The Story of Computer Virus

The Story of Computer Virus

I                             INTRODUCTION

The Story of Computer Virus since its introduction has always made us fear from problems in computers. It always scares us from hackers, data and financial losses. Also, there comes many privacy issues with computer. While Mobile and Computers remain an Integral part of our modern work environment, our devices too are largely exposed to this world of computer viruses.

The Story of Computer Virus:

Virus (computer), a self-copying computer program that spreads from computer to computer, meddling with information and programming. Similarly, as organic viruses taint individuals, spreading from individual to individual, computer viruses contaminate (PCs) and servers, the computers that control access to a system of computers. Some viruses are minor disturbances, yet others can do genuine harm. Viruses can erase or change records, take significant data, burden and run undesirable applications, send reports by means of electronic mail (email), or even challenged person a machine's working framework (OS), the essential programming that runs the computer.

II                            HOW INFECTIONS OCCUR

From The Story of Computer Virus : A virus can contaminate a computer in various ways. It can touch base on a floppy circle or inside an email message. It can piggyback on records downloaded from the World Wide Web or from an Internet administration used to share music and motion pictures. Or on the other hand it can endeavor defects in the manner computers trade information over a system. Purported mixed risk viruses spread by means of numerous strategies simultaneously. Some mixed danger viruses, for example, spread through email yet additionally proliferate by abusing imperfections in a working framework.

Generally, regardless of whether a virus discovered its direction onto a computer, it couldn't really taint the machine—or engender to different machines—except if the client was by one way or another tricked into executing the virus by opening it and running it similarly as one would run an authentic program. In any case, another type of computer virus can taint machines and spread to others totally all alone. Basically by associating a computer to a system, the computer proprietor risks disease. Since the Internet associates computers around the globe, viruses can spread from one finish of the globe to the next in only minutes.

III                          TYPES OF VIRUSES

From The Story of Computer Virus : There are numerous classifications of viruses, including parasitic or document viruses, bootstrap-segment, multipartite, large scale, and content viruses. At that point there are alleged computer worms, which have turned out to be especially common. A computer worm is a sort of virus. In any case, rather than contaminating documents or working frameworks, a worm repeats from computer to computer by spreading whole duplicates of itself.

Parasitic or document viruses contaminate executable records or projects in the computer. These records are frequently distinguished by the expansion .exe for the sake of the computer document. Record viruses leave the substance of the host program unaltered yet join to the host so that the virus code is run first. These viruses can be either immediate activity or inhabitant. An immediate activity virus chooses at least one projects to contaminate each time it is executed. An occupant virus covers up in the computer's memory and contaminates a specific program when that program is executed.

Bootstrap-area viruses live on the primary bit of the hard circle or floppy plate, known as the boot division. These viruses supplant either the projects that store data about the plate's substance or the projects that begin the computer. Ordinarily, these viruses spread by methods for the physical trade of floppy plates.

Multipartite viruses consolidate the capacities of the parasitic and the bootstrap-part viruses, as can taint either records or boot divisions. These kinds of viruses can spread if a computer client boots from a tainted diskette or gets to contaminated documents.

Different viruses taint programs that contain amazing large scale dialects (programming dialects that let the client make new highlights and utilities). These viruses, called large scale viruses, are written in full scale dialects and naturally execute when the authentic program is opened.

Content viruses are written in content programming dialects, for example, VBScript (Visual Basic Script) and JavaScript. These content dialects can be viewed as an extraordinary sort of full scale language and are considerably increasingly incredible in light of the fact that most are firmly identified with the working framework condition. The 'ILOVEYOU' virus, which showed up in 2000 and contaminated an expected 1 out of 5 PCs, is a well known case of a content virus.

Carefully, a computer virus is consistently a program that joins itself to some other program. In any case, computer virus has turned into a sweeping term that additionally alludes to computer worms. A worm works completely individually, while never connecting itself to another program. Normally, a worm spreads over email and through different ways that computers trade data over a system. Along these lines, a worm unleashes destruction on machines, yet in addition obstructs organize associations and moderates system traffic, with the goal that it requires some investment to stack a Web page or send an email.

