In general sense, computer virus is a program that can copy itself and infect a computer without the permission or knowledge of the user. During the inception of computer virus, it was quite harmless; but with the passage of time it has become a matter of prime concern to the computer users worldwide. Throughout the passage of time, computer industry has passed across many viruses. For this reason a classification of virus became inevitable. There are a number of means by which computer viruses can infect a machine and carry on their activities even without alerting the user. Hopefully, there are a lot of preventive measures which can be undertaken. There are quite a handful number of antivirus software which can be used for detection and removal of computer virus. But it is also true that prevention is better than cure, which is why only using antivirus software might not always prove to be fruitful. For this reason the computer users should always remain careful and follow some standard precautions. It is an established fact that day by day computer viruses are becoming more and more dangerous; but there are various ways of getting relief from this crisis. Therefore, no matter how much advanced computer viruses become, it is almost certain that there will be ways to fight back these viruses.
... of Computer Viruses are: File Viruses, Boot Sector/Partition Viruses, Multi-Partite Viruses, Trojan Horses, File Overwriters, Polymorphic viruses, and Stealth Viruses. A File Virus is ... . One of the most common places for a computer virus to appear is on a file found on the ... user know that there is a problem because the software will not run. Because these viruses are immediately sensed by the computer ...
With the increase in use of internet in the late 1990’s; computer viruses became an aspect of prime concern to the computer users worldwide. Because of their ability to cause damage and disruption, the anxiety regarding computer viruses is still on the rise among the computer users. A virus is a parasitic program that infects another legitimate program, which is sometimes called the host. To infect the host program, the virus modifies the host to store a copy of the virus. Computer viruses alone have accounted for billions of dollars in downtime and lost data in the past few years. It is a known fact that there are a number of preventive measures against computer virus, but it is also true that new viruses are coming into existence quite frequently; for this reason it is a must to stay up-to-date on the context of computer virus. Experts predict that there will be a substantial outbreak of muck more well defined computer viruses in the days to come.
Computer Virus: What is it?
A virus can be designed to do various kinds of damage. But ability to do damage is not what defines a virus. To qualify as a virus, a program must be able to replicate (make copies of) itself. This can mean copying itself to different places on the same computer or looking for ways to reach other computers, such as by infecting disks or traveling across networks.
History of Computer viruses:
John von Neumann – the brilliant mathematician who helped bring us nuclear energy, game theory and quantum theory’s operating mechanics – theorized about the existence of computer viruses as early 1944. One of the first viruses in history came over 20 years after von Neumann’s talks, and was called “Creeper.” This program managed to crawl its way around computer networks in the early 60′s via the ARPANET, an early precursor to the Internet. Basically it was a harmless virus which did nothing much than showing a message. By 1974 a number of harmful viruses were unleashed; such as “Wabit”. “Wabit” was a virus that would replicate itself again and again until all system resources of a machine were utilized, crashing the machine entirely. In 1982 Rich Skrenta, a 15 year old high school student created a virus named “Elk cloner”. Though he termed this as a practical joke, it actually provided a new concept on the activities of a virus. By the year 1995 majority of computer users were using Microsoft Windows, which made computers accessible to a larger number of people than ever before, but also created a mono-culture in which viruses spread very quickly. Present day’s viruses tend to be much more hostile and it seems this trend will go on for the days to come. Fortunately many antivirus software are being made to fight these viruses, giving the computer users a bit of relief from time to time.
... MS Encarta 98, Virus [computer], History) "A macro language virus controls the functions of a legitimate program. It can infect any computer or operating system that ... the Internet or a network. The major threat to computer users these days however, and since there introduction in 1995 ... sector of a floppy disk. If the infected floppy was used as a boot disk, it then infected the master boot record. ...
Common Means of Expansion of Virus:
Some common ways by which a virus can propagate are described below:
Receiving an infected file attached to an e-mail message, or a virus hidden within the message itself can cause the machine being used to get infected. E-mail has become the single most common method for spreading viruses, especially now that so many people use the internet to exchange messages and files. Viruses can also be spread through online chat rooms and instant messenger programs.
A virus can be picked up by downloading an infected file to the computer across a network, an online service, or the internet. Unless there is antivirus software installed in the computer, the user probably will not know if he has downloaded an infected file.
Receiving an infected disk (a diskette, a CD created by someone with a CD-R drive, a high-capacity floppy disk, and so on) from another user might infect the computer in use.
A computer might get infected if a document file containing a macro virus is copied to a hard disk of the computer. An infected document might be copied from another disk or received as an attachment to an e-mail message.
