Add to collection(s) Add to saved
  1. Science
  2. Biology
  3. Virology

Computer Virus - WordPress.com

advertisement 
Computer Virus
What is a Computer Virus?
We know that virus causes diseases such as common cold and chicken pox. Frequently
we find people down with rival fever. There is no connection between the computer virus
and these human viruses. The computer virus is a computer program. If such a
program enters your computer, it may prevent you from properly using the computer.
Some virus programs may even destroy the programs and data in your disk. In such a
case, you will not be able to use the computer at all unless you remove the harmful
program completely.
The computer virus affects only the program and data. It cannot harm the hardware
components. At times, in a virus infected computer, the monitor, the printer and the hard
disk might seem to have become totally defective. After removing the virus program, if you
restore all the programs and data, the apparently defective hardware components would
start working normally again.
A special property of a virus program is its ability to spread very easily from one
computer to another or to all-important files within your computer itself. Normally, a virus
program attaches itself to your files. You may say, it hides itself in your files. You will be
surprised to know that a virus program can create its own copies. A file infecting virus
program might have entered your hard disk sometime back. Unknowingly you went on
working. Within days, it would spread to all the important files of your hard disk. In
addition, it would lodge itself into all the floppies that you had used in your computer after
the virus attack. So, when a virus affects your computer, it is not enough to remove the
virus from the computer. You have to clean all your floppies also. If a virus remains in any
of your floppies, it will spread again when you use the infected floppy unknowingly in your
computer.
How Virus Spreads
Virus enters the computer in three ways. Let us see what these are,
1. Computer viruses enter the computer mostly through floppies. This is the first
source of virus. You might have copied a file from your friend’s floppy not knowing that it
was virus infected. The virus will enter your computer. Where it will enter? It will lodge
itself into your hard disk.
How will it enter your hard disk? When a virus-infected file is processed for any job, the
virus first goes into the RAM. You already know that for any processing, the concerned
program and data files must be loaded in the RAM. When you do any operation like copy,
the corresponding program of DOS is also executed in the RAM and gets infected
immediately. All the programs of the DOS operating system are normally available in the
hard disk only. The computer does its work by copying these DOS program files from the
hard disk to the RAM. Through the RAM, the virus spreads to the disk.
The virus will enter your hard disk even if you see the directory of a virus-infected floppy or
execute a virus-infected file. But, if you only insert the floppy into the floppy drive without
accessing the drive at all, virus would not infect your computer.
2. The second mechanism of virus attack is booting your computer through a virus
infected boot floppy. When you switch on your computer, after going through a series of
steps, the computer displays the C: prompt. This is called booting. For booting, a few
special DOS programs are to be executed. These programs are normally available in the
hard disk. So, the computer boots from the C: disk as a routine. But, it is possible to store
the boot programs in a floppy and boot from this floppy disk instead of the C: disk. This is
what we call booting from floppy. If, by chance, this boot floppy contains virus, the
computer gets immediately infected on booting.
3. The third source of virus is the computer network. You know that a computer
network is a number of computers connected with each other through cables. In a
computer network you may transfer files from any other computer in the network. If a
virus-infected file is transferred from another computer in the network to your computer, it
gets infected.
Types of Viruses
The number of known virus programs is very large. Their names are different and their
capabilities of doing damage also vary. Some people are busy throughout the world in
creating and spreading these harmful programs to the computers of unsuspecting users.
This has been going on for many years. Below are the names and brief details of a few
common computer virus programs,
1. Alabama: This virus changes the names of the files you copy in your virus-infected
system. If this goes on for some time, you would not be able to find your desired
files at all.
2. Brain: This boot sector virus was created in Pakistan. Boot sector is a special area
in the disk that is used by the operating systems for keeping very important disk
information. This virus spreads very fast. It is difficult to detect and remove it from
the system. It damages the disk files.
3. Cascade: This virus attacks other program files. If you suddenly see the characters
displayed on your monitor screen falling down in showers, you may be sure that
you have got this virus. This virus does serious damage to the files.
