h1

Viruses and Spyware (A Primer)

February 16, 2008

The word “Virus” is often used as a generic term to define all malicious files that do bad things to your computer. But, the term is specific to a malicious program that needs human interaction in order to run (i.e. you have to do something to make it activate).

Macro Virus – A macro is a computer programming language built into a larger program that is used to automate tasks. A macro can be as short as a few lines of program or it can be a massive program, containing millions of lines of code. It can also be be designed to run as soon as the program is opened. The basic strategy contained with a macro virus is to embed the virus within an e-mail, which then must be opened, allowing it to run. The trick to this, of course, is tricking or somehow convincing the person into launching the attachment to let the virus do its thing.

Memory-Resident Virus – A memory-resident virus get’s into a computer’s RAM, and then it corrupts specific files and programs. When the PC is shut down, all information, including the virus, is purged. Memory-resident viruses can slow down the performance of your computer by stealing system resources. They can damage data and system files, stopping your computer from running altogether.

File Infector VirusesFile infector viruses attach themselves to files with extension such as .txt, .doc, .xls, .pdf, etc., making them slightly bigger in size and execute whenever the file(s) is/are run. These viruses can damage program or data files, they can damage crucial files and cripple your PC or even eat your data.

Boot Viruses – A boot virus affects the boot sector of your floppy or hard drive. The boot sector is an area on a disk that contains a program that starts the computer when it’s first switched on. A boot virus swaps itself for the program that boots the computer and spreads to other disks when it’s active. This type of virus infects any disk with which it comes into contact. It can render a PC unbootable, requiring reinstallation of the O/S.

Multi-Partite Viruses – A multi-partite virus can infect a computer several times using a whole range of techniques. The idea is to attack a PC at several vulnerable spots, including files, programs, disk drives, and macros. These types of viruses are very complex, and are very cleverly designed. They can do all sorts of nasty things, including rendering your PC unbootable and making files unstable. The hard part of removing these is they are extremely adept at hiding themselves. Just as you think you’ve caught all traces, you suddenly discover more files!

Worm – A worm is a virus that moves from computer to computer across a network. Many worms e-mail themselves to addresses found in the address book of an infected computer. They arrive as attachments, and once opened, they replicate on that system and start the process all over again. Worms basically cause a slowdown of network traffic as they replicate from computer to computer over a network, they can “clog” all network connections. Worms can crash computers and computer networks.

Trojan Horse – A trojan horse disguises itself in the guise of a file, also called a dropper, which allows it to escape detection by an anti-virus program. Once the attachment is opened, all hell breaks loose. Not only can it ransack your data and files, it can vandalize your desktop, delete files, and even create a backdoor, which gives the hacker a way to snoop around on your computer or even take control of your PC and use it to attack other systems on a network (called a bot). A trojan horse can also deploy viruses onto your PC.

Virus Hoax – These are not really viruses, per se, but they are just as annoying. A virus hoax starts as a simple e-mail that is sent to a person, usually in the guise of a “friend” trying to warn you about a new virus. The e-mail contains details about a virus terrorizing the Internet. People who don’t know better do the steps outlined (such as deleting specific files), unaware that doing this may very well remove essential files/folders that the computer needs in order to do its job.

SpywareSpyware is software that is written to capture information about you – where you live, buying habits, etc.  Spyware is considered malicious because it installs itself on your PC without your knowledge, and then watches your online habits and comprimises your privacy. It also pushes unwanted advertising at you. See that pop-up window on your PC? Yep, that’s spyware at its finest. It doesn’t push just any pop-up window at you, however. It tailors pop-ups to things it believes you will enjoy and may very well click on. Spyware can clog up your system’s memory and use space on your hard drive, causing performance slowdown. Some spyware capture your keystrokes and send them to a third party, which can potentially expose user IDs and passwords to thieves. Like a trojan horse virus, spyware can also install an electronic backdoor program, allowing a hacker to gain access and control of your computer. Spyware can sneak onto your computer by arriving as an automatic download from a Website you’re surfing. It can trick you into click on a link that will then download the spyware to your PC (an example is a link telling you you’ve won some sort of prize). Spyware can be embedded in the installation of a free program or piece of pirated software you download. It can also arrive on your system from an e-mail attachment. That Google or Yahoo! toolbar? Yep, that’s spyware. To get rid of it, download and run a third-party anti-spyware program such as Ad-Aware, SpyBot Search and Destroy or Spyware Doctor. Spyware can also hijack your Internet browser. One example of a truly devastating piece of spyware that can reek havoc on your computer (and I can attest to its damage) is SpySheriff.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: