Sample Scholarship Essays

Computer Viruses

A virus is a program that copies itself without the knowledge of the computer
user. Typically, a virus spreads from one computer to another by adding itself
to an existing piece of executable code so that it is executed when its host
code is run.If a virus if found, you shouldn’t panic or be in a hurry, and
you should work systematically. Don’t rush!
A Viruse may be classified by it’s method of concealment (hiding). Some are
called stealth viruses because of the way that they hide themselves, and some
polymorphic because of the way they change themselves to avoid scanners from
detecting them.

The most common classification relates to the sort of executable code which the
virus attaches itself to. These are:
Partition Viruses Boot Viruses File Viruses Overwriting Viruses
As well as replicating, a virus may carry a Damage routine.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

There is also a set of programs that are related to viruses by virtue of their
intentions, appearances, or users likely reactions. For example:
Droppers Failed viruses Packagers Trojans Jokes Test files
Damage is defined as something that you would prefer not to have happened. It is
measured by the amount of time it takes to reverse the damage.

Trivial damage happens when all you have to do is get rid of the virus. There
may be some audio or visual effect; often there is no effect at all.

Minor damage occurs when you have to replace some or all of your executable
files from clean backups, or by re-installing. Remember to run FindVirus again

Moderate damage is done when a virus trashes the hard disk, scrambles the FAT,
or low-level formats the drive. This is recoverable from your last backup. If
you take backups every day you lose, on average, half a day’s work.

Major damage is done by a virus that gradually corrupts data files, so that you
are unaware of what is happening. When you discover the problem, these corrupted
files are also backed up, and you might have to restore a very old backup to get
valid data.

Severe damage is done by a virus that gradually corrupts data files, but you
cannot see the corruption (there is no simple way of knowing whether the data is
good or bad). And, of course, your backups have the same problem.

Unlimited damage is done by a virus that gives a third party access to your
network, by stealing the supervisor password. The damage is then done by the
third party, who has control of the network.

Stealth Viruses
If a stealth virus is in memory, any program attempting to read the file (or
sector) containing the virus is fooled into believing that the virus is not
there, as it is hiding. The virus in memory filters out its own bytes, and only
shows the original bytes to the program.

There are three ways to deal with this:
1. Cold Boot from a clean DOS floppy, and make sure that nothing on the hard
disk is executed. Run any anti-virus software from floppy disk. Unfortunately,
although this method is foolproof, relatively few people are willing to do it.

2. Search for known viruses in memory. All the virus scanners do this when the
programs are run.

3. Use advanced programming techniques to probe the confusion that the virus
causes. A process known as the “Anti-Stealth Methodology” in some scanners can
be used for this.

Polymorphic Viruses
A polymorphic virus is one that is encrypted, and the decryptor/loader for the
rest of the virus is very variable. With a polymorphic virus, two instances of
the virus have no sequence of bytes in common. This makes it more difficult for
scanners to detect them.

Many scanners use the “Fuzzy Logic” technique and a “Generic Decryption Engine”
to detect these viruses.

The Partition and Partition Viruses
The partition sector is the first sector on a hard disk. It contains information
about the disk such as the number of sectors in each partition, where the DOS
partition starts, plus a small program. The partition sector is also called the
“Master Boot Record” (MBR).

When a PC starts up, it reads the partition sector and executes the code it
finds there. Viruses that use the partition sector modify this code.

Since the partition sector is not part of the normal data storage part of a disk,
utilities such as DEBUG will not allow access to it. However, it is possible to
use Inspect Disk to examine the partition sector. A floppy disk does not have a
partition sector.

How to Remove a Partition Sector (MBR) Virus
1. Cold Boot from a clean DOS diskette.

2. Run the DOS scanner.

3. Select the drive to clean and “Repair” it.

4. Follow the instructions.

The Boot Sector and Boot Sector Viruses
The boot sector is the first sector on a floppy disk. On a hard disk it is the
first sector of a partition. It contains information about the disk or partition,
such as the number of sectors, plus a small program.

When the PC starts up, it attempts to read the boot sector of a disk in drive A:.

If this fails because there is no disk, it reads the boot sector of drive C:. A
boot sector virus replaces this sector with its own code and moves the original
elsewhere on the disk.

Even a non-bootable floppy disk has executable code in its boot sector. This
displays the “not bootable” message when the computer attempts to boot from the
disk. Therefore, a non-bootable floppy can still contain a virus and infect a PC
if it is inserted in drive A: when the PC starts up.

File Viruses
File viruses append or insert themselves into executable files, typically .COM
and .EXE programs.

A direct-action file virus infects another executable file on disk when its
‘host’ executable file is run.

An indirect-action (or TSR – Terminate and Stay Resident) file virus installs
itself into memory when its ‘host’ is executed, and infects other files when
they are subsequently accessed.

Overwriting Viruses
Overwriting viruses overwrite all or part of the original program. As a result,
the original program doesn’t run. Overwriting viruses are not, therefore, a real
problem – they are extremely obvious, and so cannot spread effectively.

Droppers are programs that have been written to perform some apparently useful
job but, while doing so, write a virus out to the disk. In some cases, all that
they do is install the virus (or viruses).

A typical example is a utility that formats a floppy disk, complete with Stoned
virus installed on the boot sector.

Failed Viruses
Sometimes a file is found that contains a ‘failed virus’. This is the result of
either a corrupted ‘real’ virus or simply a result of bad programming on the
part of an aspiring virus writer. The virus does not work – it hangs when run,
or fails to infect.