4. Dark Avenger: This virus attacks only program files but not the data files. It
spreads very fast by finding uninfected programs and attaching a copy of itself to it.
5. Dir_ll: This virus attacks all your disk files. This sometimes damages the File
Allocation Table (FAT) of your disk also. The details about the file locations in your
disk are written in the FAT. Without it, you will effectively lose your files. This virus
is also known by the name Creeping Death. Sometime back, this virus was
infecting PCs all around. It is not only troublesome; it was also difficult to eradicate.
6. Disk Killer: This is an old boot sector virus. When this virus program becomes
active, you will see the following display, Disk Killer Version 1.0 from Ogre
Computers now killing disk. Please do not power down your system. The virus will
start erasing your files ten seconds before this display. Even if you switch off the
computer immediately after getting the display, you won’t be able to prevent the file
loss.
7. Friday the 13th: This virus starts its activity on 13th day of s month if it is also a
Friday. From the computer clock, it keeps track of the calendar. This virus program
damages other programs. Sometimes, after a lot of damages have been done, the
following is displayed; We hope we haven’t inconvenienced you.
8. Ghost: When this virus becomes active, you will see a ball of light jumping all over
your monitor screen. This virus infects both the boot sector and the system
programs.
9. Hong-Kong: This is a boot sector virus. In addition to damaging data files, it harms
program files and information about the files also. This virus is difficult to remove
from the computer system.
10. Joshi: When this virus program starts running, the screen shows, Type “Happy
Birthday Joshi” If you type as instructed by the virus, you would be able to start
working again without any harm to your data or programs.
11. Jerusalem: This virus program was created in the University of Jerusalem. Over
the years it affected a large number of computers in various countries. There are
many versions of this virus. By changing a program a little, a new version of the
program is created. It attacks only program files. Its main job is to make its own
copy very fast and attach it with other programs. If this replication is uncontrolled,
the computer may totally stop working after some time.
12. Michelangelo: This is a harmful boot sector virus. This may do great damage to
the disk. This virus is not easy to remove. It sleeps all the time except 6 th of March.
On this day, it starts running and does the damage. Once, it caused a worldwide
panic.
13. Stoned: This is also a boot sector virus. Its two other names are New Zealand and
Marijuana. This damages files in both hard disk and floppy disk. If you see on the
screen, you may be sure that your disk has Stoned virus. “ Legalize Marijuana.
Your computer is now stoned”.
14. Yankee Doodle: This virus does not do any harm. Exactly at 5 p.m. it plays on the
computer the tune of the song “Yankee Doodle Dandy”. The computer has a small
speaker through which simple tunes can be played.
15. Chernobyl: Recently, this virus created extensive damage in computers worldwide.
It activated on 26th of the month and damaged the partition table of the hard disk. In
most cases, the disk data was completely lost.
These are not the only virus programs. There are a few thousand-virus programs
spread all over the world! Some of these are very difficult to remove and also highly
dangerous. Just as some people are busy in creating new virus programs, there are
groups of people equally busy in creating programs that remove the viruses. These are
called Anti-virus programs.
As new virus programs are created, corresponding anti-virus programs also follow. The
only difficulty is, even if a virus is created in China, it may enter your computer in a short
while without intimating you. You don’t have to purchase the virus program. But, in case of
anti-virus, purchasing is not enough. You have also to keep it always up-to-date. An old
anti-virus program will not be able to detect or remove the latest viruses. This is like a war
in which no party will emerge as a clear victor. The fight will go on forever. The only option
open to the computer user is to remain always alert against the menace. We will know in a
short while how to minimize the risk of virus attack.
The virus programs may be divided into two types according to its location inside the
computer. The two types are File virus and System virus. The file virus attaches itself
with files in the disk. When an infected file is loaded into the RAM, the virus also gets
loaded. Normally, program files are infected in this way. The system virus, on the other
hand, lodges itself into two very important areas of the disk. One is the boot sector and
other is the Partition Table. These areas contain important and necessary information for
using the disk and accessing the files stored. If any of these two areas gets damaged, the
disk becomes unusable. You effectively lose the files.
