Whilst a biological virus may cause you sneezing, its computer counterpart may render sneaking in your personal details. If you discover some gradual or sudden loss of data on your hard drives, don’t wait for a hardware breakdown for counteraction, you may be under a virus attack; a computer virus attack. 
A Computer Virus is a malware or a malicious automated code whichreplicates itself from one computer to another and infects the operation of the machine. It is a small program which spreads by attaching itself (or forcefully by its designers) to executable files or documents present on the computer system.
A Computer Virus is a malware or a malicious automated code whichreplicates itself from one computer to another and infects the operation of the machine. It is a small program which spreads by attaching itself (or forcefully by its designers) to executable files or documents present on the computer system.
Viruses are designed to be attached to files that have some programming capability. Such files are usually the executable files, for example files with extension .exe. Hence this advantage follows: A computer virus does not infect or target a machine unless the file it is attached to, gets executed by the user. So the good news is that it does not exploit the vulnerabilities in a system automatically. Besides computer virus, there are other types of malicious code like Trojans, worms, spyware, keyloggers and rootkits which are equally threatening but vary from virus in their dynamics. Read more about how computer virus works
In Retrospect:
The theory of self-replicating programs was first discovered by John Von Neumann; a Hungarian scientist in 1949. But it was only a proposed rhetoric and no evidence of violating virus was actually found till then. The first ever virus; Creeper Virus was detected on ARPANET (the then internet) in the early 1970s. It was written by Bob Thomas at BBN Technologies in 1971. However the violating PC viruses came into force with the spread of personal computers in 1980s. With the popularity of IBM PC (released in 1982) and APPLE Macintosh (released in 1984), real computers came into the market and hence came the epidemic of computer viruses like Brain, Vienna, Cascade etc. There was sudden drop-down of letters from the display, the computer would start playing some anonymous hymns, the boot sector of a floppy disc would be replaced by a copy of the virus or even the speed of the floppy disc drive would slow down.
Early viruses were pieces of small code attached to legitimate large files like popular games and word processor. Whenever the user runs these legitimate programs the virus loads itself into the memory. There it modifies other programs on the disc and add the virus’s code into the program.
Types of Computer Virus
Viruses are designed for various intents. It might corrupt or destroy data on your computer, use an email program to spread itself to other computers on your network or may even affect the boot sector. Broadly, computer viruses can be divided into two categories;
Compiled Viruses: It is that kind of a virus whose code is converted by the compiler into a format which can be directly executed by an operating system.
Interpreted Viruses: These are the more prevalent type of virus. Interpreted virus is composed of program or code which can be executed only by a particular application or service. These are comparatively easy to generate.
Below are some of the variants of the complied type computer virus:
1. Boot Sector Virus - As the name suggests a boot sector virus affects the boot section on your computer. Evidently, boot sector is the section which is accessed at the very first when the computer is turned on. It is used to boot the information used by the operating system. A Boot sector virus gains complete control over the Master Boot Record (MDR) or the DOS by replacing the contents of the OS with that of its own resulting in errors during booting or ‘cannot boot’ message. Michelangelo and Stones are some examples of boot sector viruses. Earlier, before the era of modern, heavy memory computers, floppy disks were used to boot the system. With the decline of floppy disks, boot viruses have declined as well.
2. File Infector Virus - This is the most popular and most prevalent variant of compiled computer virus. It attaches itself to executable programs such as word processors, game files, spreadsheets applications, etc. The file infector virus fixes itself into the host file and begins its operation whenever the file is executed. Here is a snapshot of one such threat detected by an antivirus.
When the file is executed, the virus runs first followed by the program. Examples of file infector virus are Cascade and Jerusalem.
3. Multipartite Virus - Unlike other types of viruses, the multipartite finds multiple breeding areas for target. It may attach itself to the boot sector, the executable files or both depending on machine variants like the type of OS and other variables. Some specimen of multipartite virus is Flip and Invader. Multipartite virus spreads faster than the other variants of compiled virus due to the presence of multiple spread vectors. Hence, removing these is also difficult and requires cleaning both the booth sector and the infected files.