IV                          ANTI-VIRAL TACTICS

A                            Preparation and Prevention

Computer clients can get ready for a viral contamination by making reinforcements of genuine unique programming and information records routinely with the goal that the computer framework can be reestablished if vital. Viral disease can be forestalled by getting programming from real sources or by utilizing an isolated computer—that is, a computer not associated with any system—to test new programming. In addition, clients ought to consistently introduce working framework (OS) patches, programming refreshes that repair the kind of imperfections, or gaps, in the OS regularly abused by viruses. Patches can be downloaded from the Web webpage of the working framework's designer. Notwithstanding, the best avoidance might be the establishment of present and well-structured antiviral programming. Such programming can forestall a viral disease and in this way help stop its spread.

B                            Virus Detection

A few kinds of antiviral programming can be utilized to distinguish the nearness of a virus. Checking programming can perceive the qualities of a virus' computer code and search for these attributes in the computer's records. Since new viruses must be dissected as they show up, checking programming must be refreshed intermittently to be successful. Different scanners look for basic highlights of viral projects and are typically less dependable. Most antiviral programming utilizes both on-request and on-get to scanners. On-request scanners are propelled just when the client initiates them. On-get to scanners, then again, are continually observing the computer for viruses yet are consistently out of sight and are not noticeable to the client. The on-get to scanners are viewed as the proactive piece of an antivirus bundle and the on-request scanners are viewed as receptive. On-request scanners more often than not distinguish a virus simply after the contamination has happened and that is the reason they are viewed as receptive.

Antivirus programming is normally sold as bundles containing a wide range of programming programs that are free of each other and perform various capacities. Whenever introduced or bundled together, antiviral bundles give total insurance against viruses. Inside most antiviral bundles, a few strategies are utilized to recognize viruses. Checksumming, for instance, utilizes numerical counts to look at the condition of executable projects when they are run. On the off chance that the checksum has not changed, at that point the framework is uninfected. Checksumming programming can identify a contamination simply after it has happened, notwithstanding. As this innovation is dated and some viruses can sidestep it, checksumming is once in a while utilized today.

Most antivirus bundles additionally use heuristics (critical thinking by experimentation) to identify new viruses. This innovation watches a program's conduct and assesses how intently it takes after a virus. It depends on involvement with past viruses to foresee the probability that a suspicious document is a so far unidentified or unclassified new virus.

Different sorts of antiviral programming incorporate checking programming and respectability shell programming. Observing programming is not the same as checking programming. It distinguishes unlawful or possibly harming viral exercises, for example, overwriting computer records or reformatting the computer's hard drive. Uprightness shell programming builds up layers through which any direction to run a program must pass. Checksumming is performed consequently inside the honesty shell, and contaminated projects, whenever recognized, are not permitted to run.

C                            Containment and Recovery

Once a viral infection has been detected, it can be contained by immediately isolating computers on networks, halting the exchange of files, and using only write-protected disks. In order for a computer system to recover from a viral infection, the virus must first be eliminated. Some antivirus software attempts to remove detected viruses, but sometimes with unsatisfactory results. More reliable results are obtained by turning off the infected computer; restarting it from a write-protected floppy disk; deleting infected files and replacing them with legitimate files from backup disks; and erasing any viruses on the boot sector.

V                            VIRAL STRATEGIES

The authors of viruses have several strategies to circumvent antivirus software and to propagate their creations more effectively. So-called polymorphic viruses make variations in the copies of themselves to elude detection by scanning software. A stealth virus hides from the operating system when the system checks the location where the virus resides, by forging results that would be expected from an uninfected system. A so-called fast-infector virus infects not only programs that are executed but also those that are merely accessed. As a result, running antiviral scanning software on a computer infected by such a virus can infect every program on the computer. A so-called slow-infector virus infects files only when the files are modified, so that it appears to checksumming software that the modification was legitimate. A so-called sparse-infector virus infects only on certain occasions—for example, it may infect every tenth program executed. This strategy makes it more difficult to detect the virus.

