• Sources of computer viruses. Computer viruses. Types, species, routes of infection

    The human body is susceptible to all kinds of diseases and infections, and animals and plants also get sick quite often. Scientists of the last century tried to identify the cause of many diseases, but even having determined the symptoms and course of the disease, they could not confidently say about its cause. It was only at the end of the nineteenth century that the term “viruses” appeared. Biology, or rather one of its sections - microbiology, began to study new microorganisms, which, as it turned out, have been neighbors for a long time and contribute to the deterioration of his health. In order to more effectively fight viruses, a new science has emerged - virology. It is she who can tell a lot of interesting things about ancient microorganisms.

    Viruses (biology): what are they?

    Only in the nineteenth century did scientists discover that the causative agents of measles, influenza, foot-and-mouth disease and other infectious diseases not only in humans, but also in animals and plants are microorganisms invisible to the human eye.

    After viruses were discovered, biology was not immediately able to provide answers to the questions posed about their structure, occurrence and classification. Humanity has a need for a new science - virology. IN present moment virologists are working to study familiar viruses, monitor their mutations and invent vaccines to protect living organisms from infection. Quite often, for the purpose of experiment, a new strain of the virus is created, which is stored in a “dormant” state. Based on it, drugs are developed and observations are made of their effects on organisms.

    IN modern society Virology is one of the most important sciences, and the most sought-after researcher is a virologist. The profession of a virologist, according to sociologists, is becoming more and more popular every year, which well reflects the trends of our time. After all, as many scientists believe, wars will soon be fought with the help of microorganisms and ruling regimes. In such conditions, a state with highly qualified virologists may turn out to be the most resilient, and its population the most viable.

    The emergence of viruses on Earth

    Scientists attribute the emergence of viruses to the most ancient times on the planet. Although it is impossible to say with certainty how they appeared and what form they had at that time. After all, viruses have the ability to penetrate absolutely any living organisms; they have access to the simplest forms of life, plants, fungi, animals and, of course, humans. But viruses do not leave behind any visible remains in the form of fossils, for example. All these features of the life of microorganisms significantly complicate their study.

    • they were part of the DNA and separated over time;
    • they were built into the genome initially and, under certain circumstances, “woke up” and began to reproduce.

    Scientists suggest that in the genome modern people There are a huge number of viruses that infected our ancestors, and now they are naturally integrated into the DNA.

    Viruses: when were they discovered?

    Studying viruses is enough new section in science, because it is believed that it appeared only at the end of the nineteenth century. In fact, it can be said that the viruses themselves and their vaccines were unknowingly discovered by an English doctor at the end of the nineteenth century. He worked on creating a cure for smallpox, which at that time killed hundreds of thousands of people during an epidemic. He managed to create an experimental vaccine directly from the sore of one of the girls who had smallpox. This vaccination turned out to be very effective and saved more than one life.

    But D.I. Ivanovsky is considered the official “father” of viruses. This Russian scientist for a long time studied diseases of tobacco plants and made an assumption about small microorganisms that pass through all known filters and cannot exist on their own.

    A few years later, the Frenchman Louis Pasteur, in the process of fighting rabies, identified its causative agents and introduced the term “viruses”. An interesting fact is that the microscopes of the late nineteenth century could not show viruses to scientists, so all assumptions were made about invisible microorganisms.

    Development of virology

    The middle of the last century gave a powerful impetus to the development of virology. For example, the invented electron microscope finally made it possible to see viruses and classify them.

    In the fifties of the twentieth century, the polio vaccine was invented, which became a salvation from this terrible disease for millions of children around the world. In addition, scientists have learned to grow human cells in a special environment, which has led to the opportunity to study human viruses in the laboratory. At the moment, about one and a half thousand viruses have already been described, although fifty years ago only two hundred such microorganisms were known.

    Properties of viruses

    Viruses have a number of properties that distinguish them from other microorganisms:

    • Very small sizes, measured in nanometers. Large human viruses, such as smallpox, are three hundred nanometers in size (that's just 0.3 millimeters).
    • Every living organism on the planet contains two types of nucleic acids, but viruses have only one.
    • Microorganisms cannot grow.
    • Viruses reproduce only in a living host cell.
    • Existence occurs only inside the cell; outside it, the microorganism cannot show signs of vital activity.

