Viruses

• Computer Associates Virus Information Center
  Computer Associates's database listing of viruses.
  http://www3.ca.com/securityadvisor/virusinfo/
  
  
• DataFellowes
  F-Secure's viruse information site.
  http://www.datafellows.com/
  
  
• Description of Computer Viruses
  http://support.microsoft.com/default.aspx?scid=KB;EN-US;q129972
  
  
• ICSA Anti-Virus Info Center
  Anti-Virus Product Developers Consortium. New vulnerabilities and threats are discovered and reported every day. The hard part is determining which ones matter and what to do about them. These alerts will tell you what you need to know.
  http://www.icsalabs.com/html/communities/antivirus/
  
  
• McAfee's Virus Information Library
  Network Associates makes the McAfee suite of products.
  http://us.mcafee.com/virusInfo/
  
  
• Methods to Detect a Boot-Sector Virus
  http://support.microsoft.com/default.aspx?scid=KB;EN-US;q82923
  
  
• National Institute of Standards and Technology - Computer Security Division
  NIST is an Agency of the U.S. Commerce Department's Technology Administration.
  http://csrc.nist.gov/
  
  
• National Computer Security Association (NCSA)
  An independent organization that conducts a program to certify anti virus software that successfully detects all viruses.
  http://www.icsa.net/
  
  
• Network Associate Virus Information
  Network Associates makes the McAfee suite of products.
  http://us.mcafee.com/virusInfo/
  
  
• Stiller Research
  Viruses can seem mysterious but computer viruses are actually quite easy to understand. This web site is dedicated to demystifying how viruses and anti-virus products work.
  http://www.stiller.com/
  
  
• Sophos
  Information about Virus analyses, Hoaxes & scares, Viruses explained, Articles, White papers, Top ten viruses, Email notification, and Information feed.
  http://www.sophos.com/virusinfo/
  
  
• Symantec AV Center
  Symantec makes the popular Norton Anti-Virus, and this site is dedicated to their security response including: latest virus threats, security advisories, virus definitions updates for their product, and removal tools for those extremely difficult to remove viruses trojans and worms.
  http://www.symantec.com/avcenter/
  
  
• Trend Micro Virus Encyclopedia
  Trend Micro provides this searchable virus encyclopedia.
  http://www.antivirus.com/vinfo/virusencyclo/
  
  
• Virus Bulletins
  This is an independant Anti-Virus advice site supplying news, resources, a magazine, awards and conferences.
  http://www.virusbtn.com/

• Grisoft
  AVG Free Edition Anti-Virus software available for install on FreeCD
  http://www.grisoft.com/
  
  
• Computer Associates
  Anti-Virus, Firewall and Spyware products.
  http://www.my-etrust.com/products/
  
  
• McAfee
  Ant-Virus, Firewall, Content Filter and Anti-Spam products.
  http://ca.mcafee.com
  
  
• Sophos Anti-Virus
  Anti-Virus and Anti-Spam products.
  http://www.sophos.com
  
  
• Symantec
  The Norton line of products for Anti-Virus, Firewall, Disk/Registry Maintenance and Anti-Spam products.
  http://www.symantec.com
  
  
• PC-cillin
  Anti-Virus product.
  http://www.trendmicro.com

• A boot sector virus places malicious code into the first sector of a floppy or hard disk. When a floppy disk is in your A: drive and you restart or turn on your computer, the infection is launched onto all viewable drive volumes. In the early days of computers this type of infection was the most common, because these days floppy disk usage is for those rare users that still indulge in "sneaker net" (a network comprised of a floppy disk, a human, a pair of sneakers or other footwear and some form of travel).
  
  

• A Denial of Service is an action that occurs when a computer that is inefected with the virus is taken over by someone other than the normal user. The computer is then directed to attack, the target web site, flooding the internet Domain Name Servers for requests to translate the url to a network IP address, which prevents anyone trying to get to the web site and results in a page not found message, for most users.
  
  This is the type of virus that gets the most press, because the web site chosen to be attacked is generally a major vendor, such as Microsoft, or a governement web site.
  

• A macro virus is written using a macro programming language (these are languages used to write code for performing repetitive tasks in applications such as Word or Excel). They are then attached to an ordinary document file. When the document is opened and the macro virus is launched, the virus unloads its damage and copies itself into other documents to continue its spread. These types of infections were common in the early days of computers, because back then the applications did not include a dialog before the macro is permitted to start, if a document had a macro and you opened the document the macro virus would immediately launch.
  