By using combinations of several virus-writing methods, virus authors can create more complex new viruses. Many virus authors also tend to use new technologies when they appear. The antivirus industry must move rapidly to change their antiviral software and eliminate the outbreak of such new viruses.

VI                          VIRUS-LIKE COMPUTER PROGRAMS

There are other harmful computer programs that can be part of a virus but are not considered viruses because they do not have the ability to replicate. These programs fall into three categories: Trojan horses, logic bombs, and deliberately harmful or malicious software programs that run within a Web browser, an application program such as Internet Explorer and Netscape that displays Web sites.

A Trojan horse is a program that pretends to be something else. A Trojan horse may appear to be something interesting and harmless, such as a game, but when it runs it may have harmful effects. The term comes from the classic Greek story of the Trojan horse found in Homer’s Iliad.

A logic bomb infects a computer’s memory, but unlike a virus, it does not replicate itself. A logic bomb delivers its instructions when it is triggered by a specific condition, such as when a particular date or time is reached or when a combination of letters is typed on a keyboard. A logic bomb has the ability to erase a hard drive or delete certain files.

Malicious software programs that run within a Web browser often appear in Java applets and ActiveX controls. Although these applets and controls improve the usefulness of Web sites, they also increase a vandal’s ability to interfere with unprotected systems. Because those controls and applets require that certain components be downloaded to a user’s personal computer (PC), activating an applet or control might actually download malicious code.

A                            History : From the Story of Computer Virus

In 1949 Hungarian American mathematician John von Neumann, at the Institute for Advanced Study in Princeton, New Jersey, proposed that it was theoretically possible for a computer program to replicate. This theory was tested in the 1950s at Bell Laboratories when a game called Core Wars was developed, in which players created tiny computer programs that attacked, erased, and tried to propagate on an opponent's system.

In 1983 American electrical engineer Fred Cohen, at the time a graduate student, coined the term virus to describe a self-replicating computer program. In 1985 the first Trojan horses appeared, posing as a graphics-enhancing program called EGABTR and as a game called NUKE-LA. A host of increasingly complex viruses followed.

The so-called Brain virus appeared in 1986 and spread worldwide by 1987. In 1988 two new viruses appeared: Stone, the first bootstrap-sector virus, and the Internet worm, which crossed the United States overnight via computer network. The Dark Avenger virus, the first fast infector, appeared in 1989, followed by the first polymorphic virus in 1990.

Computer viruses grew more sophisticated in the 1990s. In 1995 the first macro language virus, WinWord Concept, was created. In 1999 the Melissa macro virus, spread by e-mail, disabled e-mail servers around the world for several hours, and in some cases several days. Regarded by some as the most prolific virus ever, Melissa cost corporations millions of dollars due to computer downtime and lost productivity.

The VBS_LOVELETTER script virus, also known as the Love Bug and the ILOVEYOU virus, unseated Melissa as the world's most prevalent and costly virus when it struck in May 2000. By the time the outbreak was finally brought under control, losses were estimated at U.S.$10 billion, and the Love Bug is said to have infected 1 in every 5 PCs worldwide.

The year 2003 was a particularly bad year for computer viruses and worms. First, the Blaster worm infected more than 10 million machines worldwide by exploiting a flaw in Microsoft’s Windows operating system. A machine that lacked the appropriate patch could be infected simply by connecting to the Internet. Then, the SoBig worm infected millions more machines in an attempt to convert systems into networking relays capable of sending massive amounts of junk e-mail known as spam. SoBig spread via e-mail, and before the outbreak was 24 hours old, MessageLabs, a popular e-mail filtering company, captured more than a million SoBig messages and called it the fastest-spreading virus in history. In January 2004, however, the MyDoom virus set a new record, spreading even faster than SoBig, and, by most accounts, causing even more damage.