Viruses, Trojans And More


Well hopefully you haven't had to experience a virus on your computer but I would guess that at least some of you have. Hmmm, that could be why you are reading this book.

My first experience with a virus was about 11 or 12 years ago. It occurred on a company network that I was the co-administrator of. One of our users came in one morning and as he started booting his machine a message came up greeting him "Good morning" or something to that effect and then ended the message with "Your computer is now stoned.".

This was called the Stoned virus. Fortunately we caught it early before it spread across the entire company network. Also the virus was spread by infected floppy disks, which helped us prevent it from spreading beyond 3 computers.

The user had brought a floppy disk from home the day before and had infected the company computer. Once infected, when someone used a floppy disk in the computer, then that floppy disk would be infected.

The virus would then spread by that infected floppy disk in the next machine it was inserted in. This was around 1991 so floppy disks were the standard for trading, sharing, and backing up files.

Boy have times changed, viruses are no longer a crude copy of the above virus, but sophisticated, almost "thinking" pieces of written programming code. Instead of infecting one floppy disk at a time, they have the capability to infect hundreds and even thousands of systems at a time.


Isn't there only one type of virus that can attack my system?
Actually there are three main types of viruses that could surprise you.

1. Trojans - are programs that stay on your system and either allow other users to gain access to your system or cause damage by removing or corrupting files. They can be placed on your system by other viruses, intruders to your system, CDs and floppy disks.

2. Worms - are viruses that spread from computer to computer either via email, scripts from a website, or even a network connection. The spreading ability and possible damage varies depending upon the virus. Worms are probably the most common form of viruses and the most damaging.

3. Macros - are viruses (or scripts) that are contained within documents such as Word or Excel. They are activated when the user opens the document. These can be pesky little critters that duplicate like a worm and attach themselves to other documents, thus spreading the infection, depending upon the type of macro.


I'm not worried because I never open email attachments unless I'm expecting them!
Good precaution, but read on in the example viruses listed below. You will discover that you are still a possible target.

I have a firewall that keeps my system secure!
Excellent. One of the first steps to keep intruders out of your machine. Unfortunately not all firewalls have extensive virus checking capabilities. Firewalls are designed to keep out intruders not viruses.

I don't run Windows ha, ha, so I don't need to worry!
Just keep that mindset, don't worry now because you will have plenty to worry about in the future. Especially when your computer won't boot because of a virus, or files are destroyed. Virus programmers write all sorts of viruses and not just for Windows. Also some macro viruses and scripts will work on both Mac and Windows platforms.

I'm protected because I've got an anti-virus software on my system!
Again that's good but this still doesn't guarantee you won't be hit by a virus. Read on to find out why.

I don't use the Internet, so I can't get a virus on my machine!
That's great, (I guess...grin...). However if you copy files from floppy disks or CDs then you can infect your computer. After all, the standard program today is usually on a CD which can be infected just as well.

If you are not using any anti-virus software now, then mark my word, your system will get infected at some point. If you are using anti-virus software then your chances are much better that you won't, but only if you keep your anti-virus software updated.

As long as I have the anti-virus software why update it?

Maybe you think as long as you have your system protected then you don't need to update the anti-virus software. NOT! Many a user has made the mistake of thinking because they had acive anti-virus software that they were protected. Don't make that mistake. Updates are a must!

New viruses are being written constantly and unleashed on unsuspecting users.

Companies that specialize in anit-virus software write updates to check for the new viruses and the malicious programmers write modifications and (or) new viruses to get around those updates by the companies.

Unfortunately, the virus has to exist before the company can write protection for it, so I guess you know what that means. Yep, some poor computer gets the virus, then it's reported to the anti-virus software companies so they can write protection for it. It's one vicious cycle and the virus programmers get the first shot.

So what does this mean to me, you might say?

What it means is even with updated anti-virus software your computer could still get infected!

It means you have to use caution when receiving email. Don't open attachments or run "cute" little programs from people you don't know. In fact, the best procedure is to contact the person first and make sure the attachment was sent by them and that it is safe.

It means you have to use caution when downloading files and exchanging files with other people. Know the source.

It means always have a current backup of your most important files or preferably a backup of your complete system.

While doing some of my research, I came across several tutorials about viruses on some web sites. A couple of these tutorials were written in 1999 and ironically ended with the statement:

" currently the casual or home user shouldn't be too concerned about viruses."

Again, "You've come a long way, baby"! Even as I was writing the above section my email program notified me I had email. I had received four messages in the past fifteen minutes. Lo and behold one of the messages was infected with the Klez virus. That was the second email I had received today that was infected with a virus. Should the casual or home user be worried.... absolutely!

