# BF Series Virus Protection Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

Computer virus ... All the computer users are aware of this topic in present. What is a computer virus? How can they harm to a computer? Those are really interesting questions to figure out. So this survey focuses interesting topics about computer viruses. Specially about best solutions that can get to prevent from virus attacks.

\newline\newline

In this survey most of the details gain from web based references and several tricks are included as recovering from virus attacks. Using this survey, readers can have clear idea about computer viruses and their behaviors. Moreover readers can get good idea about prevention and recovery stages of virus attacks.

\newpage

\begin{center}

\LARGE

\underline {{\bf Acknowledgment}}

\end{center}

\Large

I would like to express the deepest appreciation to my supervisor , Mr. K.P.M.K. Silva, lecturer of University of Colombo School of Computing, whose encouragement, guidance and support from the initial to the final level enabled me to make this success.

\newline\newline

In addition, I would like to thank Dr. H.L. Premaratne , lecturer of University of Colombo School of Computing , who encourage to do this literature survey successfully.

\newpage

\tableofcontents

\newpage

\section {Chapter 1 - Introduction}

\Large

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer or even delete everything on the hard disk .

\newline\newline

To mask an action on infection of other programs and harm drawing can be carried out not always. After the virus has executed the actions necessary to it, it transfers control to the program it lives in, and it works the same way as usually. That is why the work of the infected program looks the same as the work of not infected.

Many versions of viruses are arranged so that at the beginning of the infected program the virus remains not noticed, i.e. before operating system reboot, in memory of the computer and from time to time infects programs and carries out harmful actions on the computer.

\newline \newline

All actions of a virus can be carried out quickly enough and without delivery of any messages, therefore it is very difficult for user to notice that there is something unusual in the computer.While few programs are infected on the computer, virus presence can be almost imperceptible.

\newline \newline

In this survery, first few chapters explain types of viruses and how virus is working. Then symptoms of virus infections are listed out in next chapter. After that latest viruses and precautions describe in next two chapters. Finally recovering stage is explained in details.

\newline \newline

\newpage

\section {Chapter 2 - Types of Viruses}

Computer viruses can categorized into following types based on their behavior. It is better to have a look at virus types before move to protection phase.

\newline \newline

{\bf Trojan Horse: }

A trojan horse program has the appearance of having a useful and desired function. Secretly the program performs other, undesired functions. A Trojan Horse neither replicates nor copies itself, but causes damage or compromises the security of the computer. A Trojan Horse must be sent by someone or carried by another program and may arrive in the form of a joke program or software of some sort. The malicious functionality of a Trojan Horse may be anything undesirable for a computer user, including data destruction or compromising a system by providing a means for another computer to gain access, thus bypassing normal access controls.

{\bf Worms: }

A worm is a program that makes and facilitates the distribution of copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or by clicking on an infected e-mail.

{\bf Boot sector Virus: }

A virus which attaches itself to the first part of the hard disk that is read by the computer upon boot up.

{\bf Macro Virus:}

Macro viruses are viruses that use another application's macro programming language to distribute themselves. They infect documents such as MS Word or MS Excel and are typically spread to other similar documents.

{\bf Memory Resident Viruses:}

Memory Resident Viruses reside in a computers volitale memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after it's initiating program closes.

{\bf Rootkit Virus: }

A rootkit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term rootkit comes from the linux administrator root user. These viruses are usually installed by trojans and are normally disguised as operating system files.

{\bf Polymorphic Viruses:}

A polymorphic virus not only replicates itself by creating multiple files of itself, but it also changes it's digital signature every time it replicates. This makes it difficult for less sophisticated antivirus software to detect.

{\bf Logic Bombs/Time Bombs:}

These are viruses which are programmed to initiate at a specific date or when a specific event occurs. As an example, virus which deletes a database table if a certain employee gets fired.

{\bf Boot Sector Infectors:} Also sometimes called boot record infectors, system viruses, or boot viruses, these programs attack the vulnerable boot program that is stored on every bootable floppy disk or hard disk. This code is executed by the system when the PC is started up, making it a juicy target for virus writers: by installing themselves here they guarantee that their code will be executed whenever the system is started up, giving them full control over the system to do what they wish.

{\bf File Infectors:} These viruses directly attack and modify program files, which are usually .EXE or .COM files. When the program is run, the virus executes and does whatever it wants to do. Usually it loads itself into memory and waits for a trigger to find and infect other program files.