    Virus forms

    To date, scientists can confidently declare two forms of this microorganism:

    • extracellular - virion;
    • intracellular - virus.

    Outside the cell, the virion is in a “sleeping” state; it shows no signs of life. Once in the human body, it finds a suitable cell and, only having penetrated it, begins to actively multiply, turning into a virus.

    Virus structure

    Almost all viruses, despite the fact that they are quite diverse, have the same structure:

    • nucleic acids that form the genome;
    • protein shell (capsid);
    • Some microorganisms also have a membrane coating on top of the shell.

    Scientists believe that this simplicity of structure allows viruses to survive and adapt to changing conditions.

    Currently, virologists distinguish seven classes of microorganisms:

    • 1 - consist of double-stranded DNA;
    • 2 - contain single-stranded DNA;
    • 3 - viruses that copy their RNA;
    • 4 and 5 - contain single-stranded RNA;
    • 6 - transform RNA into DNA;
    • 7 - transform double-stranded DNA through RNA.

    Despite the fact that the classification of viruses and their study have made great progress, scientists admit the possibility of the emergence of new types of microorganisms that differ from all those already listed above.

    Types of Viral Infection

    The interaction of viruses with a living cell and the method of exit from it determines the type of infection:

    • Lytic

    During the infection process, all viruses simultaneously exit the cell, and as a result, the cell dies. Subsequently, the viruses “settle” in new cells and continue to destroy them.

    • Persistent

    Viruses leave the host cell gradually and begin to infect new cells. But the old one continues its life activity and “gives birth” to new viruses.

    • Latent

    The virus is embedded in the cell itself, during its division it is transmitted to other cells and spreads throughout the body. Viruses can remain in this state for quite a long time. Under the necessary circumstances, they begin to actively multiply and the infection proceeds according to the types already listed above.

    Russia: where are viruses studied?

    In our country, viruses have been studied for quite a long time, and it is Russian specialists who are leaders in this field. The D.I. Ivanovsky Research Institute of Virology is located in Moscow, whose specialists make a significant contribution to the development of science. On the basis of the research institute, I operate research laboratories, maintain an advisory center and a department of virology.

    At the same time, Russian virologists are working with WHO and expanding their collection of virus strains. Research institute specialists work in all areas of virology:

    • general:
    • private;
    • molecular.

    It is worth noting that in recent years there has been a tendency to unite the efforts of virologists around the world. Such collaboration is more effective and allows serious progress in studying the issue.

    Viruses (biology as a science has confirmed this) are microorganisms that accompany all living things on the planet throughout their entire existence. Therefore, their study is so important for the survival of many species on the planet, including humans, who have more than once in history fallen victim to various epidemics caused by viruses.

    preface 3

    §1.1 Definition of a computer virus 4

    §1.2. The main sources of viruses and the likelihood of infection. 5

    § 1.3 Signs of a computer being infected with a virus: 6

    § 1.4 Signs of the active phase of the virus: 6

    Chapter 2. classification of viruses 7

    § 2.1 Classification of viruses. 7

    § 2.2 Means to help prevent infection. 8

    § 3.1 Measures to protect against accidental removal: 10

    § 3.2 Measures to protect against device malfunctions: 10

    ^ Chapter 4. Antiviruses. 13

    § 4.2 Anti-virus programs. 15

    Conclusion 18

    references: 19

    preface

    IN modern world information has a certain, and often very high, value. And to protect it, there are a wide variety of ways, ranging from the simplest, but very effective protection password before using complex ones technical systems. In my test, I will consider issues such as: computer viruses, their sources, varieties, measures to protect against viruses, as well as various anti-virus programs.

    ^

    CHAPTER 1. Computer viruses

    §1.1 Definition of a computer virus

    - This small program, written by a highly qualified programmer, capable of self-reproduction and performing various destructive actions.

    There are many different versions regarding the date of birth of the first computer virus. However, most experts agree that computer viruses, as such, first appeared in 1986, although historically the emergence of viruses is closely connected with the idea of ​​​​creating self-replicating programs. One of the "pioneers" among computer viruses The "Brain" virus is believed to have been created by a Pakistani programmer named Alvi. In the USA alone, this virus infected over 18 thousand computers. At the beginning of the era of computer viruses, the development of virus-like programs was purely research in nature, gradually turning into an openly hostile attitude towards users of irresponsible and even criminal “elements”. In a number of countries, criminal legislation provides for liability for computer crimes, including the creation and distribution of viruses.

