Download
1 / 12
3.3k likes | 7.22k Views
Computer Virus. What is a Computer Virus? A computer virus is a parasitic program that infects another legitimate program, which is sometimes called the host. To infect the host program, the virus modifies the host to store a copy of the virus.
E N D
Computer Virus What is a Computer Virus? A computer virus is a parasitic program that infects another legitimate program, which is sometimes called the host. To infect the host program, the virus modifies the host to store a copy of the virus. Many viruses are programmed to do harm once they infect the victim’s system. To qualify as a virus, a program must be able to replicate (make copies of itself). This can mean copying itself to different places on the same computer or looking for ways to reach other computers, such as by infecting disks or traveling across networks.
Viruses can be programmed to replicate and travel in many ways: • Receiving an infected file attached to an e-mail message. E-mail has become the single most common method for spreading viruses, especially so many people use the Internet to exchange messages and files. • Downloading an infected file to your computer across a network, an online service or the Internet. Unless you have anti-virus software that inspects each incoming file for viruses, you probably will not know if you have downloaded an infected file. • Receiving an infected disk (a diskette, a pen (thumb) drive or a CD created by someone with a CD-R drive) from another user. In this case the virus could be stored in the boot sector of the disk or in an executable file (program) on the disk. • Copying to your disk a document file that is infected with a macro virus. An infected document might be copied from another disk or received as an attachment to an e-mail message.
What Can a Virus do? • The majority of computer virus are relatively harmless; their purpose is to annoy their victims rater than to cause specific damage. Such viruses are described as benign. • Other viruses are indeed malicious, and they can do great damage to a computer system if permitted to run.
Viruses can be programmed to do many kinds of harm including the following: • Copy themselves to other programs or areas of a disk. • Replicate as rapidly and frequently as possible, filling up the infected system’s disks and memory, rendering the system useless. • Display information on the screen. • Modify, corrupt, or destroy selected files. • Erase the contents of entire disks. • Lie dormant for a specified time or until a given condition is met, and then become active.
Open a ‘back door’ to the infected system that allows someone else to access and even take control of the system through a network or Internet connection. • This type of virus may actually be a type of program called a ‘Trojan Horse’ and can be used to turn an infected system into a ‘zombie’ which the virus’s author can use to attack other systems. • By using viruses to create a large number of zombie systems, the author can use the zombies to send thousands of requests to a specific Web server, effectively shutting it down. • Such an attack is sometimes called a ‘denial of service (DOS) attack’ or a ‘distributed denial of service (DDOS) attack’ because it prevents the server from providing service to users.
Categories of Viruses Some specific categories of viruses include the following: • Bimodal, Bipartite or Multipartite Viruses - This type of virus can infect both files and the boot sector of a disk. • Bombs – two most prevalent types of bombs are time bombs and logic bombs. Time bombs hides on the victim’s disk and waits until a specific date (or date and time) before activating. A logic bomb may be activated by a date, a change to a file or a particular action taken by a user or a program. • Boot Sector Viruses – is regarded as one of the most hostile types of virus. It infects the boot sector of a hard disk or floppy disk which stores essential files the computer accesses during startup. The virus moves the boot sector’s data to a different location and when the computer is started, it copies itself into memory where it can hide and infect other disks.
Categories of Viruses .. /cont’d • Cluster Viruses – This type of virus changes to a disk’s file system. If any program is run from the infected disk, the program causes the virus to run as well. This technique creates the illusion that the virus has infected every program on the disk. • E-mail Viruses – can be transmitted via e-mail messages sent across private networks or the Internet. Some e-mail viruses are transmitted as an infected attachment – a document file or program that is attached to the message.
File-Infecting Viruses – infects program files on a disk (such as .exe or .com files). When an infected files is launched, the virus’s code is also executed. • Joke Programs – are not viruses and do not inflict any damage. Their purpose is to frighten their victims into thinking that a virus has infected and damaged their system. • Macro Viruses – is designed to infect a specific type of document file, such as Microsoft Word or Excel files. These documents can include macros, which are small programs that execute commands. A macro virus, disguised as a macro, is embedded in a document file and can do various levels of damage to data, from corrupting documents to deleting data.
Polymorphic, Self-Garbling, Self-Encrypting or Self-Changing Viruses – This type of virus can change itself each time it is copied, making it difficult to isolate. • Stealth Viruses – take up residence in the computer’s memory making them hard to detect. They can also conceal changes they make to other files, hiding the damage form the user and the operating system. • Trojan Horse – is a malicious program that appears to be friendly. They do not make duplicates of themselves on the victim’s disk but are often used by hackers to create a ‘back door’ to an infected system. • Worms – is a program whose purpose is to duplicate itself. An effective work will fill entire disk with copies of itself and will take up as much space as possible in the host system’s memory. An entire LAN or corporate e-mail system can become totally clogged with copies of a work, rendering it useless.
Preventing Infection • Safeguarding a system against viruses is not difficult if you have little knowledge and some utility software. • Start by being aware that viruses can come from many sources – even sources you trust. • For example, an e-mail virus may arrive in your inbox disguised as a message from a friend or colleague because it has already infected that person’s computer. • Even programs purchased in shrink-wrapped packages from reputable stores have been known to harbour viruses on rare occasions.
Checking for viruses requires antivirus software which scans your computer’s memory and disks for known viruses and eradicates them. Some popular antivirus programs include: • McAfee VirusScan • Norton Antivirus • Virex • PC-Cillin • Avast! • Symantex • You must make sure that you understand all the program’s options and set them to give you maximum protection. Once the program is in place, scan your computer’s disk at least once every week to check for viruses. Your program may include a scheduling function that can automate disk scanning for you.
As a Reminder • Because new viruses are being released almost daily, no antivirus can offer absolute protection against them all the time. • Many antivirus software vendors allow users to download updated virus definition or virus pattern to their programs on the Internet. • It is also good to stay up-to-date on the latest news about viruses. • The newest generation antivirus programs can find, download, and install updated virus definition by themselves, automatically whenever your computer is connected to the Internet.