\newpage

\section {Chapter 3-How Viruses Work}

\subsection {Life cycle of a virus}

The life cycle of a virus begins when it is created and ends when it is completely eradicated. The following outline describes each stage:

{\bf Creation}

Until recently, creating a virus required knowledge of a computer programming language. Today anyone with basic programming knowledge can create a virus. Typically, individuals who wish to cause widespread, random damage to computers create viruses. Replication Viruses typically replicate for a long period of time before they activate, allowing plenty of time to spread.

{\bf Activation}

Viruses with damage routines will activate when certain conditions are met, for example, on a certain date or when the infected user performs a particular action. Viruses without damage routines do not activate, instead causing damage by stealing storage space.

{\bf Discovery}

This phase does not always follow activation, but typically does. When a virus is detected and isolated, it is sent to the ICSA in Washington, D.C., to be documented and distributed to antivirus software developers. Discovery normally takes place at least one year before the virus might have become a threat to the computing community.

\clearpage

{\bf Assimilation}

At this point, antivirus software developers modify their software so that it can detect the new virus. This can take anywhere from one day to six months, depending on the developer and the virus type.

If enough users install up-to-date virus protection software, any virus can be wiped out. So far no viruses have disappeared completely, but some have long ceased to be a major threat.

\subsection {The general way that viruses work}

\begin{itemize}

\item An infected program is run. This is either a program file (in the case of a file-infecting virus) or a boot sector program at boot time. In the case of a Microsoft Word document the virus can be activated as soon as the document that contains it is opened for reading within Microsoft Word. If the "NORMAL.DOT" document template is infected (and this is the most common target of these viruses) then the virus may be activated as soon as Microsoft Word is started up.

\item The infected program has been modified so that instead of the proper code running, the virus code runs instead. This is usually done by the virus modifying the first few instructions to "jump" to where the virus code is stored. The virus code begins to execute.

\item The virus code becomes active and takes control of the PC. There are two ways that a virus will behave when it is run: direct-action viruses will immediately execute, often seeking other programs to infect and exhibiting whatever other possibly malicious behavior their author coded into them. Many file-infector viruses are direct-action. In contrast, memory-resident viruses do not do anything immediately; they load themselves into memory and wait for a triggering event that will cause them to "act". Many file infectors and all boot infectors do this.

\item What exactly the virus does depends on what the virus is written to do. Their primary goals however include replication and spreading, so viruses will generally search for new targets that they can infect. For example, a boot sector virus will attempt to install itself on hard disks or floppy disks that it finds in the system. File infectors may stay in memory and look for programs being run that they can target for infection.

\end{itemize}

\newpage

\section {Chapter 4-Symptoms of Viruses}

Following are few common symptoms of virus infection

\begin{itemize}

\item The computer runs slower than usual.

\item The computer stops responding, or it locks up frequently.

\item The computer crashes, and then it restarts every few minutes.

\item The computer restarts on its own. Additionally, the computer does not run as usual.

\item Applications on the computer do not work correctly.

\item Disks or disk drives are inaccessible.

\item Can see unusual error messages.

\item There is a double extension on an attachment that recently opened file, such as a .jpg, .vbs, .gif, or .exe. extension.

\item An antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.

\item An antivirus program cannot be installed on the computer, or the antivirus program will not run.

\item New icons appear on the desktop, or the icons are not associated with any recently installed programs.

\item Strange sounds or music plays from the speakers unexpectedly.

\item A program disappears from the computer

\newline \newline

These signs may also be caused by hardware or software problems that have nothing to do with a computer virus.

Not all computer viruses behave, replicate, or infect the same way. There are several different categories of viruses and malware.

\end{itemize}

\newpage

\section {Chapter 5- Latest Viruses}

\subsection {Latest viruses in 2010 }

\begin{itemize}

\item {\bf Backdoor.Bot}

Backdoor.Bot is a hacker agent, it allows the computer to be remotely controlled by another user.

\item {\bf W32.Netsky.T@mm}

Netsky.T worm arrives as an e-mail attachment. The infected attachment name, message body and subject is randomly chosen by the worm.

\item {\bf W32.Stration@mm}

Stration aka Warezov is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. Stration worm arrives as an e-mail attachment. It has the ability to download new variants of malware from Internet.

\item {\bf W32.Blackmal.E@mm}

W32.Blackmal.E@mm aka VB.BI is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. It attempts spread through network shares.