    Viruses operate only programmatically. They typically attach themselves to the file or penetrate the body of the file. In this case, the file is said to be infected with a virus. The virus enters the computer only along with an infected file. To activate the virus, you need to download the infected file, and only after that, the virus begins to act on its own.

    Some viruses become resident when an infected file is launched (they are permanently located in RAM computer) and can infect other downloaded files and programs. Another type of virus can cause serious damage immediately after activation, for example, format hard drive. The effects of viruses can manifest themselves in different ways: from various visual effects that interfere with work, to total loss information. Most viruses infect executive programs, that is, files with the extension .EXE and .COM, although lately Viruses distributed through the system are becoming increasingly popular email.

    It should be noted that computer viruses can only infect computers. Therefore, various statements about the impact of computer viruses on computer users are absolutely absurd.
    ^

    §1.2. The main sources of viruses and the likelihood of infection.

    ^

    § 1.3 Signs of a computer being infected with a virus:


    • reducing the amount of free RAM;

    • slower loading and operation of the computer;

    • incomprehensible (for no reason) changes in files, as well as changes in the size and date of the last modification of files;

    • loading errors operating system;

    • inability to save files in the required directories;

    • incomprehensible system messages, musical and visual effects etc.
    ^

    § 1.4 Signs of the active phase of the virus:

    • disappearance of files;

    • formatting hard drive;

    • inability to load files or operating system.

    ^

    Chapter 2. classification of viruses

    § 2.1 Classification of viruses.

    There are a lot different viruses. Conventionally, they can be classified as follows:

    1. boot viruses or BOOT viruses infect boot sectors of disks. Very dangerous, can lead to complete loss of all information stored on the disk;

    2. file viruses files are infected. Divided into:

    • viruses that infect programs(files with extension .EXE and .COM);

    • macroviruses - viruses, infecting data files, e.g. Word documents or workers Excel workbooks;

    • satellite viruses use names of other files;

    • viruses of the DIR family distort system information about file structures;

    1. boot file viruses capable of infecting both boot sector code and file code;

    2. invisible viruses or STEALTH viruses falsify information read from the disk so that the program intended for this information receives incorrect data. This technology, which is sometimes called Stealth technology, can be used in both BOOT viruses and file viruses;

    3. retroviruses infect anti-virus programs, trying to destroy them or make them inoperable;

    4. worm viruses provide small email messages with a so-called header, which is essentially a Web address

    1. the location of the virus itself. When you try to read such a message, the virus begins to read through the global Internet network its “body” and after loading it begins a destructive action. Very dangerous, as they are very difficult to detect, due to the fact that the infected file does not actually contain the virus code.
    If you do not take measures to protect against computer viruses, the consequences of infection can be very serious. In a number of countries, criminal legislation provides for liability for computer crimes, including the introduction of viruses. General and software tools are used to protect information from viruses.
    ^

    § 2.2 Means to help prevent infection.
    Virus protection measures:

    1. preventing strangers from accessing the computer. It happens that a virus infection occurs when a person was allowed to work on the computer, who brought his floppy disks with his programs, which turned out to be infected.

    2. use only reliable software. You should not indiscriminately copy onto your computer any program you like that you saw from friends, acquaintances or strangers. This especially applies to computer games, - it is with them that viruses are most often transmitted.

    3. monitoring any changes in the operation of the computer to detect the virus as quickly as possible. Such changes include: disruptions in the operation of programs that previously worked normally, the appearance of any messages on the screen

    1. etc. The sooner a virus can be detected, the greater the chance that it has not had time to spread greatly on the disk and infect many

    Programs, which means the consequences of virus infection will be minimal. It is important to keep in mind that some viruses are characterized by an “incubation period,” i.e. After penetrating the disk for a certain time, they only spread on it without producing any harmful effects, and only manifest themselves later, when more than a dozen files are infected.


    1. placement of the most valuable information on write-protected disks. If writing to the disk is disabled, obviously the virus cannot attach itself to the files on it, and it will be impossible to infect the protected disk.

