1、According to Fred Cohens well-known definition, a computer virus is a computer program that can infect other computer programs by modifying them in such a way as to include a (possibly evolved) copy of itself. Note that a program does not have to perform outright damage (such as deleting or corrupti
2、ng files) in order to be called a “virus”. However, Cohen uses the terms within his definition (e.g. “program” and “modify”) a bit differently from the way most anti-virus researchers use them, and classifies as viruses some things which most of us would not consider viruses. Computer viruses are bi
3、ts of code that damage or erase information, files, or software programs in your computer, much like viruses that infect humans, computer viruses can spread, and your computer can catch a virus when you download an infected file from the Internet or copy an infected file from a diskette. Once the vi
4、ruses is embedded into your computers files, it can immediately start to damage or destroy information, or it can wait for a particular date or event to trigger its activity.What are the main types of viruses?Generally, there are two main classes of viruses. The first class consists of the file Infe
5、ctors which attach themselves to ordinary program files. These usually infect arbitrary .COM and/or .EXE programs, though some can infect any program for which execution is requested, such as .SYS,.OVL,.PRG,&.MNU files.File infectors can be either direct action or resident. A direct-action virus sel
6、ects one or more other programs to infect each other time the program which contains it is executed ,and thereafter infects other programs when “they” are executed (as in the case of the Jerusalem) or when certain other conditions are fulfilled. The Vienna is an example of a direct-action virus. Mos
7、t other viruses are resident.The second class is system or boot-record infectors: those viruses, which infect executable code, found in certain system areas on a disk that are not ordinary files. On DOS systems, there are ordinary boot-sector viruses, which infect only the DOS boot sector on diskett
8、es. Examples include Brain, Stoned, Empire, Azusa, and Michelangelo. Such viruses are always resident viruses. Finally, a few viruses are able to infect both (the Tequila virus is one example). There are often called “multipartite” viruses, though there has been criticism of this name; another name
9、is “boot-and -file” virus.File system or cluster viruses (e.g. Dir-II) are those that modify directory table entries so that the virus is loaded and executed before the desired program is. Note that the program itself is not physically altered; only the directory entry is. Some consider these infect
10、ors to be a third category of viruses, while others consider them to be a sub-category of the file infectors.What are macro viruses?Many applications provide the functionality to create macros. A macro is a series of commands to perform some application-specific task. Macros are designed to make lif
11、e easier, for example, to perform some everyday tasks like text-formatting or spreadsheet calculations.Macros can be saved as a series of keystrokes (the application record what keys you press); or they can be written in special macro languages (usually based on real programming languages like C and
12、 BASIC). Modern applications combine both approaches; and their advanced macro languages are as complex as general purpose programming languages. When the macro language allows files to be modified, it becomes possible to create macros that copy themselves from one file to another. Such self-replica
13、ting macros are called macro viruses.Most macro viruses run under Word for Windows. Since this is a very popular word processor, it provides an effective means for viruses to spread. Most macro viruses are written using the macro language WordBasic. WordBasic is based on the good old BASIC programmi
14、ng language. However, it has many (hundreds of) extensions (for example, to deal with documents: edit, replace string, obtain the name of the current document, open new window, move cursor, etc.).What is a Trojan horse program?A type of program that is often confused with viruses is a Trojan horse p
15、rogram. This is not a virus, but simply a program (often harmful) that pretends to be something else.For example, you might download what you think is a new game; but when you run it, it deletes files on your hard drive. Or the third time you start the game, the program E-mail your saved passwords t
16、o another person.Note: simply download a file to your computer wont activate a virus or Trojan horse; you have to execute the code in the file to trigger it. This could mean running a program file, or opening a Word/Excel document in a program (such as Word or Excel) that can execute any macros in t
17、he document.What kind of files can spread viruses?Viruses have the potential to infect any type of executable code, not just the files that are commonly called “program files”. For example, some viruses infect executable code in the boot sector of floppy disk or in system areas of hard drives. Anoth
18、er type of virus, known as a “macro” virus, can infect word processing and spreadsheet documents that use macros. And its possible for HTML documents containing JavaScript or other types of executable code to spread viruses or other malicious code.Since viruses code must be executed to have any effe
19、ct, files that the computer treats as pure data are safe. This includes graphics and sound files such as .gif, .jpg, .mp3, .wav, .etc., as well as plain text in .txt files. For example, just viewing picture files wont infect your computer with a virus. The virus code has to be in a form, such as an
20、.exe program file or a Word .doc file which the computer will actually try to execute.How do viruses spread?The methodology of virus infection was pretty straightforward when first computer viruses such as Lehigh and Jerusalem started appearing. A virus is a small piece of computer code, usually for
21、m several bytes to a few tens of bytes, that can do, well, something unexpected. Such viruses attach themselves to executable files programs, so that the infected program, before proceeding with whatever tasks it is supposed to do, calls the virus code. One of the simplest ways to accomplish that is
22、 to append the virus code to the end of the file, and insert a command to the beginning of the program file that would jump right to the beginning of the virus code. After the virus is finished, it jumps back to the point of origination in the program. Such viruses were very popular in the late eigh
23、ties. The earlier ones only knew how to attach themselves to .Com files, since structure of a .COM file is much simpler than that of an .EXE fileyet another executable file format invented for MS-DOS operating system. The first virus to be closely studied was the Lehigh virus. It attached itself to
24、the file that was loaded by the system at boot timeCOMMAND.COM. the virus did a lot of damage to its host, so after three-four replications it was no longer usable. For that reason, the virus never managed to escape the university network.When you execute program code thats infected by a virus, the
25、virus code will also run and try to infect other programs, either on the same computer or on other computers connected to it over a network. And the newly infected programs will try to infect yet more programs.When you share a copy of an infected file with other computer users, running the file may
26、also infect their computer; and files from those computers may spread the infection to yet more computers.If your computer if infected with a boot sector virus, the virus tries to write copies of itself to the system areas of floppy disks and hard disks. Then the infected floppy disks may infect oth
27、er computers that boot from them, and the virus copy on the hard disk will try to infect still more floppies.Some viruses, known as multipartite viruses, and spread both by infecting files and by infecting the boot areas of floppy disks.What do viruses do to computers?Viruses are software programs,
28、and they can do the same things as any other program running on a computer. The accrual effect of any particular virus depends on how it was programmed by the person who wrote the virus.Some viruses are deliberately designed to damage files or otherwise interfere with your computers operation, while
29、 other dont do anything but try to spread themselves around. But even the ones that just spread themselves are harmful, since they damage files and may cause other problems in the process of spreading.Note that viruses cant do any damage to hardware: they wont melt down your CPU, burn out your hard
30、drive, cause your monitor to explode, etc. warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings.Modern viruses can exist on any system form MS DOS and Window 3.1 to MacOS, UNIX, OS/2, Windows NT. Some are harmless, though hard to catch.
31、They can play a jingle on Christmas or reboot your computer occasionally. Other are more dangerous. They can delete or corrupt your files, format hard drives, or do something of that sort. There are some deadly ones that can spread over networks with or without a host, transmit sensitive information
32、 over the network to a third party, or even mess with financial data on-line.Whats the story on viruses and E-mail?You cant get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded message containing embedded executable code (i.e., JavaScript in HTML message) or message that include an executable file attachment (i.e., an encoded program file or a Word document containing macros).In order to activate a virus or Trojan horse program, you computer has to execute some
copyright@ 2008-2022 冰豆网网站版权所有
经营许可证编号:鄂ICP备2022015515号-1
升级会员 