VIRUS
WHAT
IS A COMPUTER VIRUS
A virus is a program
that is hidden within another program to cause harmful effect on the host
program. It does this by spreading it self on uninfected programs.
The Creeper
virus was first detected on ARPANET, the forerunner of the Internet, in the early 1970s. Creeper
was an experimental self-replicating program written by Bob Thomas at BBN Technologies in 1971. Creeper
used the ARPANET to infect DEC PDP-10computers running the TENEX
operating system. Creeper gained access via the ARPANET
and copied itself to the remote system where the message, "I'm the
creeper, catch me if you can!" was displayed. The Reaper program was created to delete Creeper.
In fiction, the 1973 Michael Crichton movie Westworld made an early mention of the concept
of a computer virus, being a central plot theme that causes androids to run
amok. Alan Oppenheimer's character
summarizes the problem by stating that "...there's a clear pattern here
which suggests an analogy to an infectious disease process, spreading from
one...area to the next." To which the replies are stated: "Perhaps
there are superficial similarities to disease" and, "I must confess I
find it difficult to belief in a disease of machinery. (Crichton's earlier work, the 1969
novel The Andromeda
Strain and 1971
film were about a biological virus-like disease that
threatened the human race.)
Vulnerability of different operating systems to viruses
The vast majority of viruses target
systems running Microsoft Windows. This is due to Microsoft's large
market share of desktop users. The diversity of software systems on a network
limits the destructive potential of viruses and malware. Open-source operating
systems such as Linux allow users to choose from a variety of desktop
environments, packaging tools, etc., which means that malicious code
targeting any of these systems will only affect a subset of all users. Many
Windows users are running the same set of applications, enabling viruses to
rapidly spread among Microsoft Windows systems by targeting the same exploits
on large numbers of hosts.
Only a few major viruses have hit
Macs in the last years. The difference in virus vulnerability between Macs and
Windows is a chief selling point, one that Apple uses in their Get A Mac advertising.
While Linux and Unix in general have
always natively prevented normal users from making changes to the operating
system environment without permission, Windows users are generally not
prevented from making these changes, meaning that viruses can easily gain
control of the entire system on Windows hosts. This difference has continued
partly due to the widespread use of administrator accounts in contemporary
versions like XP. In 1997, researchers created and released a virus for
Linux—known as "Bliss". Bliss, however, requires that the user run it
explicitly, and it can only infect programs that the user has the access to
modify. Unlike Windows users, most Unix users do not log in as an
administrator, or root user, except to install or configure software; as a result, even if
a user ran the virus, it could not harm their operating system. The Bliss virus
never became widespread, and remains chiefly a research curiosity. Its creator
later posted the source code to Usenet, allowing researchers to see how it
worked.
Infection targets and replication techniques
Computer viruses infect a variety of
different subsystems on their hosts. One manner of classifying viruses is to
analyze whether they reside in binary
executables (such as.EXE or .COM files), data files (such as Microsoft
Word documents or PDF
files), or in the boot
sector of the host's hard
drive (or some combination of all of these).
Resident vs. non-resident viruses
A memory-resident
virus (or simply
"resident virus") installs itself as part of the operating system
when executed, after which it remains in RAM from the time the computer is booted up to when it is
shut down. Resident viruses overwrite interrupt
handling code or other functions, and when the operating system attempts to access the
target file or disk sector, the virus code intercepts the request and redirects
the control flow to the replication module, infecting the target. In
contrast, a non-memory-resident
virus (or "non-resident
virus"), when executed, scans the disk for targets, infects them, and then
exits (i.e. it does not remain in memory after it is done executing)
Macro viruses
Many common applications, such as Microsoft Outlook and Microsoft Word, allow macro programs to be embedded in documents or emails, so that
the programs may be run automatically when the document is opened. A macro virus (or "document virus") is a
virus that is written in a macro language, and embedded into these documents so
that when users open the file, the virus code is executed, and can infect the
user's computer. This is one of the reasons that it is dangerous to open
unexpected attachments in e-mails
Boot sector viruses
Boot sector viruses specifically target the boot
sector/Master Boot Record (MBR) of the host's hard
drive or removable storage media (flash drives, floppy
disks, etc.)
A
TYPICAL VIRUS PERFORMS TWO FUNCTIONS:
(1) Copy
itself to precisely uninfected program.
(2) It
executes whatever other instruction the virus author include in it
MODE
OF TRANSMISSION
1.
Through copying of pirated software
from one system to another
2.
Through diskette transmission from
already infected diskette.
EFFECT
OF VIRUS
The damage causes by
virus are usually measured by the amount of time it takes to bring back the
computer system into normal operation.
REMOVAL
OF VIRUS
VIRUS
REMOVING PROGRAM
Antivirus are used to
remove viruses from computer, some example of anti-virus includes:
1.
Norton
2.
Doctor Solomon
3.
Avast
4.
Eset NOD 32
5.
Kapersky etc
إرسال تعليق