\item {\bf W32.Sober.X@mm}

Sober.X is a mass mailing worm uses e-mail addresses collected from the system to distribute infected mails. The worm uses its own SMTP engine to spread. The infected mail will be in English or German.

\item {\bf W32.Beagle.AV@mm}

Beagle.AV is a mass mailing worm, uses e-mail addresses collected from the infected system to distribute infected messages. Beagle worm arrives as an e-mail attachment.

\item {\bf W32.Sasser.Worm}

Sasser is a network Worm, exploits a remote code execution vulnerability LSASS to infect target systems. It scans for IP addresses and infects unpatched systems.

\item {\bf W32.Mydoom.A@mm}

Novarg aka Mydoom is a mass mailing worm, uses e-mail addresses collected from .wab, .adb, .tbb, .dbx, .asp, .php, .sht, .htm, .txt files to distribute infected messages. Novarg worm arrives as an e-mail attachment. The infected attachment name, subject and message body is randomly chosen by the worm. The worm also spreads using KaZaA P2P network.

\end{itemize}

\par

\subsection { Most dangerous computer viruses}

\textbf{7. Jerusalem - 1987}

For the first time it was discovered in 1987 on October 1. The virus was dubbed Jerusalem because it was identified in a Hebrew university, but in 1991 antivirus experts found that Italy is the country were the first traces of the computer virus were noticed. Jerusalem is believed to be one of the oldest computer viruses in history, being able to infect both .EXE and .COM files. Initially the Jerusalem virus included a bug that led to a repeat infection of the files that continued until the size of the files overcome computer resources. In addition, each Friday 13 it deleted all programs in the infected system as a result of a malicious payload that set off on the respective day. Jerusalem considerably slowed down the machine. A person could identify the virus but noticing two lines on the monitor.

\textbf{6. Morris (a.k.a. Internet Worm) - 1988}

The name of the virus comes from its developer Robert Tappan Morris. The computer worm was set off on November 2, 1988 and after some time it managed to infect 6,000 to 9,000 machines. It overloaded the whole Internet, leading to the failure of a large number of servers. According to its developer, the goal was to discover just how far and fast a computer worm can spread all over the network.

\textbf{5. Barrotes - 1993}

This is believed to be the first popular computer virus developed in Spain. As soon as it infected the system, it would remain there until January the 5th, when it would set off showing a series of bars on the screen. It infected .COM, .EXE and overlay files. The Barrotes computer virus represents a resident virus - it becomes a resident of the computer memory each time the machine starts up. It could also overwrite the Master Boot Record of the HDD, thus making it impossible for the uses to access the hard disk.

\textbf{4. Solar Sunrise - 1998}

This is not the name of the computer virus, it is the name of the situation that occurred in 1998 when a team of hackers managed to take control of more than 500 computer system of the army, government as well as private sector of the United States. The name Solar Sunrise comes after the well-known vulnerabilities in machines that run on the Sun Solaris OS. At first the attack was believed to have been organized by hackers from Iraq, but later it was discovered that the ones to blame were two American youngsters from California.

\textbf{3. CIH (a.k.a. Chernobyl) - 1998}

This computer virus managed to affect huge amounts of data stored on computers. Later it was discovered that the computer virus was launched in Taiwan. It has been recognized to be one of the most dangerous computer viruses in history. It infected Windows 95, 98, and ME executable files. In addition, CIH remained resident in the memory of the machine, being able to carry on infecting other executables. After being activated, the virus overwrote data on the HDD of the infected PC, making the latter inoperable. CIH could also overwrite the BIOS of the infected computer, thus preventing boot-up.

\textbf{2. Melissa - 1999}

This computer virus managed to cause a damaged estimated between $300 and$600 million. The famous computer virus gained huge fame on March 26, 1999. Experts claimed that this computer virus managed to infect between 15 and 20 percent of all business PCs on the planet. Melissa virus spread so fast that a number of big companies, including Intel and Microsoft, that used Outlook, had to shut down their email systems to hold up the damage. The computer virus took advantage of Microsoft outlook to send email messages of itself to 50 names on the contact list of a user. The message in the email read: "Here is that document you asked for don't show anyone else." It featured an attached Word document, which, when opened, unleashed the virus that infected the computer and then repeated the replication.

