it to a technician. This virus propagates
of a floppy disk or from a hard drive to another as often as possible and
bustles the twenty - sixth day of every month.
At the moment, some detectors of reconnaîssent virus and eliminates this new
threat. There are even software on the Internet of available to verify the contents
of your disc and so to avoid the worst. make sure to verify your computer some
days in advance and on the eve of the release of the virus. In the last resort,
if you don't light(switch on) the computer the 26, the virus will not start.
It's better update the detector of virus and follow the alerts that to lose
the availability of a computer for day.
E-mail infectors
In date, this type of virus affects only the E-mail of type MS Mail. The virus
notices that the computer in an account of E-mail and becomes attached to messages
sent by the person to the other users of MS Mail. This typifies of virus is
very rare. But one variant went out and becomes more and more popular from the designers of virus; see " friends and family " more low.
Macrocommands virus
It's the type of "the most popular" virus at the moment. It's because it's the first type of virus that works on several platforms such as PC and Macintosh.
The applications of Microsoft Office (Word, Excel, PowerPoint and Access) allow
you to create macrocommands; a series of instructions executed one after the
other. This improves your productivity especially for repetitive tasks. However,
a "cracker" found the means to execute instructions that can change your document.
This first virus is called " wazzu ". This macro fact to disentangle your document
and writes the word " wazzu " several times in this one. Another "cracker" found
the means to erase the contents of your hard drive. The virus " apder " erases
the contents of the directory that contains Windows as well as all the fonts
if it's activated twentieth time. Six months after the exit(release) of the
first virus of the named(appointed) type " wazzu ", about twenty variants was
cataloged.
CIH or Tchernobyl
Start on April 26. Certain variants start in every 26-th day of the month.
They can erase everything contents of the hard drive and make it illegible. Very
rare but very dangerous. In 1999, more than 500 000 computers, pricipalement
in Asia were affected.
Friends and family - Worm
Since March, 1999, there is a new type of virus. The name results from an
author of ZDNet
who described it of type " friends and family " according to a very popular
promotion for the interurban by the company MCI. This type propagates very quickly
by using your address book of E-mail to send a copy of the virus to all the
persons whom you know.
The first virus of the kind is called Melissa or mailissa. The author of the
virus in left a message on one of the newsgroups on the pornographic subjects
that he had accumulated a list of sites having of the pornography. This list,
a document Word, was available on everything those that wanted it. Some took
the bait. The virus in contanimé the machine of the readers of the list. If
the reader used the Outlook software for his E-mail, the virus sent a message
to the first 50 persons of the pad of address. This message said something of
the kind " The attached document could interest you. - bye ". The cycle begins
again as soon as the person who received this message opens the document having
the virus.
Several servers of E-mail, including those of Microsoft, were literally
overloaded with messages with the infected document. Since, there are variants
with a document Excel. There is the others who can use the pad of address of
not only Outlook, but several software of E-mail. The quite last variants can
delete documents Word, Excel, Project, +C + who you will find on your hard drive.
In May, 2000, another variant went out. The virus ILOVEYOU propagated in an
incredible speed. The users of the software Outlook of Microsoft were aimed
once again. Contrary to Mélissa who limited himself in first 50 persons of the
pad of address, this virus does not limit itself. When it's activated, it sends
one copy of the message, with the virus, to all the persons of the list. The
worst is that there were five variants of this virus within 24 hours and 29
in the week!
So, always verify the documents that you receive by e-mail, with a detector
of updated virus, before opening them; even (especially) if they result
from persons whom you know.
During the exit(release) By virtue of one's office 97, Microsoft knew the existence
of the " macro viruses ". They developed a routine that verifies if your document
contains a macrocommand. If yes, the software shows a message as this one below.
He asks you if you want to activate the macro of your document. If you are not
certain or you know that you have no macro, answer not to open the file. In
the worst, don't activate the macro. If you know that you have a macro command
in your document, you can activate the macro. It does not however mean that
your document is not infected.
So, if Word, Excel or PowerPoint asks you to protect the modifications of the
file " normal.dot " and that(what) you did not change the bars of tools or the
preferences, answer "no" and verify your floppy disk and the hard drive with
an antivirus program.
Verify against the viruses
The computer lab have detectors of virus to help you to
verify your floppy disks. take a moment before beginning to work to verify
them. Every laboratory in a different detector. ask to the technician for the
functioning of these software. They could avoid you the loss of your given on
your computer at the house. Furthermore, if you have a computer at the house,
make sure to have an antivirus program that is up to date. In the always increasing
number of virus that go out every day, you have no more the choice!
Several companies offer free updates, by the Internet, list of the viruses
that they can discover and delete. You can go to the Web page of
the company and look for the update of your software. don't forget also to
update the list of virus that your detector can recognize. Personally, I consider
an old-fashioned detector if it was not updated for more than three months.
There are always new viruses, or new variants of former(ancient) viruses, that
go out every day. Generally, the companies that create the various detectors
update their "library" of virus up to date monthly; more quickly during "waves"
of new viruses and the inevitable variants of these.
Have a copy of your important documents
The very first aspect of security, that is to counter viruses, vandals
or accidents, is always to have a copy of security of the important
documents. You can put them on a floppy disk, another hard drive or another media.
Whatever is the reason, you'll always have your copy in case of urgencies.
There is also false virus. You certainly go to receive a message of E-mail
that warns you that there is a virus that propagates at the moment. It received
a message of a renowned firm and hands on you the data. It's generally false
virus. Attention, generally but not always! It's necessary to pay attention.
take very seriously the warnings of the detectors of virus. Here is a list of
some of the most known false viruses.
Good Times: the oldest and the most known.
Penpal greetings: to stop a pyramidal chain(channel) of messages
of friendship, a person in warned the "Net" that a virus could erase the contents
of your hard drive. Furthermore, this same virus can broadcast in all those that
are in your address book of E-mail simply by opening the message. It's technically
impossible. It began however a chain(channel) to warn against the "virus".
There is however a possibility of infection if you open or execute a document
or a file that is attached to the message. Before opening or executing an attached
file, verify it with an antivirus program. So, you do trust the person who sent
you the message? The file could be one " trojan horse ". go to see the page
on the security more data.
Make money fast: to avoid this kind of free promotion on the Internet,
a person began a rumour on the Internet saying that it was about a virus. Few
persons on the Internet like receiving from the non-queryed advertisement. This
is just a technique used to avoid this "wound".
Deeyenda: This false virus is supposed to be capable of looking for
the contents of a hard drive to find there numbers of credit cards. One notices
that it's about a farce when one knows the name completely in Englishman(English)
of the virus Deeyenda Maddick (Do you want my dick).
Irina: It's a question just like that advertising agent for an interactive
book. The virus is supposed created by a professor Edward Prindeaux. Mr Prindeaux
is one of the persons of the book.
NaughtyRobot: This false virus is supposed to be capable of finding
of the personal data from the Web site of the person.
Death69: This message of alert is supposed to result from technicians
of the company Symantec. The company produces from these various products an antivirus program. The company denies categorically having sent such a message.
To have more data about the viruses and the " false virus ", you can visit
the following sites as well as those of the companies that produce detectors
of virus. You can also use a research site to have more data by using the words
"virus" or " hoax virus ".