Its signature can generally identify a virus program. The signature is a unique series
of characters that appear in a virus program. By extensive study of a virus program, its
signature is identified. The anti-virus program knows the signatures of all the viruses that it
can identify. When such a program is run, it searches the disk areas and the files for the
virus signatures it knows. These way viruses are detected. But, there are some
dangerous virus programs that change their signatures continuously. It is difficult to detect
these. Recently, another special type of programs has been created that produces new
virus programs. These are called virus generators. The fight with the virus menace is a
never-ending process.
Anti-virus Programs
You already know that an anti-virus program removes viruses from the computer. You
have also learnt that this program scans the disk trying to identify the signatures of a few
thousand viruses it knows. If it does not know the signature of a particular virus, it won’t be
able to identify that virus, let alone remove it.
Virus removal is done in two steps. Firstly viruses are identified and then removed. The
first step is detection and the second vaccination. The part of the anti-virus program that
removes a particular virus is called the vaccine for that virus. It might happen that an antivirus program could detect the Stoned virus, but could not remove it. In that case a
message might be displayed
“Does not have the vaccine for Stoned virus. Unable to remove”
While scanning the hard disk, an anti-virus program may not look into every file in the disk.
Most of the viruses attach themselves with program files and infect special areas of the
disk. Thus an anti-virus program normally scans only the program files and the special
disk areas, boot sector and partition table.
A few popular foreign anti-virus software packages are, McAfee Virus can, Dr.
Solomon’s Anti Virus, Central Point Anti Virus (CPAV), F-Prot and Symantec Anti
Virus. You may purchase these packages from the market. But, it is not enough to only
purchase such a package. Regularly, you have to get its latest version also. If you do not
do that, you won’t be able to remove the latest new viruses with the old anti-virus
package. The old package would not have the signatures of the new viruses.
Getting new versions of foreign anti-virus packages is not always easy, particularly when
new versions of most anti-virus packages are released every month. This is one of the
reasons why a few indigenous packages have become quite popular. Amongst many, a
few well-known Indian anti-virus packages are Nashot, Smart Dog and Red Alert.
You might think that you need only one anti-virus package for removing all viruses.
Actually, after sometime, you will find that one package is not a foolproof protection
against all viruses. You may have to finally use two or three packages. Apart from
software anti-virus packages, hardware anti-virus cards also are available. You have to
attach these electronic cards with the computer. Some of these cards work along with a
software component. The popular among the hardware anti-virus solutions are ProtectorPlus, Knox card, and Vigilant Plus.
As viruses mostly attack the hard disk and infect it, you should run the anti-virus
program from the floppy. Before starting the anti-virus scan, you should first switch off
the computer and boot it from a clean boot floppy. This ensures safe booting and a virus
free RAM. After booting, remove the boot floppy and insert the anti-virus floppy. Now you
may start your virus scan. The anti-virus software itself will guide you step by step. Any
anti-virus software package will have standard set of facilities available through menus.
One of these facilities will invariably be to scan a floppy in addition to the hard disk.
How to keep your Computer Safe from Virus
You already know that you cannot totally eliminate the possibility of a virus infection. But, if
you follow a few rules, chances of virus infection and consequent damages would be
reduced. A few such rules of virus protection are listed below,
1. Believe that a virus infection can do a lot of damage to your work. It might not
matter to you even if a virus attack damages all your disk files. In that case, you are
not really using the computer for any important purpose. You may as well do
without it.
2. Do not use a floppy from an external source without first scanning it for virus.
Do not allow an outsider to use your computer without your permission. When
scanning, use all of your anti-virus packages. You may keep your anti-virus
software permanently running in your computer. It then acts as a protective shield.
