This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
A computer virus is a program that can copy itself and infect a computer. The term virus is also commonly used to refer to other types of malware including adware and spyware, programs that do not have the reproductive ability. A true virus can spread from one computer to another in executable code. Viruses can increase their spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.
In the eighties. The Amjad brothers of Pakistan ran a computer store and since they were frustrated by computer piracy they wrote the first computer virus in the world. A boot sector virus called Brain. Which infected 360 kb floppy disks. From the simple start of this virus. Thousands and thousands of viruses have evolved and been created.
Spyware is any unwanted program that infects computers for commercial gain. They can cause pop ups to appear in your web browser, steal personal information, monitor web activity for marketing purposes, or cause you to automatically surf to advertising sites.
Worms are pieces of code that use the computer network and security loop holes to transfer its self from machine to machine. In 2001 the code red worm coppied itself to over 250,000 times in a nine hour span. It specifically attacked swindows NT servers and windows 2000 running microsoft internet imformation server. The worm found the unsecured servers and attached its self to them. It was created for 3 purposes . To replicate its self for the first 20 days of the infection. It replaces the victoms web page with that states that they have been hacked by the chinese. It also tried to attack the white house's web server by overwhelming it.
Email viruses are different types of viruses that use email messages to transport itself and can automatically send itself to hundreds of thousands of people depending on whose email address they pick to transport the virus. There are basic rules that you can follow that can help to avoid email viruses. Never open any attachment unless you know the sender and you were expecting it. If you happen to receive a particular email message with an attachment from someone you don't know you should delete it immediately and never open it. Always use antivirus software and remember to constantly download updates.Always let someone know when you will be sending them an attachment in an email so that they can be expecting it. Always use spam filters to block unwanted and unrecognizable mail.
A resident virus is a virus that embeds itself into the memory on a computer. Activating whenever the opperating system performs a specific function so that it can infect files on the computer. Resident viruses can be quite destructive as it can spread through a system and even attach to antivirus programs, infecting the very thing that is supposed to find it.
A macro virus is written in a macro language and placed within a document. Viruses have to be run to do the task. When the document is opened and the macro is executed. Commands in the macro language do the destruction. Unlike typical file infecting viruses. Macro viruses infect data files. Mostly ones created in Word, Excel, PowerPoint, or even Access. Visual Basic macros are miniature programs embedded in the document.
The polymorphic virus is one of the more complex computer threats.¿½ During infection it creates modified copies of itself.¿½ This is primarily done to fake the detection of a virus scanner as some are not able to identify the infection.¿½ One method it commonly uses to bypass a scanner. Involves self encryption with a variable key. To create an effective polymorphic virus. A coder chooses from a number of different encryption types that require different methods of decryption¿½ A virus scanner based on a string-driven detection would have to find many different strings, one for each probable decryption type.¿½ This is the best technique for reliably identifying this type of virus.¿½¿½¿½¿½¿½¿½ More advanced forms of the polymorphic virus alter the instruction sequences of their variants by scattering decryption instructions with other instructions designed to fail the process of encryption.¿½ It may also interchange mutually independent instructions to load inaccurate letters such as moving 0 to A or replacing A with a B.¿½ A basic antivirus software would have no way to identify all of the infection.¿½ Even more advanced programs has to really research this type of various and make special configurations to their scanner in order to detect it. A logic bomb virus is a piece of code programmed into a software that will set off a malicious function when specified conditions are met. For example a programmer may hide a piece of code that starts deleting important files if they ever get terminated from the company. Software that is malicious such as a virus or worms most of the time contain logic bombs that execute a certain pre-determined set time or when some other condition is met. This technique can be used by a virus or worm to gain momentum and spread before being noticed. Many viruses attack their systems on specific dates. such as 12:00 tonight or April fools day. Trojans viruses that start doing damage on certain dates are called time bombs. To be considered a logic bomb. The damage should be unwanted and unknown to the user of the software. For example, trial software with code that disables functionality after a set time are not normally logic bombs.
TROJAN HORSE VIRUS
A Trojan horse virus is a malware that looks to do a reasonable task or function for the user prior to running or installing it but instead allows unauthorized access of the user's system. A Trojan horse may change the user's computer to display advertisements in places they don¿½t want, like the desktop or in pop ups, or it may be less noticeable, like installing a toolbar on to the user's browser without notice. This can create the author of the Trojan money by people clicking on them. Trojan horses can allow a hacker remote access to a target computer system. Once a Trojan horse has been installed on a target computer system. A hacker may have access to the computer remotely and mess with different operations. There are different actions the hacker can do for instance using the machine as part of a botnet to perform automated spamming or to give denial of service attacks, data theft by retrieving passwords or credit card information, installation of software such as third party malware, by downloading or uploading files on the user's computer, modifying or deleting files, keystroke logging, watching the users screen, and crashing the users computer. Trojan horses require interaction with a hacker to do their purpose. The hacker does'nt have to be the individual responsible for distributing the Trojan horse virus. It is possible for individual hackers to scan computers on a network with a port scanner in the hope of finding one with a Trojan horse virus installed. Then the hacker can then use the computer to control the target computer. They can be installed a number of different ways such as, downloading software, bundling, email attachments websites that have executable content, and application exploits.