• freescan
  Online scanner by McAfee
  http://clk.about.com/?zi=1/XJ&sdn=antivirus&zu=http%3A%2F%2Fwww.mcafee.com%2Fmyapps%2Fmfs%2Fdefault.asp
  
  
• ActiveScan
  Panda's online virus scanner.
  http://clk.about.com/?zi=1/XJ&sdn=antivirus&zu=http%3A%2F%2Fwww.pandasoftware.com%2Factivescan%2Fcom%2Factivescan_principal.htm
  
  
• Housecall
  Virus Scanner by Trend Micro.
  http://housecall.trendmicro.com/
  
  
• Security Check
  Online Virus and Security check by Symantec the makers of Norton products.
  http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym

• Some payloads have a trigger date, so a computer will show no signs of infection until that date. Some will not be noticable to the user, as they will occur in the background without the users knowledge. Some will not have any destructive nature while others will cause noticeable damage like deleting files, disabling other programs and in the worst cases they can actually destroy your computers hard drive or erase the computers CMOS memory, so your computer forgets what time it is or what kind of hard drives are installed in your computer.
  
  
• Many viruses attempt to disable your Anti-Virus software, and recently they've also started to attempt to disable any virus that currently controls your computer, so that their virus is the one that dominates your computer's CPU time. Your computer can easily be infected with the latest virus, and have gone through many phases of virus infections, during the period of time that your Anti-Virus software was not up to date. After updating the definitions, by resubscribing to your current software or the installation of new Anti-Virus software, the virus may have already caused enough damage to your computer to require a complete re-installtion of the operating system.
  
  
• Other payloads will have several levels where phase 1 does some damage to your computer then a month later phase 2 does other damage, then another month later phase 3 does even more damage. Sometimes the type of damage is depandant on the type of things that the virus finds on your computer, as is the case with the SirCam worm, which has a 1 in 20 chance of deleting all your files or a 1 in 50 chance of filling up your hard drive depending on what kinds of words and phrases are used in your documents.

• A trojan is a malicious program that pretends to be a normal program. These programs may come disguised as a program that you think you'd want to have installed on your computer, but they will do something that a you do not expect. Usually to steal information from your computer. Once installed the the attack takes place from inside your computer, and thus the reference to a trojan horse. By opening an email attachment or downloading and running a file from the Internet, the trojan will activate its payload. Collecting information, such as your keystrokes, usernames, serial numbers and passwords and then sending to a an email address or other temporary web or fpt site on the internet for the hacker, who wrote the trojan, to collect. Far more intrusive is a trojan that opens a port on your computer for the hacker to gain direct access to your computer. The writer of the trojan is not the only person that can gain access, the port that is opened is available to anyone who knows about the virus and has a understanding of how to exploit the open port. Trojans are not considered a virus in the true sense of the word since they do not spread themselves to other users.
  
  
• The Cleaner
  The worlds #1 Trojan Removal Tool Utility.
  http://www.moosoft.com/

• A VBS virus is one that is written using Visual Basic Scripting. Because of a security hole in Outlook and Outlook Express, this type of virus can be run without clicking on an attachment. If you have all of the security updates and service packs installed on your computer, then these will act like any other virus. A Script virus only supplies the code for a virus, and it can only be harmful if the script language is installed on the computer such as Visual Basic (VB). VB is installed by default when you install Windows onto your computer, and because of a security hole in Outlook and Outlook Express, this virus can be run without clicking on an attachment. However, if you have all of the Windows Updates and Service Packs installed on your computer, then these will act like any other virus, and if your using Anti-Virus software they are easily captured and isolated by any of the current Anti-Virus software solutions.
  
  

• A worm is unlike a virus or a trojan because they don't replicate themselves by attaching to another program; instead, they send themselves to other users from web server to web server, through e-mail, through IRC and through Instant Messaging programs like AIM, ICQ or MSN Messenger. Without up to date Anti-Virus protection or the most recent windows updates, they propegate rapidly throughout the internet, as was seen with the Nimda Worm in 2001.
  
  

• CIAC HoaxBusters
  In addition to describing hoaxes and chain letters found on the Internet, they discuss how to recognize hoaxes, what to do about them, and some of the history of hoaxes on the Internet.
  http://hoaxbusters.ciac.org/
  
  
• McAfee Virus Hoax Index
  A list of Hoaxes by McAfee Security.
  http://vil.nai.com/VIL/hoaxes.asp
  
  
• Sophos Virus Hoax List
  Sophos provides information about virus hoaxes, chain letters, scams and misunderstandings to aid companies and individuals. An alphabetical list is available or view by hoax type: chain letter, false alarm, misunderstanding, scam, scare, and virus hoax.
  http://www.sophos.com/virusinfo/hoaxes/
  
  
• Symantec Virus Hoax Alerts
  An alphabetical list is available from Symantec, makers of Norton Anti-Virus.
  http://www.symantec.com/avcenter/hoax.html
  
  
• Trend Micro Hoax Encyclopedia
  This alphabetical list is maintained by Trend Micro.
  http://www.antivirus.com/vinfo/hoaxes/hoax.asp
  
  
• Vmyths
  This site is dedicated to Virus Myths. Vmyths traces its roots to a "Computer Virus Myths treatise" first published in 1988. It evolved into the critically acclaimed "Computer Virus Myths home page" in 1995, then it moved to Vmyths.com in 2000. Its name has changed over the years, but Vmyths remains true to its original goal: the eradication of computer virus hysteria.
  http://www.vmyths.com/