\textbf{1. ILOVEYOU - 2000}

Considered to be one of the most dangerous computer worms in history, ILOVEYOU was for the first time detected in Philippines on May 4. In just one day it spread worldwide, with about 10 percent of all Internet users being affected by the worm. ILOVEYOU also caused \\$5.5 billion damage. Its name comes from the subject of the email that a user received. The email included an attachment that said "LOVE-LETTER-FOR-YOU.TXT.vbs". When activated, the computer worm overwrote all files on the host, attacking a copy of itself to each file. In addition, the worm sent a copy of itself to everyone in a user's contact list.

\newpage

\section {Chapter 6-Precautions}

Following are the steps to prevent from a virus invasion,

\begin{itemize}

\item Load only software from original disks or CD's. Pirated or copied software is always a risk for a virus.

\item Execute only programs of which users are familiar as to their origin. Programs sent by email should always be suspicious.

\item Computer uploads and "system configuration" changes should always be performed by the person who is responsible for the computer. Password protection should be employed.

\item Check all shareware and free programs downloaded from on-line services with a virus checking program.

\item Purchase a virus program that suitable for computer performance and up-date it frequently.

\item More Connections Means More Risk: A standalone PC with a stable software base has much less chance of becoming infected by a virus than a PC shared by multiple users that is connected to a large network.

\item Use Backups: If users have the ability and the discipline to maintain multiple backups of system over a period of time, this is a useful "last ditch" defense against virus infection. It does not really prevent viruses from striking the system, but it can save the users from unlucky situations such as data loss.

\item Control Access to PC: Owner should be careful about who uses the system. Generally speaking, a PC in an open area used by dozens of people will develop viruses far more often than one on an individual's desk. The reasons are obvious. To prevent the casual use of a PC in an office environment, consider using a boot password

\item Scanning: Scanning floppies before they use first time. It is a good way of protecting system from the spread of viruses from other systems.

\end{itemize}

\newpage

\section {Chapter 7 - Recovering from a Virus Attack}

If anyone unfortunate enough to be the victim of a virus attack, then options narrow. User have to find the infected files on their computer, and then either disinfect them (by removing the virus code) or delete them-hopefully before the virus has done any permanent damage to the system.

However, no need to give up and throw the computer away. Almost all viruses can be recovered from-some quite easily. All that need is a little information, and the right tools.

Quite often, running an antivirus program is need to do to recover from a virus infection. However, if a virus has deleted or corrupted any document or program files on PC, user will probably have to restore those files from backup copies-or reinstall any damaged programs from their original CD-ROMs. In a worst-case scenario, where the operating system files have been affected, then may need to reinstall entire operating system-or even, in some instances, reformat hard disk and rebuild entire system from scratch.

\newline \newline

These are some common problems that occured to users:

\newline

\textbf{Can firewalls detect virus?}

Firewalls do not screen computer viruses. As the location of firewalls is a good place for scanning, some firewalls has plug-in virus scanning module. And some programs scan virus at a point either before or after a firewall. Note that scanning FTP or HTTP traffic adds heavy network overhead but blocks only one of the sources of virus.

\newpage

\textbf{Why some viruses can be detected but not cleaned with the anti-virus software?}

Anti-virus software not only detect viruses, but also other types of malicious codes, which may not be cleanable. For example, trojan horse is a type of malicious code that should be deleted instead of cleaned. In other cases, the virus may have corrupted the file and made it impossible to clean / recover.

\textbf{Can email message be infected?}

Plain electronic mail messages with pure text and contain no executable code will not be infected. However, files attached to the message may be infected. If someone receive an e-mail with attached files from an unknown source, the best approach is to scan it before running the file or opening it in Word or Excel. If it open the file attachments directly, there is a risk infecting computer. The latest generation of antivirus software can usually be configured to scan e-mail attachments before open them

{\bf What we expect from Anti virus tool?}

{\bf Effectiveness}

Antivirus is specifically designed to protect the computer, so if it does not do that well, what good is it? All the features, bells and whistles, or sleek interface can't make up for poor performance. We look at results from the industry-standard security software testers and professional security organizations to find the most effective software available and evaluate overall effectiveness. In general, our highest ranked programs are also the most effective.

{\bf Ease of Installation and Setup}

Security software shouldn't be a chore to install, and should have protected as soon as possible. From download to install, to the first scan; implementing antivirus software should be quick and easy.