The use of anti virus is to prevent worms and viruses from getting into a organization's network. Some anti virus programs dont detect more complex infections, letting an outbreak to begin.¿½ This issue arose from the widespread use of laptop computers and mobile computing.¿½ Since many users tend to operate mobile devices with no security enabled on them at all. A network becomes very vulnerable to infection.¿½ Once a virus gains a strong connection within the network. Removal of the viruses often becomes hard for the really advanced anti virus software to remove.¿½ Also the intrusion detection systems and firewalls have a difficult time preventing the network virus from spreading to other files and devices.¿½ A network virus has the ability to quickly down the performance of a network, by disabling critical devices, programs and network connections.¿½ After the infection spreads, fully getting rid it often becomes difficult.¿½ Reinfection often occurs which starts a major support effort and inflating cost when attempting to recover from the outbreak. The best way to defend a interconnected organization is to install a program equipped with a network based fire wall.¿½ This type of software can be configured to automatically repair infected network devices and prevent the virus from occurring.¿½ A network firewall uses a bunch of techniques to detect , contain and eliminate viruses known to infect a network. Here is a few ways, by using outbreak monitoring which keeps track of changes in traffic flow, connections made, and sudden increased traffic through ports and protocols such as TCP, UDP, IGMP, and ICMP.¿½ The administrator is notified of any infectious computers that are found.¿½ Out break prevention is another way which prevents the spread of viruses over wide area networks by using file, IP address, port and protocol filtering.
BOOT SECTOR VIRUS
A boot sector virus is spread by infected floppy disks. This usually happens when users unintentionally leave a floppy disk in floppy disk drive . When the system is next started the computer will attempt to boot from the floppy disk. If the disk is infected with a boot sector virus the virus will infect the boot sector of the computers drive hard drive. Unless the floppy disk is a bootable system disk, the user will just see a message that sayes the drive contains a system disk error. Even non bootable disks can spread a boot sector virus when they are used. A boot sector infected hard drive can also infect a floppy disk. The first boot sector virus was discovered in 1986.
FILE INFECTOR VIRUS
A computer virus that inserts its infecting code into executable files on a system is called a file infector file. When the infected file is opened or the program infected containing the virus can overwrite the file and cause damage to the content of the overwritten file. This type of virus targets a number of operating systems, mac, unix, and dos. ¿½This is the most common type of virus. The virus code is most often added so it escapes detection. Files infected by this type of virus usually have a .com, ..exe, or .sys extension.
¿½Some file infecting viruses are designed for specific programs. Program types that are targeted are overlay files and dynamic link library files. These files are not executed, even though they are called by executable files. The virus is transmitted when the call is made. Damage to data occurs when the virus is set. A virus can be triggered when an infected file is executed, or when a certain environment setting is met like a specific system date.
A companion virus is a computer virus that uses a feature of dos that enables software with the same name, but with different extensions, that operates with different priorities. Like you may have program.exe on your computer, and the virus can create a file called program.com. When the computer executes program.exe, the virus runs program.com before prgram.exe is executed. In most cases, the real program will run and the users think the system is running normally when its really not. It can replace a program that finds files and may result in the files that the user wishes to find being deleted.
A Michelangelo virus is a virus that was first discovered in April 1991 in New Zealand. The virus was designed to infect dos systems but did not engage the operating system. The Michelangelo virus like all boot sector viruses, operated at the BIOS level and remained dormant until march sixth. The birthday of the renaissance artist Michelangelo. On March sixth if the computer is a AT or ps2 the virus overwrites the first hundred sectors of the hard disk with nulls. The virus takes two hundred and fifty six cylinders, four heads, and seventeen sectors per track. Even though the user's data would still be on the hard disk, it would be next to impossible for the average computer to retrieve. On hard drives the virus moves the original master boot record to cylinder 0, head 0, sector 7. On floppy disks if the floppy is a 360 kb floppy. The virus moves the original boot sector to cylinder 0, head 1, sector 3. even though it is designed to infect dos systems, the virus can easily mess with operating systems on the system. Like other viruses the Michelangelo infects the master boot record of a hard drive. This virus became more widespread in January 1992. When it came to be a few computer and software manufacturers accidentally shipped products infected with the virus. Like intels lanspool print server which was infected. Thousands of computers were infected with this virus. By 1997 there were no more reports of the virus.
A directory virus works by infecting the directory of your computer.¿½ A directory is file that has information about other files and sub directories in it.¿½ It contains information that is made up of the file or directory name, the starting cluster, date and time. When a file is opened, it scans the directory entry in search of the directory.¿½ It is then able to find the starting cluster. The starting cluster is an index to the File Allocation Table.¿½ The directory virus puts malicious code into the cluster and checks it as allocated in the file allocation table.¿½ That stops it from being allocated later.¿½ It then saves the first cluster and starts to target other clusters, choosing each file it wants to infect with the virus.¿½ The viruses malicious code usually has an extension like .com or .exe which executes the virus. Operating systems find files by looking for directories and files on the hard drive that form paths.¿½ The directory virus modifies the paths that gives the location moving them to execute and corrupt clean files spreading through the system. Most of the time when this file infects your computer you can still run the program you request while running the file executing the virus at the same time without even knowing that you are about to infect your computer. After the virus infects the computer the original file that got infected will be next to impossible to find making most of your programs useless. The only way you can re retrieve the files is by restoring the files by a backup or having a anti virus program retrieve them.
The iloveyou virus also called the love letter virus, a computer worm that infected millions and millions of windows computers in 2000. It was sent by email with the attachment LOVE-LETTER-FOR-YOU.TXT.vbs but the .vbs was hidden. Most people thinking it was just a text file opened it and the virus started quickly spreading. The file then got a hold of everyone¿½s address book and started distributing its self to everyone in it. The virus started in the Philippines by two college students on may 4th 2000. The virus spread from the Philippines to Hong Kong, Europe, then to the US in the matter of one day. Causing over 5 billion dollars in damage!