Example Viruses And How They Work

Let's discuss a few of the many viruses, and the damage they can do. I think discussing only a few will be enough to make you want to go out and grab some anti-virus software... grin ....

There are plenty of links for more reading pleasure in the "Resources" section too for those that want to dive deeper into the complexity of viruses.

By far, the worst spreading viruses or worms have been via email, such as the ones listed below:

W32Klez - This is a high spreading virus or worm that searches the user's address book and sends out infected emails to all of the email addresses it finds. This little beast attacks a vulnerability in Microsoft Outlook and Outlook Express in an attempt to execute itself when you open or even preview the message.

Now lets add some insult to the injury!
It also carries other viruses with it depending upon the variant of the Klez virus. Once such virus it carries is called W32ElKern. This virus infects files over open user shared resources and network drives. It also tries to infect all executable files in the \Windows\System folder.

OK, so now pour salt on the wound!
Some variants of W32Klez also use email spoofing. Meaning it sends out these infected emails to all of your addresses, and on top of that it decides to replace your email address (as the sender) with some of your "friend's" email addresses. Of course this makes it look like your friends sent out some of the infected emails as well, even though they didn't!


Happy 99 - This happy little fella... sorry I couldn't resist, first came out in 1999. It too was spread via email and newsgroup postings in the form of an attachment containing an exe file. This virus targeted Windows 95 and 98 computers in particular, and like Klez, it made the news.

The first time Happy99.exe was executed, a fireworks display saying "Happy 99" popped up on the computer screen and, at the same time, started modifying system files. Thereafter each time the user sent an email, the virus would send a followup email with the attached happy99.exe file.

It kept track of the email addresses in a file so it wouldn't send the attachment to the same person twice. Of course the person on the receiving end of the email thought it was a "cute" little fireworks program sent by their friend. Yeah right, that's when the fireworks started.....

One person's horror story about the Happy 99 virus from Geek.com:

"this charity was hit pretty hard by Happy 99 because the youth programs department runs youth clubs called "Happy Clubs." So anyone getting an e-mail labeled "Happy 99" could reasonably assume the attachment was regarding company business...." Click here to read the article (opens in your default browser.)


Melissa - This is a macro virus which has spread far and wide to many systems through MS Word documents. When a user opens an infected document, the virus will attempt to e-mail a copy of a document to up to 50 other people, using Microsoft Outlook. This virus also attaches itself to other MS Word documents in order to spread itself.

The email attachment would come with the following subject line:

Subject: Important Message From [User name]. The virus replaced "user name" with the persons actual name.

This of course would look like one of your friends sending you a document. Once you opened the document the virus would execute and start spreading through out other documents when you opened them by using macros. If macros were disabled then the virus couldn't execute.

One of my previous online businesses dealt with certification training for those in the computer field. I use to receive scripts written in MS Word format from teachers and trainers. It was common to receive a script that was infected with this virus and the writer would never even know their system had the virus.

I could go on and on about the many viruses however let's move on. Below are some more, better known ones. Do a search in your favorite search engine and you will have plenty of reading material if you want to research some of them further. The "Resources" section also has plenty of links and sites for more research as well.

Code Red
Loveletter (I love you)
Sircam
Nimda

Bear in mind that just because all the above viruses seem to target Windows platform machines, that other operating systems such as Macintosh and Linux CAN be infected with viruses. However, Windows machines comprise a huge share of the home user segment and seem to be targeted more, probably for this very reason. Again intruders and virus writers are looking for the easiest target, but don't think they have forgotten about other platforms.

Virus Myths and Hoaxes

I would also like to touch on one other subject real quick. Someday you will receive an email from a friend, a family member or even a possible spammer telling you about this virus that is spreading across the internet fast and furious.

You then shoot an email off to your many friends, and they then do the same. Before you know it, it is spreading across the internet. You could be the victim of a virus hoax or myth.

Sometimes the hoax itself can be damaging. One recent hoax told of a virus spreading across the internet and to delete a file named " sulfnbk.exe" because it was a virus.

As it turned out this file is used by the Windows operating system to manage long filenames, and the alleged virus was just a hoax. Just the same many people deleted the file on their computers and caused problems with their operating system.

Many of the anti-virus software sites listed in our "Resources" section have an area to research for hoaxes and to look up viruses. Before shooting off emails to everyone, be sure to check it is a real virus and not a hoax.

You can also go to:
VMyths.com
This site is a free site about viruses and especially virus hoaxes or myths.


Ok lets move on now and check out some anti-virus software resources to aid you in protecting your computer.


Next

Back To Index