    2. use antivirus programs for periodic hard checks disk and floppy disks brought to the computer. It is important to remember that antivirus programs quickly become outdated, since new viruses appear faster than them, just as poison always appears before the antidote.


    ^

    Chapter 3. Additional information protection.

    § 3.1 Measures to protect against accidental deletion:


    1. accuracy and attentiveness when working.

    2. placement of the most valuable information on write-protected disks. It is clear that it is impossible to even specifically delete information from protected disks.

    3. timely removal unnecessary files and rational placement of files in directories to avoid confusion. Over time, more and more more files, the disk becomes clogged. Gradually the user forgets what is in which file and in which directories (folders) it is contained necessary information. As a result, when the need arises to free up disk space, files containing valuable information may be deleted. Therefore, it is necessary to periodically put the disks in order.

    4. fast recovery wrong deleted files with the help special programs. The fact is that when a file is deleted, information from the disk is not erased; it simply allows other information to be written in its place. If the user quickly discovers his error, he still has a chance to recover by accident deleted information, and if after deletion he did not copy, move other files, launch other programs or restart the computer, these chances will be higher. To recover erroneously deleted files, there are special programs, for example undelete as part of norton utilities. In windows95, copies of deleted files are automatically placed in special folder(catalog) - “recycle bin”, from where, if necessary, they can be restored.
    ^

    § 3.2 Measures to protect against device malfunctions:

    1. periodically checking the health of the equipment (in particular, the surface of the hard drive) using special programs. Examples: disk doctor from norton utilities, scandisk from windows95. Such programs allow you to detect defective areas on the surface of the disk and mark them accordingly so that when recording information these areas are bypassed.

    2. periodic optimization (defragmentation) of the disk for rational placement of files on it, speeding up work and reducing its wear. When writing to disk, parts of the file may be written in different remote friend from other disk sectors, which is due to the fact that information can only be written to free sectors. In order to combine these file fragments and thereby reduce disk wear and time spent on reading information, you should periodically optimize (defragment) the disk using appropriate programs, for example, speed disk from Norton utilities, disk defragmentation utility in Windows95.

    3. the presence of a system floppy disk from which you can start the computer (i.e. load the operating system) in case of failures with the main system disk. Let us recall that in order for the computer to work, it is necessary to load the operating system into RAM, the main part of which is located in the form of files on one of the disks, called the system drive. If something happens to the system disk or some part of it where the operating system files are located, you will not be able to start the computer from it, which is why you need to have a backup system disk - a floppy disk with the corresponding files.
    If a virus infection is detected, you should also restart the computer from the backup system diskette, since the operating system on the main system disk may also be infected and, therefore, every time you turn on the computer and boot from the main system disk operating system, there will be viruses in the RAM. In such a situation, fighting viruses, for example using anti-virus programs, will be pointless, since, most likely, any program that is launched will be infected. By the way, anti-virus programs should also be collected and stored on a separate floppy disk to avoid infection.

    ^

    Chapter 4. Antiviruses.


    TO software protection includes different antivirus programs (antiviruses). Antivirus is a program that detects and neutralizes computer viruses. It should be noted that viruses are ahead of antivirus programs in their development, so even if you regularly use antiviruses, there is no 100% guarantee of security. Antivirus programs can detect and destroy only known viruses; when a new computer virus appears, there is no protection against it until an antivirus is developed for it. However, many modern antivirus packages include a special software module, called a heuristic analyzer, which is capable of examining the contents of files for the presence of code characteristic of computer viruses. This makes it possible to promptly identify and warn about the danger of infection with a new virus.
    ^

    § 4.1 Types of anti-virus programs.

    There are these types of antivirus programs:

    1. detector programs: are designed to find files infected with one of the known viruses. Some detector programs can also treat files for viruses or destroy infected files. There are specialized detectors, that is, designed to fight one virus, and polyphages that can fight many viruses;

    2. healer programs: designed to treat infected disks and programs. Treatment of a program consists of removing the virus body from the infected program. They can also be either polyphages or specialized;

    3. audit programs: are designed to detect virus infection of files, as well as find damaged files. These programs remember data about the state of the program and system areas of disks in a normal state (before infection) and compare this data while the computer is running. If the data does not match, a message indicating the possibility of infection is displayed;

    4. physician-inspectors: are designed to detect changes in files and system areas of disks and, in case of changes, return them to their initial state.