Now let us have a look at the variants of interpreted virus
1. Macro Virus - Macro is a programming language used to automate complex, repetitive processes. Macro viruses attach themselves to application documents and spreadsheets which cater to macro programming and use it to execute and multiply themselves. The most popular desktop application Microsoft Office also uses macro programming. So, it is quite easy for macro viruses to propagate through such applications. A macro virus in addition to the current document also infects the template which the program uses to open or close a file. This in turn corrupts all the documents catering to that particular application. Hence, a bigger menace. Usually Macro viruses are received as attachments in emails. Whenever we download these attachments, the macros unfurl and install on our computers. Examples of Macro Virus are The Concept, and Melissa.
2. Scripting Viruses - Scripting virus is quite a lot similar to Macro virus, the difference being they have a larger domain than the macros. Script virus is written in a language understood by a service run by the OS. It is very sophisticated and is compiled and run on the fly. These are written in a variety of script languages like JavaScript, VBS, PHP, etc. Generally, these are embedded in emails, office automation documents, and also web pages. Web scripting and cross-site scripting are very popular computer security vulnerabilities which strand for script viruses.
There are also some other types of computer viruses which are classified separately, such as:
Browser Hijacker: A browser hijacker is a malware which effectively hijacks some functions of your browser. These are generally profit intensive and changes your browser’s default home page, search page, most visited web with its own in order to generate more and more hits. An anonymous list of favorites may get added to your browser bar which in turn slows down the computer, the internet options may be altered also it may direct you to unsafe and dangerous websites, appearance of excessive pop-up windows, an extra toolbar may appear on the browser homepage (in case the browser in use is IE), excessive bandwidth usage, etc. The most well known example of such a hijacker is CoolWebSearch. Other examples include MySearchCorp.com, Morwill Search, Search-Daily.com, etc.
Polymorphic Virus: A polymorphic virus is a type of encrypted virus that uses a polymorphic (mutation) engine to fetch itself an encryption algorithm which automatically changes its code whenever it passes to different machine. An encrypted virus contains a virus body, a decryption routine and a mutation engine. The polymorphic code mutates besides keeping the original functional code intact. This makes it the most complex and difficult virus to detect and heel. Some examples of polymorphic virus are Natas (also known as SatanBug.Natas), Tequila, One Half and Maltese.
Taming the Menace
Antivirus: An antivirus is software that is used to prevent, detect and remove malicious program from the computer. There are various antivirus software packages available in the market. There are different detection strategies antivirus works on like
· Signature based detection: The antivirus software is embedded with a dictionary of known malware codes known as ‘signatures’ in its database. By means of this virus dictionary, files are examined to look for known viruses. The detected threats are then flagged and treated (repaired, quarantined or deleted) by the antivirus depending on the potential risk involved. Signature based antivirus software are required to be updated time and again to stay resonant with the new virus which keeps appearing in the wild.
· Heuristic Approach /Suspicious Behavior based detection: This detection technique does not scan for known viruses but monitors all files and programs on the machine for suspicious behavior if the program tries to write data on an executable program.
· Sandbox based detection: A sandbox emulates the operating system and runs the executable in this simulation. After the program terminates, the sandbox is examined for changes which might indicate a virus.
As reviewed by top10reviews, here is a list of some of the best antivirus packs one can opt for:
Title
|
Overall Ratings
|
BitDefender Antivirus Plus
|
Excellent
|
Kaspersky Antivirus
|
Excellent
|
Webroot Antivirus
|
Excellent
|
Norton
|
Excellent
|
ESET Nod32
|
Excellent
|
Firewall: A firewall is a software-based security system used to protect unauthorized network access and prevents viruses and worms from entering into the computer. For example Windows firewall in XP and Vista forbids external attack by making your computer’s ports invisible to outsiders and denying the acceptance of unrequested data packets.
Honeypot: A Honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems.
Some useful advice
Besides all the protection from the antivirus and the firewall, users must be careful about certain things while they operate their computer both online and offline to stay protected.
· Do not download and execute unknown programs from the internet.
· Always use a quality security system for your machine.
· Update you antivirus programs regularly.
· Turn on the auto scan in your antivirus.
· Use virtual keyboard for internet banking.
· Do not always run your machine with administrator access.
· Do not open unexpected and nasty e-mail attachments without scanning.
· Do not respond to unexpected/ uninvited pop-ups and pop-downs.
No comments:
Post a Comment