Click to zoom in on my visitor map!
Create your free world visitor maps

Tuesday, December 12, 2006

Computer Virus

A computer virus is a computer program written to alter the way a computer operates, without the permission or knowledge of the user. Though the term is commonly used to refer to a range of malware, a true virus must replicate itself, and must execute itself. The latter criteria are often met by a virus which replaces existing executable files with a virus-infected copy. While viruses can be intentionally destructive—destroying data, for example—some viruses are benign or merely annoying.

A computer virus will pass from one computer to another like a real life biological virus passes from person to person. For example, it is estimated by experts that the [Mydoom] worm infected a quarter-million computers in a single day in January 2004. Another example is the ILOVEYOU virus, which occurred in 2000 and had a similar effect. It stole most of its operating style from Melissa. There are tens of thousands of viruses out there, and new ones are discovered every day. It is difficult to come up with a generic explanation of how viruses work, since they all have variations in the way they infect or the way they spread. So instead, we’ve taken some broad categories that are commonly used to describe various types of virus.

File viruses are pieces of code that attach themselves to executable files, driver files or compressed files, and are activated when the host program is run. After activation, the virus may spread itself by attaching itself to other programs in the system, and also carry out the malevolent activity it was programmed for.
File viruses spread by loading themselves in system memory and looking for any other programs located on the drive. If it finds one, it modifies the program’s code so that it contains and activates the virus the next time it’s run. It keeps doing this over and over until it spreads across the system, and possibly to other systems that the infected program may be shared with. Besides spreading themselves, these viruses also carry some type of destructive constituent that can be activated immediately or by a particular ‘trigger’. The trigger could be a specific date, or the number of times the virus has been replicated, or anything equally trivial. Some examples of file viruses are Randex, Meve and MrKlunky.

A boot sector virus affects the boot sector of a hard disk, which is a very crucial part. The boot sector is where all information about the drive is stored, along with a program that makes it possible for the operating system to boot up. By inserting its code into the boot sector, a virus guarantees that it loads into memory during every boot sequence. A boot virus does not affect files; instead, it affects the disks that contain them. Perhaps this is the reason for their downfall. During the days when programs were carried around on floppies, the boot sector viruses used to spread like wildfire. However, with the CD-ROM revolution, it became impossible to infect pre-written data on a CD, which eventually stopped such viruses from spreading. Though boot viruses still exist, they are rare compared to new-age malicious software. Another reason why they’re not so prevalent is that operating systems today protect the boot sector, which makes it difficult for them to thrive. Examples of boot viruses are Polyboot.B and AntiEXE.

Multipartite viruses are a combination of boot sector viruses and file viruses. These viruses come in through infected media and reside in memory. They then move on to the boot sector of the hard drive. From there, the virus infects executable files on the hard drive and spreads across the system. There aren’t too many multipartite viruses in existence today, but in their heyday, they accounted for some major problems due to their capacity to combine different infection techniques. A significantly famous multipartite virus is Ywinz. Macro Viruses infect files that are created using certain applications or programs that contain macros. These include Microsoft Office documents such as Word documents, Excel spreadsheets, PowerPoint presentations, Access databases, and other similar application files such as Corel Draw, AmiPro, etc. Since macro viruses are written in the language of the application, and not in that of the operating system, they are known to be platform-independent—they can spread between Windows, Mac, and any other system, so long as they’re running the required application.With the ever-increasing capabilities of macro languages in applications, and the possibility of infections spreading over net-works, these viruses are major threats. The first macro virus was written for Microsoft Word and was discovered back in August 1995. Today, there are thousands of macro viruses in existence—some examples are Relax, Melissa.A and Bablas.

Network viruses is proficient in quickly spreading across a Local Area Network (LAN) or even over the Internet. Usually, it propagates through shared resources, such as shared drives and folders. Once it infects a new system, it searches for potential targets by searching the network for other vulnerable systems. Once a new vulnerable system is found, the network virus infects the other system, and thus spreads over the network. Some of the most notorious network viruses are Nimda and SQLSlammer. E-mail Viruses An e-mail virus could be a form of a macro virus that spreads itself to all the contacts located in the host’s email address book. If any of the e-mail recipients open the attachment of the infected mail, It spreads to the new host’s address book contacts, and then proceeds to send itself to all those contacts as well. These days, e-mail viruses can infect hosts even if the infected e-mail is previewed in a mail client. There are many ways in which a virus can infect or stay dormant on your PC. However, whether active or dormant, it’s dangerous to let one loose on your system, and should be dealt with immediately.

Earlier, the only way a computer was at risk was when you inserted an infected floppy. With the new age of technology, every computer is interconnected to the rest of the world at some point or the other, so it’s difficult to pinpoint the source and/or time of the infection. As if that weren’t bad enough, new-age computing has also brought about a new breed of malicious software. Today, the term ‘virus’ has become a generic term used for all the different ways that your computer can be attacked by malicious software. Besides the type of viruses we mentioned here’s a look at some of the newer problems we face today.

From : Wikipedia

0 Comments:

Post a Comment

Subscribe to Post Comments [Atom]

<< Home