Many viruses have severe bugs that prevent their design goals – some will not
reproduce successfully or will fail to perform their intended final actions
(such as corrupting the hard disk). In general many virus authors are very poor

Packagers are programs that in some way wrap something around the original
program. This could be as an anti-virus precaution, or for file compression.

Packagers can mask the existence of a virus inside.

Trojans and Jokes
A Trojan is a program that deliberately does unpleasant things, as well as (or
instead of) its declared function. They are not capable of spreading themselves
and rely on users copying them.

A Joke is a harmless program that does amusing things, perhaps unexpectedly. We
include the detection of a few jokes in the Toolkit, where people have found
particular jokes that give concern or offence.

Test files
Test files are used to test and demonstrate anti-virus software, in the context
of viruses. They are not viruses – simply small files that are recognised by
the software and cause it to simulate what would happen if it had found a virus.

This allows users to see what happens when it is triggered, without needing a
live virus.

How to Remove a Boot Virus from a Hard Disk
1. Cold Boot from a clean DOS diskette.

2. Run the scanner.

3. Select the drive to clean and “Repair” it.

An alternative method is as follows:
1. Cold Boot from a clean DOS diskette.

2. Type:
SYS C: at the DOS prompt. (if C drive is infected)
The clean DOS diskette should be the same version of DOS that is on the hard

How to Remove a Boot Virus from a Floppy
1. Cold Boot from a clean DOS diskette.

2. Run the scanner.

3. Make sure to “Replace the Boot Sector” of the floppy drive.

If you find a new virus…

If you have some symptoms that you think are a virus, then:
1. Format a floppy disk in the infected computer.

2. Copy any infected files to that floppy.

3. Copy your FORMAT and CHKDSK programs too.

As you can see in this essay, viruses are very appalling, and since a virus
spreads from one computer to another, it gets worse! Just like a contagious
human virus which causes more harm, as more people are infected and more need to
be treated. This same concept applies to a computer virus infecting computers
continually. Also, in this essay, various techniques have been explained on how
to remove and deal with computer viruses, of different types, inflicting
different components in a computer. So, next time you have suspicions that your
computer has been damaged by a virus, read through this essay and exercise the
remedies indicated.

Category: Technology

Computer Viruses

The quote The only truly secure system is one that is powered off, cast in a
lead-lined room with armed guards and even then I have my doubts.(E.H.

Spafford) of this report will explain how computer viruses have affected on
society and the security of personal computers. There literally hundreds of
viruses circulating for personal computers and many anti-viral packages that
claim to remove the code from your computer. Some viruses are polymorphic; that
is, they change with each infection in an attempt to avoid detection by
anti-virus programs. As quickly as someone writes an anti-virus program, someone
else writes a new virus that hides more successfully than in the past. Do to the
harshness of some viruses; people have devised methods of detecting and removing
them. The anti-viral programs will scan the entire hard drive looking for
evidence that viruses may have infected it. These programs must be told very
specifically what to look for on the hard drive. There are two main methods of
detecting viruses on a computer. The first is to compare all of the viruses on
the hard disk to known types of viruses. While this method is very accurate, it
can be made totally useless when dealing with a new and previously unknown
virus. The other method is the way in which a common cloning virus adapts. All
that a cloning virus really does is look at what operations the computer is
executing and reacts and adapts to them by making more copies of it. This is the
serious mistake with cloning viruses: all the copies of itself look the same.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!

order now

Basically all data in a computer is stored in a byte structure format. These
bytes, which are similar to symbols, occur in specific orders and lengths. Each
of the cloned viruses has the same order and length of the byte structure. All
that the anti-virus program has to do is scan the hard drive for byte structures
that are duplicated several times and delete them. This method is an excellent
way of dealing with the adaptive and reproducing format of cloning viruses. The
disadvantage is that it can produce a number of false alarms such as when a user
has two copies of the same file. Virus-specific detection and removal techniques
required detailed analysis of each new virus as it is discovered. Computer virus
experts must identify strange sequences of instructions that appear in the viral
code but not in normal programs. These experts develop cures to remove these
viruses from any infected hosts. While there are thousands of DOS viruses, less
than 10% of them have been seen in actual virus incidents within the population
that companies monitor. These are the viruses that actually constitute a problem
for the general population of PC users. It is very important that anti-virus
software detect viruses that have been observed in the wild. The remainder
are rarely seen outside of the collections of anti-virus groups like IBM.

Although many of them might never spread significantly, viruses that are not
prevalent remain of interest to the anti-virus society. Companies must always be
prepared for the possibility that a low-profile virus will start to become
prevalent. This requires them to be familiar with all viruses, prevalent or not,
and to incorporate a knowledge of as many of them as possible into anti-virus
software. It is not only the destructive nature of computer viruses that make
them so dangerous in todays society in the business sector, but also their
ability to relate themselves to their surroundings and react in ways that allow
them to proceed undetected to wreck more havoc on personal computer users across
the world. Conclusion Viruses have been around quite some time now and I can
assure you that it will be around just about forever. Over a decade now, there
are people who are constantly coming up with new ways of making life in the
computer world very difficult. The trend of technology is changing so rapidly
that something such as viruses will also follow the trend. Therefore, what we
all should realize that the activity that goes on and how we can base the
information provided to help prevent the spread of virus activity in the future.


Fighting Computer viruses 2.

Steve R. White, Jeff Kephart, David M. Chess, Computer Viruses: A Global
Perspective 3. Suguitan. G,
Fighting Computer viruses

4. Solomon, Dr. Alan. A future impact to Viruses.
5. Tippett, Peter S. Alive!




I'm Abigail

Would you like to get a custom essay? How about receiving a customized one?

Check it out