Computer viruses generally refer the programs that unintentionally get into computers, disrupt the normal operation and, and cause damage to data and programs. A virus is best defined not by what it does, but by how spreads and infects other programs.
A biological virus enters a body, damages the body, spreads to other bodies, and eventually is eradicated by the internal immune system or by external means. Similarly, the computer virus enters the computer system and gets attached with a program (or set of programs or applications). As the application(s) is invoked, the virus becomes activated and spreads to the other parts of the system.
Viruses can be either benign or destructive. The first one cause less serious damage unlike the second one.
Types of viruses
This section presents a broad classification of viruses. Most viruses are in fact “hybrid” combinations of various properties from multiple classes.
File infectors. These most often attach to program files, but can infect any file with executable code, including script files or program configuration files. When the program, script or configuration is executed, the virus is executed as well.
System or boot-record infectors. System or boot-record infectors do not necessarily infect a file. They target, instead, certain areas of a hard disk used exclusively for system processes. These areas include the boot-record, which is a section of the disk dedicated to booting the operating system. Having infected a Master Boot Record, the virus spreads to the boot sectors of the inserted media.
Multi-partite viruses. Multi-partite viruses infect boot records as well as files. With its hybrid nature, a multipartite virus inherits the worst qualities of each of its parents, and consequently is far more contagious and destructive than either.
Macro viruses. Macro virus is a program that is implemented in a macro language, that is to say, a language built into some systems of data processing such as text editors, electronic spreadsheets etc. A macro virus can be spread through the features of macro languages by infecting new files (document or spreadsheet) via already infected file. The vast majority of macro viruses are spread within Microsoft Office Applications.
Stealth viruses. Stealth viruses use many techniques to thwart detection. One technique is to redirect the addresses within a program that point to other programs or system information, and have them point to the virus file instead. When the program calls for that supplementary program or system information, it actually runs the virus code. This infects the file without actually injecting additional code, which could show up as a symptom to virus scanning software. Another common stealth technique changes a file, but displays its size as it was before infection. Thus, it nullifies the ability to use the file length as an indicator of infection.
Encrypted viruses. Encrypted viruses enjoy the advantages of other encrypted material. Initially, encrypted viruses appear not as viruses, but as nondescript gibberish. But when an infected program is executed, a small piece of plain, unencrypted code decrypts the rest of the virus, which then proceeds to do its damage. When, and if, an encrypted virus is detected, it is very difficult to analyze since it is not subject to reverse engineering like the unencrypted viruses. This makes it hard to determine the structure of the virus and the precise scope of its payload. Encryption is most useful when coupled with a polymorphic strategy.
Polymorphic viruses. Polymorphic viruses try to evade detection by altering their structure or the encryption techniques. Each time an infection occurs, a polymorphic virus changes its form, confusing virus (detection) scanning software. Because virus scanners use certain unique “signature” characteristics to identify viruses, any virus that changes its form presents a formidable new challenge.
Stages in the life of a virus
During its lifetime, a virus typically goes through the following four stages:
1. Dormant phase. In this phase the virus is idle.
2. Propagation phase. In this phase virus replicates itself.
3. Triggering phase. Phase of processing of special functions.
4. Execution phase. In fact, the virus activation starts exactly in this phase.
There are following methods of virus detection:
Suggestions to prevent virus infection
· Install the antivirus software.
· Do not open not requested email attachments.
· Keep computer software updated.
· Use firewall.
· Customize the confidentiality options of browser.
· Disable pop-up windows within browser.
· Enable the accounts control.