Computer virus -How it works & how to prevent
Like a world, Internet is also not a perfectly safe place. There is an every possibilities and chances that the computer or network system may be effected by a virus.
What is computer virus?
Viruses are malicious programs that invade the computer. These programs are self executable programs to spread from one computer to another computer network. They can damage the computer in many different ways, like, deleting data files, erasing programs, or destroying everything they find on the hard disk. Not every virus causes damage, some simply flashing the messages.
First computer virus was written by BOB THOMAS in 1971, known as Creeper virus & written as a self-replicating programme. It is used in ARPANET to infect DEC PDP-10 computers, running TENEX operating system. To delete Creeper the Reaper programme was written. In 1981, Richard Skrenta written a programme name,” Rother J” and it is spread via floppy disk & effected to the Apple DOS 3.3 operating system. The first PC boot sector virus was created by Farooq Alvi Brothers of Lahore in 1986.
In early days of the personal computing, viruses spread mainly through removable medium, like floppy disks. Now a day’s computer viruses spread from the Internet by downloading files to the computer, but this is not the only place that virus attack, if you have sent email or received some email attachment, like images, greeting cards, audio & video or from company’s internal network, virus can spread into the computer. Virus can be spread in to your computer from shrink-wrapped or cracked software or file downloads from Internet.
Traditional virus attach themselves to programme or data files, infect the computer, replicate on the hard disk, and then damage data, hard disk or files. Following are critical areas where virus usually attacks:
• Executable programme files,
• System’s file directory areas that locate the traces of all computer files,
• Boot & system area that is needed to start computer, and
• Data Files,
Some popular form of viruses
• Boot Sector Virus: It replaces the computer’s main boot programme that is in the first sector of every disk with a modified version of the original boot programme that loads the virus into the memory.
• Macro Virus: This attaches them to word or excels for windows macros inside a word or excels from windows data file and is launched whenever a particular macro is run.
• Stealth Virus: In computer terms it is an one type of file virus. It uses a certain or some special techniques to hide its presence from antivirus software by either masking the size of the file or temporarily remove himself from he infected file & make a copy of itself in the location of the drive, replacing the infected file with a good one which is stored in the hard drive. To counter this virus modern antivirus software employs various techniques. To avoid stealth virus, the most reliable method is to boot computer from a clean medium.
• Polymorphic Virus: This computer virus changes its binary pattern or signature every time when it replicates and infects a new file, due to this antivirus programme cannot detect this virus. It is very difficult to detect just using signature. It may be detect by decrypting the virus using an emulator or analysis of the statistical pattern of the virus body.
• Metamorphic Virus: Polymorphic may be detected by emulation, to avoid detection some viruses rewrite himself completely every time they infect new executable files. This technique is called metamorphism. Metamorphic virus required metamorphic engine & it is very large & complex, written mainly by assembly language.
• Time Bomb: It is a computer virus that begins when detects some certain condition. It is actually some programming codes inserted into a software system that will triggered when predefined conditions are met.
Trojan horse, Worm & Blended Threats
• Trojan horses: It disguises them as normal, helpful programme, but in fact are virus. For example, programme looks like a financial calculator or games, but really deleted every files from the hard disk. It is not replicate them automatically. The term Trojan horse is derived from Greek mythology. Trojan can be installed through the following ways,
v Software downloads,
v Executable content,
v Application Exploits (Media Player, messaging client),
• Worms: It is a programme, design to infect networks such as Internet. It travels from network computer to network computer & replicating themselves along the way. It is considered to be a sub class of virus. It has a capability to travel without any human action. Biggest danger is that computer sending out a single worm but it actually sending out hundreds or thousands of copies of itself, creating a huge devastating affect.
• Blended Threat: A blended threat is a sophisticated attack combination of worms, Trojan, viruses, & malicious code into one single threat. Blended Threats are deigned to use multiple mode of Transport. It can modify the exe. files, HTML files, and registry keys at the same time; basically at one time they cause damage within several areas of the network. It is considered to be a worst attack to security, as most threats also requires no human intervention to propagate.
It is most commonly a collection of tools that an attacker installs in an effected computer. They are available for any operating system and architecture today. It is an one type of malicious software began each time the system boots up. It is very difficult to detect because it is began before the system’s Operating system has completely booted up.
Malicious software designed specifically to damage or disrupts a computer system, like as a virus or Trojan.
Symptoms of Virus Infection
• Unexpected reboots of the computer,
• Computer slows down suddenly,
• Facing problems to save the file & sometimes files disappear mysteriously,
• Computer displays unusual message,
• Exc. Files increase their size,
• Unusual visual or sound affects developing,
How to protect a computer from Virus
The first step in protecting the computer from malicious threat, that the computer operating system must be up to date. It is essential if operating system is Microsoft Windows. Secondly, antivirus software must be installed in the system & it must be up to date. It is very important to download the update frequently so that software has the latest fixes for new viruses, worms & Trojan. Periodical disk scans are essentially required. Additionally you must install a firewall also.
What is Firewall?
It is a system that protects computer from unauthorized use & access of the computer & it may be either software or hardware. Hardware firewalls provide a strong protection from most forms of malicious attack coming from the outside. It can be purchased along with broadband routers or as a stand alone product, but unfortunately it may be less effective when battling with viruses, worms & Trojans than a software firewall because hardware firewall possibly ignore embedded worms in out going emails as the firewall see this a regular network traffic.
Software firewall is most popular between the individual home users. A good software firewall will protect the computer from outside attack & provide additional protection against the most common Trojan Programme or email worms.
How to begin windows inbuilt firewall?
• OS must be windows XP or Vista,
• Must be ensure that the software is up to date & firewall installed,
• Click control panel icon & click Security Centre icon,
• Firewall is set on,
• Click on the firewall settings to edit certain firewall preferences,
And finally avoid downloads files & programme from a questionable website and emails. This files & programme may contain Malware that damage the computer & network system.
I am including two YouTube video just for reference how virus is working,
My blog is http://bosemoney.blogspot.com. I invited every reader to post comment about new & latest fact findings of computer virus.
Like it on Facebook, +1 on Google, Tweet it or share this article on other bookmarking websites.