    5. filter programs: are designed to intercept calls to the operating system, which are used by viruses to reproduce and report this to the user. The user can allow or deny the corresponding operation. Such programs are resident, that is, they are located in the computer's RAM.

    6. vaccine programs: are used to process files and boot sectors in order to prevent infection by known viruses (lately this method has been used more and more often).


    ^

    § 4.2 Anti-virus programs.
    It should be noted that choosing one “best” antivirus is an extremely erroneous decision. It is recommended to use several different antivirus packages at the same time. When choosing an antivirus program, you should pay attention to such a parameter as the number of recognition signatures (a sequence of characters that are guaranteed to recognize a virus).

    The second parameter is the presence of a heuristic analyzer for unknown viruses; its presence is very useful, but it significantly slows down the running time of the program. Today there is large number various antivirus programs. Let's take a brief look at the ones common in the CIS countries.
    ^

    4.2.1 DR WEB


    One of best antiviruses with a powerful virus detection algorithm. Polyphage, capable of scanning files in archives, Word documents and Excel workbooks, identifies polymorphic viruses, which have recently become increasingly widespread. Suffice it to say that the epidemic is very dangerous virus It was DrWeb that stopped OneHalf. The heuristic analyzer DrWeb, examining programs for the presence of code fragments characteristic of viruses, allows us to find almost 90% of unknown viruses. When loading a program, DrWeb first checks itself for integrity, and then tests the RAM. The program can work in interactive mode and has a convenient, customizable user interface.

    4.2.2 ADINF

    Antivirus disk auditor ADINF (Advanced DiskINFoscope) allows you to find and destroy both existing conventional, stealth and polymorphic viruses, as well as completely new ones. The antivirus has at its disposal a healing block of the ADINF auditor - Adinf Cure Module - which can neutralize up to 97% of all viruses. This figure is given by Dialognauka, based on the results of testing that took place on the collections of viruses of two recognized authorities in this field - D.N. Lozinsky and Dr. Solomon's (Great Britain).

    ADINF loads automatically when the computer is turned on and controls the boot sector and files on the disk (date and time of creation, length, checksum), displaying messages about their changes. Due to the fact that ADINF performs disk operations bypassing the operating system, accessing BIOS functions, not only the ability to detect active stealth viruses is achieved, but also high speed disk check. If a boot virus is found, ADINF will simply restore the previous boot sector, which is stored in its table. If the virus is a file virus, then the Adinf Cure Module treatment unit comes to the rescue, which, based on the main module’s report on infected files, compares new file parameters with previous ones, stored in special tables. When discrepancies are detected, ADINF restores the previous state of the file rather than destroying the virus body, as polyphages do.

    4.2.3 AVP

    Antivirus AVP (AntiVirus Program) is a polyphage; during operation it checks RAM, files, including archived ones, on flexible, local, network and CD-ROM drives, as well as system data structures such as the boot sector, partition table, etc. The program has a heuristic analyzer, which, according to antivirus developers, is capable of finding almost 80% of all viruses. AVP is a 32-bit operating system application. Windows systems 98, NT and 2000, has user-friendly interface, as well as one of the largest in the world antivirus database. Antivirus databases for AVP are updated approximately once a week and can be obtained from the Internet. This program searches for and removes a wide variety of viruses, including:

    • polymorphic or self-encrypting viruses;

    • stealth viruses or invisible viruses;

    • new viruses for Windows;

    • macro viruses that infect Word documents and Excel spreadsheets.
    In addition, the AVP program monitors file operations in the system in background, detects a virus before the system is actually infected, and also identifies unknown viruses using a heuristic module.

    Conclusion

    In conclusion, I would like to say that this test She taught me a lot and gave me new knowledge. Today the market computer technology does not stand still, and every day offers more and more different achievements in this area. The day is already approaching when humanity will reach the peak of its capabilities.

    ^

    Global networks - email

    The main source of viruses today is global network Internet. The largest number of virus infections occurs when exchanging letters in Word formats/Office. The user of an editor infected with a macro virus, without knowing it, sends infected letters to recipients, and they, in turn, send new infected letters, etc.

