How Computer Viruses Work
A virus hides inside a program where it will rest until the program is run. Once you run the program, the virus will begin its work. Usually, the first thing a virus does is copies itself into other programs on your hard disk, infecting them as well.
Some viruses place messages called “v-markers” or “virus markers” in programs that they have infected. If the virus finds a v-marker, it knows that it does not need to copy itself there because the program is already infected. When there are no more unmarked files on the computer, the virus might start damaging the computer and its data.
Viruses can corrupt files so that they cannot work, work strangely, or further damage the computer when they do run. Viruses can destroy every single file on a computer, change system files the computer needs to start up, and cause even more types of damage.
“Scanners” are programs that check for viruses, and tell you when viruses are found. There are many different ways in which a scanner can work, such as checking for virus markers, or checking to see if files’ sizes have changed. Some antivirus programs run non-stop and check for viruses before programs are run, or before files are downloaded.
Eradication programs are programs that disinfect software and remove viruses from files. Sometimes viruses can be removed without damaging the infected program, however, other times both virus and program will have to be destroyed.
How Trojan Horses Work
Trojan horses are programs that are disguised as normal programs, however, they are really viruses. Trojan horses are named after the original Trojan horse from the Trojan War. While the Greeks were at war with Troy, they gave the Trojans a large wooden horse as a gift, and pretended to sail off. The Trojans accepted their gift, and at night many Greek soldiers climbed out of the horse. They opened the wall around Troy, and the Greeks began killing Trojan soldiers as they slept. The Greeks went on to win the war because of this event.
The most well known Trojan horse was called Melissa. It was spread through e-mail, and it damaged many Internet mail servers. Melissa appeared in people’s e-mail inboxes with a Microsoft Word file attached. It appeared to be a normal e-mail with subject line, “important message from,” followed by the name of a friend or co-worker of the recipient. The message read, “Here is that document you asked for…don’t show anyone else.”
The Word file appeared to be normal, and it contained a list of pornographic sites. However, if it was opened, a macro, which is a set of automated commands, ran without being noticed by the user. If it was not opened, Melissa could do no harm.
The macro checked the user’s computer for Microsoft Outlook. Melissa could do nothing if the person did not have Outlook, however, if they did, Melissa would e-mail a copy of itself to the first 50 names in the address book without the person knowing. The e-mail was identical to the last one, instead with a new name in the subject line – the name of the most recently infected person. The e-mail looked as if the person was sending out a personal message, which is what made people open it. Each of the 50 people who received the e-mail and opened the attachment, would then appear to automatically send the e-mail to 50 more people, even though the user had know knowledge of what was happening.
The volume of mail became so great that e-mail servers could no longer keep up with the demand for sending and receiving e-mails, and many crashed. This meant that no e-mail at all could be sent or received. The problem was solved by updating antivirus software to enable it to detect and kill Melissa.