Wednesday, March 24, 2010

Computer Virus

What is Virus?

Virus is a small piece of software that piggybacks on real programs to interfere with the normal functions of the machine. It has the ability to damage various programs, overwrite and delete files, reformat hard drives and perform other harmful operations. For example, it can attach itself to a spreadsheet program and each time the program runs, the virus will run and reproduce by attaching to other programs. To be a computer virus…

1. It should be able to execute itself by inserting its code in the execution path of another application.

2. It must be able to self replicate by replacing existing files with copies of infected files.

Virus History

Virus started because of the spread of PCs, use of computer bulletin boards, and the use of floppy disk. The first computer virus, “Brain Virus” was created in 1986 by two Pakistani brothers, Amjad and Basit Farooq Alvi. This virus, which spread by floppy disks, was known only to infect boot records and not computer hard drives like most viruses today

What Viruses DON’T do

* Computer viruses cannot infect protected disks or written documents.

* Viruses do not infect compressed files, unless the file was infected prior to the compression.

* Viruses do not infect computer hardware, such as monitors or computer chips; they only infect software.

* Macintosh viruses do not infect DOS / Window computer software and vice versa. For example, the Melissa virus and the ILOVEYOU virus worked only on Windows based machines and could not operate on Macintosh computers.

Virus vs. Worms vs. Trojan Horses

Many people commonly mistake other types of malware, adware, and spyware programs that do not have the reproductive ability as viruses. For example, Trojan horses and worms are programs that are similar to viruses but different.

* Trojan Horses

- It is simply a computer program that claims to do one thing but instead does damage when you run it. For example, it may claim to be a game but erase your hard disk.
- Trojan horses have no way to replicate automatically or spread like a virus.

* Worms:

- Worm is a small piece of software that uses computer networks and security holes to replicate itself from machine to machine. It uses up computer time and network bandwidth when they replicate.

- Unlike a virus, the computer worm does not require a host file in order to propagate itself. It is able to enter a computer through system vulnerabilities and uses those flaws to propagate.

Types of Viruses

1. E-mail Viruses: An email virus travels as an attachment to email messages. It usually replicates itself by automatically mailing itself to dozens of people in the victim’s address book.

2. Boot Sector viruses: It infects diskettes and hard drives and it has ability to hide in boot sector. Boot is the first sector of sectors, smaller sections of disks and hard drives. If you re-boot your computer while the infected disk is in the drive, your hard drive and diskettes can become infected. They were spread when floppy disk was popular since many of them can only spread through floppy disks.

3. Program viruses: It makes copies and will infect other programs on the computer such as .BIN, .COM, .EXE, .OVL, .DRV.

4. Multipartite: It is a hybrid of Boot Sector and Program viruses that infects program files and when the infected program is active, it will affect the boot record. Therefore, the next time you start your computer, it will infect your local drive and other programs

* Some other computer viruses include Macro, Stealth, Active X and Java Control, Polymorphic, Companion, Encrypted, Logic Bomb, Non/Resident viruses.

How to prevent viruses

There are few ways to prevent viruses. You can use more secure operating system like UNIX. Microsoft software is targeted by virus because of their desktop dominance and is criticized for having many errors and holes for viruses. That is why there are relatively few security exploits targeting Mac OS X and is a safer operating system.

Another way is to buy virus protection software. Anti-virus software such as McAfee, Symantec, Kapersky is recommended to keep viruses away from your system and to eradicate them as well. These software include sophisticated scanners that do a quick search of your entire system and detect malicious content from viruses to spyware.

In order for a virus to be effective, there needs to be some action on the user’s part. Therefore, you should avoid programs from unknown sources, but use commercial software purchased on CDs instead. Also, you should never double-click on an unknown email attachment that contains an executable file such as .EXE, .COM, .VBS, and even .JPG. In addition, you should enable Macro Virus Protection in all Microsoft applications which help to prevent many of the email viruses.

Examples of Viruses

* Melissa virus: This virus took advantage of programming language built into Microsoft Word called VBA (Visual Basic for Applications), which uses auto-execute feature. So anyone who downloaded and opened the Word document on the Internet newsgroup triggered the virus. The virus sent the infected documents to first 50 people in the address book which forced Microsoft and other very large companies to completely turn off their email systems until the virus could be contained in March 1999.

* ILOVEYOU virus: Created in the Philippines on May 4, 2000, the virus was sent through email and spread around the world in one day infecting 10 percent of computers connected to the Internet, causing $ 5.5 billion dollars in damage. Anyone who double-clicked on the attachment on the email launched the code and sent copies to everyone in the address book and start corrupting files on the victim’s machine. It was more like Trojan horse distributed by email.

* Code Red: Launched in 2001, it targeted Windows’ IIS servers. It could clog the Internet so effectively that things would completely grind to a halt. It replicated itself for the first 20 days of each month and replaced web pages on infected servers with a page featuring the message “Hacked by Chinese”.

* Slammer worm: In January 2003, it used a hole in Microsoft’s SQL server to infect users.

http://www.howstuffworks.com/virus.htm

http://en.wikipedia.org/wiki/Computer_virus

http://www.newton.dep.anl.gov/teachers/compvir.htm

1 comment:

  1. C2Logix offers routing software to plan, maintain and manage your best routes. the positioning has targeted technology to resolve your specific needs.
    Visit

    ReplyDelete