It raises alarm if any mischievous program is executed. But, this way of working
may be slightly inconvenient because of frequent undue interruptions in work.
Just as you do not allow unknown floppies in your computer, you should not use
your own floppy also in any other potentially unsafe computer. Your floppy is as
powerful a virus carrier as your friend’s floppies.
3. You should always keep good anti-virus software handy with you. If one is not
good enough, use more than one. Upgrade your anti-virus as soon as its new
version is released. You should also keep a boot floppy and the Operating System
floppies readily available with you. You have already learnt about booting. An
infected computer sometimes fails to boot. In such a case, even to run the anti-virus
you need to boot from the floppy. Making a boot floppy is easy. Sometimes, the
operating system programs in the hard disk get damaged. Then you have to load it
again from a clean set of floppies. You should always keep the boot floppy and
operating system programs write-protected.
4. You should always create your files in separate directories for ease of back up
and restoration. For example, you may use a directory LETTERS for storing your
letter files. By the word-processing program MS Word, you might create these files.
While work in this directory it is possible for you to run MS Word, which resides in
its own WINWORD directory. In this manner, you may create your LOGO picture
files in LOGOPIC directory, even though the LOGO program resides in LIOGO
directory.
One advantage of this way of working is that you always know which directory
contain what files. The other big advantage is that you can regularly copy the files
in an organized manner. This is called back up. In case of file damage by virus
attack, you may restore the files easily from the back-up copies. You should take
regular back up of your important files. When a virus damages some of your files,
remove the virus first. Then, copy the desired files back to the disk from your back
up. You will not suffer any loss.
5. To be sure that your system is completely free from virus, you may have to run the
anti-virus program repeatedly. But your job does not end there. You have to scan
and clean each of your floppies that might have been infected. Otherwise,
within a few days, the hard disk will again be infected. It is a good habit to scan
your hard disk and floppies regularly even if you do not suspect a virus attack.
6. If a floppy gets full with files that you would not change, make the floppy writeprotected immediately. By this, the files can be read from the floppy, but nothing
can be written on it. To infect a floppy, a virus program has to write its copy on the
disk. Thus, write-protection of a floppy ensures total safety from virus till you
make the disk writable again.
How do you make a floppy write-protected? One of the two holes near the lower
edge of the floppy can be closed or opened by moving a notch. Opening the hole
make the floppy write-protected. Some of the software packages come in writeprotected floppies.
7. Passwords may be used in modern PCs for restricting access. A Password is a
special secret word known only to the owner of the PC. After the PC is switched on,
it will first ask the correct password to be inputted before it boots. Without knowing
the correct password, such a PC cannot be used. Keep your computer switched off
when not in use. This will ensure that nobody can use it in your absence.
8. Tell your friends about the virus menace and how to remain safe from it. This
will decrease the chances of virus infection to your computer.
9. If you are not able to remove a particularly bad type of virus yourself, do not
hesitate to consult an expert. Sometimes, wrong method of virus removal causes
serious damage to the files.
10. Be careful when copying files over a computer network.
11. While working on the Internet, keep your network virus-guard always on.
Enhance the security of your computer through the settings of the Internet browser.
12. Not only executables, but also document files may contain viruses. Possibility
of this form of virus contamination is especially highly if you use E-mail regularly.
Do not open an attachment to a mail without first scanning it.
Related documents
Higher Computing Unit 1 – Software Questions
Higher Computing Unit 1 – Software Questions
Understanding Viruses Video Notes Integrated Science 2
Understanding Viruses Video Notes Integrated Science 2
Battlefield Cell Virus Attacks
Battlefield Cell Virus Attacks
Outline for Pathogenesis Document
Outline for Pathogenesis Document
Amplification of baculovirus
Amplification of baculovirus
Unit 18 – Data Security 1 – Model Answers
Unit 18 – Data Security 1 – Model Answers
File
File
Virus: disease-causing, nonliving particles composed of an inner
Virus: disease-causing, nonliving particles composed of an inner
Download
advertisement