{\bf Ease of Use}

Antivirus software is complex stuff, but should not require a degree in computer security. The best security programs have all the features security experts want, but are just as easily used by a beginner. Everyday computer users want a security solution that they can install and forget about; software that does not require constant maintenance or have annoying interruptions. The best antivirus software is flexible enough to do exactly what user want to (even if that means running by itself).

{\bf Features}

A well-rounded feature set takes a security solution from good to great. More than bells and whistles, added features provide security, usability and performance benefits.

Security software is only as good as its latest update. Viruses are being identified and added to signature databases all the time, so it's important that virus definition list updates accordingly. Modern antivirus software are equipped with automatic updates that perform regularly enough that get faster updates that don't slow down the system. The best security providers even "push" updates as soon as they are available.

\newpage

\section {Chapter 8- What types of virus scanners exist?}

\subsection { Methodes of virus scanning}

Today's antivirus software typically adopt one or more of the following methods to screen emails and files moving in of a computer:

{\bf File Scanning -} usually after antivirus installation and download of latest virus definitions. This scans certain or all files on the computer to detect virus infection. All antivirus allows user scheduled background scanning.

{\bf Email and Attachment Scanning - }since email is the primary virus delivery mechanism, this is the most important function of the antivirus software. All antivirus today scans both email content and attachments for viruses - some like Norton picks up emails from users' email server before passing it to computer for scanning .

{\bf Heuristic Scanning - }used to detect viruslike code in emails and files based on intelligent guessing of typical viruslike code patterns and behaviour. Test labs use 'zoo viruses -fabricated viruses' to test performance of antivirus software in detecting new viruses.

{\bf Active Code Scanning - }new browsers allows active codes like Java and ActiveX in webpages. But these codes can also be of malicious nature and do severe damage to the computer and go on to infect other computers. Links in emails can invoke active codes in a webpage and do the same damage.

\subsection {Anti Virus Tools}

Following shows comparison of some best anti virus tools:

\newline

{\bf BitDefender Antivirus Review}

BitDefender Antivirus protects the computer from number of online threats, including viruses, spyware, phishing scams, and more. The software basically covers users from every angle, protecting from threats on the internet, email, and even instant messaging. BitDefender scans all web, IM, and email traffic for malware. The software is even equipped to encrypt IM conversations

BitDefender's scanners run in real-time, but don't require a lot of resources. In fact, the new optimized scans run 30\% faster than last year (which were already fast), without significantly increasing system load and even reducing the boot time.

\newline

Another advanced feature is one sure to please PC gamers. Bitdefender features a no-interruptions gamer mode that is ideal for stopping annoying notices or popups from interfering while users are in the middle of some intense gaming

BitDefender 2010 is also equipped to run effectively on laptops, and features a special laptop mode designed to optimize battery life.

This year BitDefender adds user profiles, allowing the end user to choose the level of control they want from the program, and choosing from three distinct interface choices specifically designed to accommodate their specific needs and activities.

\newline

{\bf Kaspersky Anti-Virus Review}

Kaspersky Anti-Virus is a complete antivirus solution with real-time protection from a number of threats, including viruses, Trojans, bots, worms, and even spyware. The software is more than equipped for comprehensive security.

Kaspersky Anti-Virus 2010 offers full web protection; the Kaspersky URL Advisor gives a whole new level of protection online. The plug-in works with a browser (Firefox and/or IE) and provides integrated warnings and advanced protection while user surf.

Kaspersky has historically been one of the most effective antivirus software around, often among the first to detect new viruses.

Kaspersky Anti-Virus doesn't just find and remove malware, but also keeps an eye on potential security threats. The integrated vulnerability scan checks for system and application issues that should be addressed to reduce/eliminate vulnerabilities.

Kaspersky Anti-Virus is quite simple to use, with an easy interface and user-friendly navigation.

\newline

{\bf Webroot AntiVirus with SpySweeper Review}

Webroot AntiVirus with Spy Sweeper is a very comprehensive desktop antivirus package. The software protects from threats from several sources, and the several layers of protection keep thecomputer safe. Webroot protects PC's from viruses in all forms, as well as worms, Trojans, malware, and rootkits.

\newline

Webroot monitors and detects all sorts of malicious files and just plain unwanted programs like adware, dialers, cookies, and keyloggers. The integrated Spy Sweeper is an amazing standalone anti-spyware software that in itself protects from a variety of computer threats. But more than just being on the defense, Webroot AntiVirus with Spy Sweeper also features proactive technology to find malware before it even has the chance to hit the computer.