    Let's assume that a user is chatting with five recipients, each of whom is also chatting with five recipients. After sending an infected letter, all five computers that received it become infected (Fig. 4.1).

    Then five more emails are sent from each newly infected computer. One goes back to an already infected computer, and four go to new recipients (Fig. 4.2).

    Rice. 4.1. Infecting the first five computers

    Thus, at the second level of distribution, 1+5+20=26 computers are already infected (Fig. 4.2). If network recipients exchange letters once a day, then by the end of the work week (5 days) at least 1+5+20+80+320=426 computers will be infected. It is not difficult to calculate that in 10 days more than one hundred thousand computers will become infected! Moreover, every day their number will quadruple.

    Rice. 4.2. Second level of infection

    The described case of virus spread is the most frequently recorded by antivirus companies. There are frequent cases when an infected document file or Excel spreadsheet due to an oversight, ends up on any commercial information mailing lists large company- in this case, not five, but hundreds or even thousands of subscribers of such mailings suffer, who then send infected files to tens of thousands of their subscribers.

    Electronic conferences, ftp file servers and BBS

    Public file servers and electronic conferences are also one of the main sources of virus spread. Almost every week we receive a message that some user has infected their computer with a virus that was removed from the BBS. ftp servers or from any electronic conference.

    In this case, often infected files are “posted” by the author of the virus on several BBS / ftp or sent to several conferences at the same time, and these files are disguised as new versions of some software (sometimes as new versions of antiviruses).

    In case mass mailing virus on ftp/BBS file servers, thousands of computers can be affected almost simultaneously, but in most cases DOS is installed - or Windows viruses, the speed of propagation of which is in modern conditions significantly lower than macroviruses. For this reason, such incidents almost never end in mass epidemics, which cannot be said about macroviruses.

    Local networks

    The third way of rapid infection is local networks. If you do not take the necessary protective measures, then the infected workstation upon entering the network, it infects one or more service files on the server (Fig. 4.3).

    Rice. 4.3. Infection of service files on the server

    The next day, when users log on to the network, they launch infected files from the server and thus the virus gains access to uninfected stations.

    Rice. 4.4. Infection on a computer

    Instead of the service file LOGIN. COM can also be various software installed on the server, standard template documents or Excel tables used in the company, etc.


    ©2015-2019 site
    All rights belong to their authors. This site does not claim authorship, but provides free use.
    Page creation date: 2017-04-20

    A computer virus is a malicious program capable of self-propagation and performing destructive actions. Viruses usually enter your computer disguised as something attractive or useful. They operate only programmatically: they attach to a file and, together with the infected file, penetrate the computer. There are viruses that, after infection, remain in the computer's RAM. In this case, they continue to harm other downloaded files and programs until the environment in which these viruses are running is shut down. Such viruses are called resident. Another type of virus, after launching, performs a one-time search for victims, after which it exits and transfers control to the infected file. The effects of viruses can manifest themselves in different ways: from visual effects that interfere with work to complete loss of information.

    Main sources of the virus

    A virus can enter your computer in several ways. Firstly, through a flash drive (or floppy disk) on which the infected files are located. Another option is through computer network, including the email system and the Internet. The source could be a hard drive that received a virus as a result of working with infected programs. In addition, installing an infected operating system will also result in malware entering your computer.

    The process of spreading the virus itself can be divided into several stages. First, the virus enters the computer. After this, it is activated and the search for objects of infection begins. This is followed by the stage of preparing virus copies and their further implementation into computer programs.
    You can find out if a virus has entered your computer by a number of signs. At the early stage of infection, the amount of free RAM decreases, or the computer loads and operates slower. Incomprehensible changes in files, the inability to save files in the desired directories, incomprehensible system messages, musical and visual effects - all this also serves as a signal that a virus has entered your computer. During the active phase, files disappear, they cannot be loaded, and the operating system cannot be loaded. In addition, when a computer is infected with a virus, hard formatting disk.


    Classification of viruses

    Today, about 50 thousand computer viruses are known. Depending on the characteristic properties of viruses, they can be detected and neutralized various methods. This raises the question of classification malware. Experts conditionally distinguish following types viruses.