Abilities of a virus:
Though a number of computer viruses are existent at present, most of their purpose is to annoy their victims rather than to cause specific damage. Such viruses are termed as benign. Other viruses are indeed malicious, and they can do great damage to a computer system if permitted to run. Viruses can be programmed to perform the following activities:
... written in macro language of specific computer programs, such as Word or Excel. These viruses infect files when a program document is accessed, or triggered by ... horse virus, a macro virus, a memory resident virus, a stealth virus, or a polymorphic virus. A boot sector virus replaces the startup code on a disk ...
Copy themselves to other programs or areas of a disk.
Replicate as rapidly and frequently as possible, filling up the infected system’s disks and memory, rendering the system useless.
Display user’s private information on the screen.
Modify, corrupt, or destroy selected files.
Erase the contents of disks.
Lie dormant for a specific time or until a give condition is met, and then become active.
Open a “back door” to the infected system that allows someone else to access and even take control of the system through a network or internet connection.
Classification of Viruses:
Viruses can be categorized as follows:
Bimodal, bipartite, or multipartite viruses: This type of virus can infect both files and the boot sector of a disk.
Bombs: The two most common types of bombs are time bombs and logic bombs. A time bomb hides on the victim’s disk and waits until a specific date or time before running. A logic bomb may be activated by a date, a change to a file, or a particular action taken by a user or a program.
Boot sector viruses: This kind of virus is regarded as the most hostile virus. The boot sector of the disk stores essential files the computer accesses during start-up. The virus allows the actual boot sector data to be read as though a normal start-up were occurring; but in the meantime the virus copies itself into memory where it can hide and infect other disks.
Cluster viruses: This type of virus creates an illusion that the virus has infected every program on the disk, but in reality the same virus is run every time a program is run from the same disk.
E-mail viruses: E-mail viruses can be transmitted via e-mail messages sent across private networks or the internet. Some e-mail viruses are transmitted as an infected attachment-a document file or program that is attached for the message.
File-infecting viruses: This type of virus infects program files on a disk, such as .exe file.
Joke programs: From a strict technical point of view, these are not really viruses; rather these are programs which make the user believe that the system has been infected by a virus.
... . Workload Management: Allocates work assignments and routes alerts between system users. Application Processing: Accepts entry of an application for risk ... by your decision makers. BIAS works with a variety of computer environments, including IBM Mainframe, UNIX, OS/2, PC, ... realize are already available in our existing system. In other cases, our users may simply need more training on effective ...
Macro viruses: A macro virus is designed to infect a special type of document file, such as MS word or MS excel. These documents can include macros, which are small programs that execute commands. A macro virus, disguised as a macro, is embedded in a document file and can do various levels of damage to data, from corrupting documents to deleting data.
Polymorphic, self-garbling, or self-changing viruses: This type of virus can change itself each time it is copied, making it difficult to isolate.
Stealth viruses: These viruses take up residence in the computer’s memory, making them hard to detect. They also can conceal changes they make to other files, hiding the damage from the user and the operating system.
Trojan Horses and worms: A Trojan Horse is a malicious program that appears friendly. It can cause harm, but it cannot replicate; that is why there are contradictory opinions on the fact whether it is a virus or not. A worm is a program whose purpose is to duplicate itself. An effective worm will fill entire disks with copies of it and will take up as much space as possible in the host system’s memory.
Some dangerous computer viruses of the 21st century:
Here is a list of a few computer viruses which has been causing great suffering to the users since their inception:
Code red worm (2001): The damages caused by the Code Red computer virus were estimated at a total of $2 billion. Code Red was developed to use the power of all computers it infected against the official website of the White House at a predetermined date.
Nimda (2001): Shortly after the September 11 tragedy this computer virus infected hundreds of thousands of computers worldwide. Nimda was considered to be one of the most complicated viruses, having up to 5 different methods of infecting computers systems and duplicating itself.
SQL slammer (2003): SQL Slammer, also known as Sapphire, was launched on January 25, 2003. It was a worm that had a noticeable negative impact upon global Internet traffic. Interestingly enough, it didn’t seek out end users’ PCs. Instead, the target was servers.
Blaster (2003): Transmitted via network and Internet traffic, this worm exploited vulnerability in Windows 2000 and Windows XP, and when activated, presented the PC user with a menacing dialog box indicating that a system shutdown was imminent.
... a firewall should be established to prevent unauthorized users from accessing the computer system. The range of the wireless network varies depending on ... access the internet one computer needs to be configured as a bridge to the wired LAN using software.This is also referred ... to as "bridging." In networking access point the computer would act like a ...
Sobig.F (2003): The virus infected host computers via innocuously named e-mail attachments such as application.pif and thank_you.pif. When activated, this worm transmitted itself to e-mail addresses discovered on a host of local file types. The end result was massive amounts of Internet traffic.
Bagle (2004): Bagle, a classic but sophisticated worm, made its debut on January 18, 2004. The malicious code infected users’ systems via the traditional mechanism — an e-mail attachment — and then scoured Windows files for e-mail addresses it could use to replicate itself. The real danger of Bagle (a.k.a. Beagle) and its 60 to 100 variants is that, when the worm infects a PC, it opens a back door to a TCP port that can be used by remote users and applications to access data — financial, personal, anything — on the infected system.
Sasser (2004): Sasser began spreading on April 30, 2004, and was destructive enough to shut down the satellite communications for some French news agencies. It also resulted in the cancellation of several Delta airline flights and the shutdown of numerous companies’ systems worldwide.
Downandup (2009): The latest and most dangerous virus is the “Downadup” worm, which was also called “Conficker”. The computer security company F-Secure stated that the computer virus has infected 3.5 million computers worldwide. This malicious program was able to spread using a patched Windows flaw. Downadup was successful in spreading across the Web due to the fact that it used a flaw that Microsoft patched in October in order to distantly compromise computers that ran unpatched versions of Microsoft’s operating system.
A system can be safeguarded quite successfully with the help of a few basic knowledge and utility software, these are described below:
Self-awareness: Virus can come from various sources, even from trusted ones. Therefore a user should scan every e-mail message before reading it or downloading attachments from it. Any temporary drive such as flash drive or portable hard disk should be scanned immediately after insertion.
Using antivirus software: Using antivirus software is a more or less effective way to prevent computer viruses. Generally there are two types of software, one free and another licensed. Free version is quite enough for PC’s used for domestic purposes, but a licensed version should be used in case of wider range of interaction.
... publishing it on the web. AppleShare IP software enhances workgroup productivity with an integrated suite of ... advanced users. At work, theres no better way to get the most of your Macintosh computer and ... displays, it receives its data digitally from the computer, preserving the highest quality image. Mac OS ... half the processor speed, and a 100MHz system bus supporting up to 800-megabytes-per-second ...
Updating virus definition: As quite a large number of viruses are being developed from time to time, it is essential that the virus definition of the antivirus software be updated frequently. In most of the cases this can be done free of cost from the main site of the software company.
Scheduling whole computer scan: It is a good practice to perform a thorough scan of the computer from time to time. Sometimes the antivirus program cannot detect a virus during infection; during these cases a scan initiated by the user can be highly effective.
Prominent antivirus software:
There is quite a considerable number of antivirus software available at present. Some popular antivirus programs include the following:
Besides these there are software which specialize in scanning portable devices. Most of the above programs are available both in free and licensed version.
Methods to recover from infection:
Once a computer has been infected by a virus, it is better to discontinue using the same computer without completely reinstalling the operating system. However, there are a number of recovery options that exist after a computer has a virus. These actions depend on severity of the type of virus. One possibility on Windows Me, Windows XP, Windows Vista and Windows 7 is a tool known as System Restore, which restores the registry and critical system files to a previous checkpoint. Backup of important data should be made beforehand so that the drive containing the operating system can be formatted if needed. The same is applicable for portable devices.
In the early days viruses were written for fun. Today viruses don’t seem that fun, particularly to someone with corrupted data. Viruses may seem like major problems for individual computer users. For corporations, however, viruses can be devastating in terms of lost data and productivity. Most of the expenses come from the time and effort required to locate and remove viruses, restore systems, rebuild lost or corrupted data, and ensure against future attacks. But companies also lose valuable work time, as workers sit idle; unable to use their computers. Considering the above circumstances, it has become vital for computer users of all level that they have a clear concept about viruses and their preventive measures.
Computer users should have a clear idea on computer viruses. The modern day viruses are so critical that some of them can’t even be recognized easily. Without an insight on computer virus it won’t be possible for users to fight against it.
The programmers who create viruses do so keeping an ulterior motive in their mind, mostly to take control of other user’s PC. Actually it is not possible to change their mentality overnight, so antivirus software developers should think ahead what type of steps might be taken by authors of viruses.
As the anxiety regarding computer viruses is increasing day by day, the awareness among the computer users should be built up. The spread of computer viruses can be prevented mostly by making the users conscious about malicious programs.
It has been seen that open source operating systems do not get infected by viruses that easily. Besides this there are few other benefits using these operating systems. So a trend of using open source operating system can be set up to fight the spread of computer viruses for the time being.