The software is also ICSA approved, and certified from the West Coast Labs as an effective solution for desktop antivirus, anti-trojan, anti-malware, and antispyware.

\newline

{\bf Norton AntiVirus Review}

Norton AntiVirus 2010 does a great job of balancing system resources, simplicity, and (most importantly) security. The protection level is second to none.

Norton AntiVirus 2010 is a very impressive security solution, offering a complete lineup of robust features and a whole new approach to online security.

Norton's huge (and growing) database of known malware will keep the computer safe from threats. One of the best parts about AntiVirus 2010 is the Norton Insight technology. This feature allows Norton to only scan the files that might be at risk, bypassing the trusted files and files that haven't changed, so the scans don't waste time and run significantly quicker.

\newline

{\bf ESET Nod32 Antivirus Review}

Eset Nod32 Antivirus is a great desktop security solution, complete with effective protection and advanced features. Eset Nod32 is particularly useful for home users looking for a simple security software that they can simply install and let the software do the work for them.

Eset Nod32 integrates email protection to scan email for viruses and other malware. The antivirus software also protects users from auto-running external media (like USB drives) by scanning files when the external medium is plugged in.

Eset Nod32 Antivirus is equipped with the ability to create a bootable disc (or USB drive) in case of emergency. Working with the Microsoft Windows Automated Installation Kit, users will then be able to clean an infected or otherwise un-start-able computer.

\newline

{\bf AVG Anti-Virus Review}

AVG Anti-Virus is fully armed to protect the computer from threats from a number of angles. The software includes antivirus and antispyware protection, as well as complete online protection from harmful sites and downloads.

AVG protects from hackers, phishing scams, adware, and malware that comes through email or IM. AVG even scans outbound email to make sure users don't accidentally pass a virus along to others. And of course the software protects from other forms of malware, including worms, Trojans, and rootkits.

\newline

AVG provides a number of compelling protective measures and security features. However, for those looking for the fastest antivirus, this AVG was one of the slower security solutions tested by AV Comparatives.

\newpage

\begin{figure}[h]

\begin{center}

\includegraphics[width=6in, height=9.0in]{pics_virus/antivirus.jpg}

\caption{Comparison of anti virus tools}

\label{av}

\end{center}

\end{figure}

\clearpage

\section {Conclusion}

There are various types of computer viruses exist in computer world. Newly created viruses come to play in every moment. Most of these viruses can detected by latest antivirus tools. Just need to identify what is the best antivirus tool for users environment.

Viruses can damage valuable data. But if users aware of virus symptoms easily can avoid those situations. So most effective way is the prevention from viruses before they entered into the computer. Everyone can get precautions that need to protect the system beforehand.

Even though virus is entered into the system, then no need to get anxious about that. Using better antivirus tool or getting some quick actions user can control the situation. In worst case, have to restore data or restore system. But "Preventions is better than cure". So precautions are always better things to do, than having a risk.

\newpage

\bibliographystyle{plain}

\begin{thebibliography}{}

\bibitem{1} Chen, T.(2004), {\it The Evolution of Viruses and Worms}, http://vxheavens.com/lib/atc01.html [Accessed: 25 May 2010]

\bibitem{2} Brian,M.(2001), {\it How Computer Viruses Work}, http://www.howstuffworks.com/virus.htm [Accessed: 25 May 2010]

\bibitem{3}Zetter, K. (2000), {\it How it works, Viruses }, http://www.pcworld.com/article/31002/how-it-works-viruses.html [Accessed: 25 May 2010]

\bibitem{4}Amon, L. (2000), {\it How to Identify Computer Virus Symptoms }, http://www.ehow.com/how-4903119-identify-computer-virus-symptoms.html [Accessed: 28 May 2010]

\bibitem{5}SECPOINT , {\it Top 10 Viruses }, http://www.secpoint.com/Top-10-Viruses.html [Accessed: 28 May 2010]

\bibitem{6} Maverick (2009), {\it Most Dangerous Computer Viruses of the Century}, http://www.boddunan.com/computers-a-technology/36-Security/6-most-dangerous-computer-viruses-of-the-century.html [Accessed: 5 June 2010]

\bibitem{7} TopTen Reviews (2010), {\it AntiVirus Software Review}, http://anti-virus-software-review.toptenreviews.com/./ [Accessed: 19 June 2010]

\end{thebibliography}

\end{document}