    Boot viruses

    This type viruses infect boot sectors of permanent and removable media. Often the virus does not completely invade boot entry: only the beginning is written there, and the body of the virus is stored elsewhere on the disk. After launch, it remains resident in memory.

    File viruses

    These viruses infect files. This group is further divided into three, depending on the environment in which the virus code is executed:

    File viruses themselves are those that directly work with operating system resources. Files with the extension .com, .exe are affected.

    Macro viruses are viruses written in macro language and executed in the environment of an application. In the vast majority of cases we are talking about macros in Microsoft documents Office.

    Script viruses are viruses executed in a specific command shell environment: previously - bat files in command shell DOS, now more often VBS and JS - scripts in the command line Windows shell Scripting Host (WSH).

    Invisible viruses

    This type also called stealth virus. Main feature The essence of an invisible virus is that the virus, being constantly in the computer’s memory, intercepts calls to the infected file and removes the virus code from it on the fly, transmitting an unmodified version of the file in response to the request. This is how stealth viruses mask their presence in the system. To detect them antivirus products The ability to directly access the disk, bypassing the operating system, is required.

    There are several ways you can prevent infection and its devastating consequences. For example, you can spend backup information, or try not to use random and unknown programs. You can also install an antivirus on your computer. There is a large selection here: from paid professional antivirus packages to .

    antivirus program infection scanner

    The main source of viruses today is the global Internet. The largest number of virus infections occurs when exchanging letters in Word/Office97 formats. The user of an editor infected with a macro virus, without knowing it, sends infected letters to recipients, who in turn send new infected letters, etc.

    Let's assume that a user is chatting with five recipients, each of whom is also chatting with five recipients. After sending an infected letter, all five computers that received it are infected. Then five more emails are sent from each newly infected computer. One goes back to an already infected computer, and four go to new recipients.

    Thus, at the second level of distribution, 1+5+20=26 computers are already infected. If network recipients exchange letters once a day, then by the end of the work week (5 days) at least 1+5+20+80+320=426 computers will be infected. It is not difficult to calculate that in 10 days more than one hundred thousand computers become infected! Moreover, every day their number will quadruple.

    The described case of virus spread is the most frequently recorded by antivirus companies. It is not uncommon for an infected document file or Excel spreadsheet to end up on the commercial information mailing lists of a large company due to an oversight. In this case, not five, but hundreds or even thousands of subscribers of such mailings suffer, who then send infected files to tens of thousands of their subscribers.

    Electronic conferences, ftp and BBS file servers.

    “Public” file servers and electronic conferences are also one of the main sources of the spread of viruses.

    Almost every week we receive a message that a user has infected their computer with a virus that was taken from a BBS, ftp server or from some electronic conference.

    In this case, often infected files are “posted” by the author of the virus on several BBS/ftp or sent to several conferences at the same time, and these files are disguised as new versions of some software (sometimes as new versions of antiviruses).

    In the case of a mass distribution of a virus via ftp/BBS file servers, thousands of computers can be affected almost simultaneously, but in most cases, DOS or Windows viruses are “planted,” the speed of spread of which in modern conditions is much lower than macro viruses. For this reason, such incidents almost never end in mass epidemics, which cannot be said about macro viruses.

    Local networks

    The third way of “quick infection” is local networks. If you do not take the necessary protective measures, the infected workstation, when entering the network, infects one or more service files on the server (in the case Novell NetWare--LOGIN.COM)

    The next day, users launch infected files when logging into the network

    Instead of the LOGIN.COM service file, there can also be various software installed on the server, standard template documents or Excel tables used in the company, etc.

    Pirated software.

    Illegal copies of software, as always, are one of the main “risk areas”.

    Often pirated copies on floppy disks and even CDs contain files infected with a wide variety of types of viruses.

    Personal computers for “public use”.

    Computers installed in educational institutions also pose a danger. If one of the students brought a virus on his floppy disks and infected a school computer, then the floppy disks of all other students working on this computer will also receive another “infection”.

    The same applies to home computers if more than one person works on them. There are often situations when a student son (or daughter), working on a multi-user computer at an institute, drags a virus from there to home computer, as a result of which the virus enters the computer network of the father’s or mother’s company.

    Read more: