A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.
Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
History
In 1983, Fred Cohen coined the term “computer virus”, postulating a virus was “a program that can ‘infect’ other programs by modifying them to include a possibly evolved copy of itself.” The term virus is actually an acronym for Vital Information Resources Under Seize. Mr. Cohen expanded his definition a year later in his 1984 paper, “A Computer Virus”, noting that “a virus can spread throughout a computer system or network using the authorizations of every user using it to infect their programs. Every program that gets infected may also act as a virus and thus the infection grows.” Computer viruses, as we know them now, originated in 1986 with the creation of Brain – the first virus for personal computers. Two brothers wrote it (Basid and Farooq Alvi who ran a small software house in Lahore, Pakistan) and started the race between viruses and anti-virus programs which still goes on today. (http://www.ffbx.net/virus-en/computer-virus.html)
As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, even those that do not have the reproductive ability. Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.
Viruses have targeted various types of transmission media or hosts. This list is not exhaustive:
- Binary executable files (such as COM files and EXE files in MS-DOS, Portable Executable files in Microsoft Windows, the Mach-O format in OSX, and ELF files in Linux)
- Volume Boot Records of floppy disks and hard disk partitions
- The master boot record (MBR) of a hard disk
- General-purpose script files (such as batch files in MS-DOS and Microsoft Windows, VBScript files, and shell script files on Unix-like platforms).
- Application-specific script files (such as Telix-scripts)
- System specific autorun script files (such as Autorun.inf file needed by Windows to automatically run software stored on USB Memory Storage Devices).
- Documents that can contain macros (such as Microsoft Word documents, Microsoft ExcelAmiPro documents, and Microsoft Access database files) spreadsheets,
- Cross-site scripting vulnerabilities in web applications (see XSS Worm)
- Arbitrary computer files. An exploitable buffer overflow, format string, race condition or other exploitable bug in a program which reads the file could be used to trigger the execution of code hidden within it. Most bugs of this type can be made more difficult to exploit in computer architectures with protection features such as an execute disable bitaddress space layout randomization.
Methods to avoid detection
In order to avoid detection by users, some viruses employ different kinds of deception. Some old viruses, especially on the MS-DOS platform, make sure that the "last modified" date of a host file stays the same when the file is infected by the virus. This approach does not fool anti-virus software, however, especially those which maintain and date Cyclic redundancy checks on file changes.
Some viruses can infect files without increasing their sizes or damaging the files. They accomplish this by overwriting unused areas of executable files. These are called cavity viruses. For example, the CIH virus, or Chernobyl Virus, infects Portable Executable files. Because those files have many empty gaps, the virus, which was 1 KB in length, did not add to the size of the file.
Some viruses try to avoid detection by killing the tasks associated with antivirus software before it can detect them.
As computers and operating systems grow larger and more complex, old hiding techniques need to be updated or replaced. Defending a computer against viruses may demand that a file system migrate towards detailed and explicit permission for every kind of file access.
To aid the fight against computer viruses and other types of malicious software, many security advisory organizations and developers of anti-virus software compile and publish lists of viruses.
The compilation of a unified list of viruses is made difficult because of naming. When a new virus appears, the rush begins to identify and understand it as well as develop appropriate counter-measures to stop its propagation. Along the way, a name is attached to the virus. As the developers of anti-virus software compete partly based on how quickly they react to the new threat, they usually study and name the viruses independently. By the time the virus is identified, many names denote the same virus.(http://en.wikipedia.org/wiki/List_of_computer_viruses)
Tips & Warnings
- If you think your computer was affected with an e-mail virus that mails itself to people in your e-mail address book, contact those people and tell them not to open the messages or attachments.
- Web based email usually has built in virus scanning so viruses never reach your machine.
- Generally, deleting the file that caused the virus isn't sufficient to eliminate the problem, since many viruses can create new files or corrupt existing files. Your best bet is to use anti-virus software or specific online instructions.
- Avoid sending out any e-mails until you have properly eliminated the virus. Many viruses can attach themselves to outgoing messages without your knowledge, causing you to unwittingly infect the computers of your friends and colleagues. (http://www.ehow.com/how_11818_rid-computer-virus.html)
If a virus has found its way to your computer then you know it is a frustrating ordeal. The viruses of today can be hazardous to your computer and can even steal your identity and wreck your credit rating, in addition to simply messing with other important things on your computer. You should always keep updated virus protection software and if you haven’t purchased any before, you will for sure after you have had the virus removed from your computer. (http://www.articlesbase.com/hardware-articles/computer-virus-1394496.html)
No comments:
Post a Comment