Digital Attraction Home

What's computer virus?


What's computer virus?

A computer virus is a computer program written to alter the way a computer operates, without the permission or knowledge of the user. Though the term is commonly used to refer to a range of malware, a true virus must replicate itself, and must execute itself. The latter criteria are often met by a virus which replaces existing executable files with a virus-infected copy. While viruses can be intentionally destructive—destroying data, for example—some viruses are benign or merely annoying.

What's malware?

Malware is a broad category of software designed to infiltrate or damage a computer system. Types of malware include spyware, adware, Trojan horses, Worms, and viruses. While modern anti-virus software works to protect computers from this range of threats, computer viruses make up only a small subset of malware.

File Viruses

File viruses are pieces of code that attach themselves to executable files, driver files or compressed files, and are activated when the host program is run. After activation, the virus may spread itself by attaching itself to other programs in the system, and also carry out the malevolent activity it was programmed for.

Most file viruses spread by loading themselves in system memory and looking for any other programs located on the drive. If it finds one, it modifies the program’s code so that it contains and activates the virus the next time it’s run. It keeps doing this over and over until it spreads across the system, and possibly to other systems that the infected program may be shared with.
Besides spreading themselves, these viruses also carry some type of destructive constituent that can be activated immediately or by a particular ‘trigger’. The trigger could be a specific date, or the number of times the virus has been replicated, or anything equally trivial. Some examples of file viruses are Randex, Meve and MrKlunky.

Boot Sector Viruses

A boot sector virus affects the boot sector of a hard disk, which is a very crucial part. The boot sector is where all information about the drive is stored, along with a program that makes it possible for the operating system to boot up. By inserting its code into the boot sector, a virus guarantees that it loads into memory during every boot sequence.

A boot virus does not affect files; instead, it affects the disks that contain them. Perhaps this is the reason for their downfall. During the days when programs were carried around on floppies, the boot sector viruses used to spread like wildfire. However, with the CD-ROM revolution, it became impossible to infect pre-written data on a CD, which eventually stopped such viruses from spreading.Though boot viruses still exist, they are rare compared to new-age malicious software.But today with the rapid development of USB devices,they have new chances again?:) Another reason why they’re not so prevalent is that operating systems today protect the boot sector, which makes it difficult for them to thrive. Examples of boot viruses are Polyboot.B and AntiEXE.

Multipartite Viruses

Multipartite viruses are a combination of boot sector viruses and file viruses. These viruses come in through infected media and reside in memory. They then move on to the boot sector of the hard drive. From there, the virus infects executable files on the hard drive and spreads across the system. There aren’t too many multipartite viruses in existence today, but in their heyday, they accounted for some major problems due to their capacity to combine different infection techniques. A significantly famous multipartite virus is Ywinz.

Macro Viruses

Macro Viruses infect files that are created using certain applications or programs that contain macros. These include Microsoft Office documents such as Word documents, Excel spreadsheets, PowerPoint presentations, Access databases, and other similar application files such as Corel Draw, AmiPro, etc. Since macro viruses are written in the language of the application, and not in that of the operating system, they are known to be platform-independent—they can spread between Windows, Mac, and any other system, so long as they’re running the required application. With the ever-increasing capabilities of macro languages in applications, and the possibility of infections spreading over net-works, these viruses are major threats. The first macro virus was written for Microsoft Word and was discovered back in August 1995. Today, there are thousands of macro viruses in existence—some examples are Relax, Melissa.A and Bablas.

Network Viruses

This kind of virus is proficient in quickly spreading across a Local Area Network (LAN) or even over the Internet. Usually, it propagates through shared resources, such as shared drives and folders. Once it infects a new system, it searches for potential targets by searching the network for other vulnerable systems. Once a new vulnerable system is found, the network virus infects the other system, and thus spreads over the network. Some of the most notorious network viruses are Nimda and SQLSlammer.

E-mail Viruses

An e-mail virus could be a form of a macro virus that spreads itself to all the contacts located in the host’s email address book. If any of the e-mail recipients open the attachment of the infected mail, It spreads to the new host’s address book contacts, and then proceeds to send itself to all those contacts as well. These days, e-mail viruses can infect hosts even if the infected e-mail is previewed in a mail client. One of the most common and destructive e-mail viruses is the ILOVEYOU virus. There are many ways in which a virus can infect or stay dormant on your PC. However, whether active or dormant, it’s dangerous to let one loose on your system, and should be dealt with immediately.

Spyware

Spyware is the new-age term for advertising-supported software (Adware). Advertising in shareware products is a way for shareware authors to make money, other than by selling it to the user. There are several large media companies that offer to place banner ads in their products in exchange for a portion of the revenue from banner sales. If the user finds the banners annoying, there is usually an option to get rid of them by paying the licensing fee.

Unfortunately, the advertising companies often also install additional tracking software on your system, which is continuously using your Internet connection to send statistical data back to the advertisers. While the privacy policies of the companies claim there will be no sensitive or identifying data collected from your system and that you shall remain anonymous, the fact remains that you have a server sitting on your PC that is sending information about you and your surfing habits to a remote location, using your bandwidth.

Spyware has been known to slow down computers with their semi-intensive usage of processing power, bringing up annoying pop-up windows at the most inappropriate times and changing your Internet browsing settings such as your home page or default search engine to their own services. Even if many do not consider this illegal, it is still is a major security threat, and the fact that there’s no way to get rid of them makes them as much of a nuisance as viruses.

Companion viruses

A companion virus does not have host files per se, but exploits MS-DOS. A companion virus creates new files (typically .COM but can also use other extensions such as ".EXD") that have the same file names as legitimate .EXE files. When a user types in the name of a desired program, if a user does not type in ".EXE" but instead does not specify a file extension, DOS will assume he meant the file with the extension that comes first in alphabetical order and run the virus. For instance, if a user had "(filename).COM" (the virus) and "(filename).EXE" and the user typed "filename", he will run "(filename).COM" and run the virus. The virus will spread and do other tasks before redirecting to the legitimate file, which operates normally.

Some companion viruses are known to run under Windows 95 and on DOS emulators on Windows NT systems. Path companion viruses create files that have the same name as the legitimate file and place new virus copies earlier in the directory paths. These viruses have become increasingly rare with the introduction of Windows XP,which does not use the MS-DOS command prompt.

Logic bomb

A logic bomb employs code that lies inert until specific conditions are met. The resolution of the conditions will trigger a certain function (such as printing a message to the user and/or deleting files). An example of a logic bomb would be a virus that waits to execute until it has infected a certain number of hosts. A time bomb is a subset of logic bomb, which is set to trigger on a particular date and/or time. An example of a time bomb is the infamous ‘Friday the 13th’ virus.

Cross-site scripting viruses

A cross-site scripting virus (XSSV) is a type of virus that utilizes cross-site scripting vulnerabilities to replicate. A XSSV is spread between vulnerable web applications and web browsers creating a symbiotic relationship.

Trojan horses

Trojan Horses are impostor files that claim to be something desirable but, in fact, are malicious. Rather than insert code into existing files, a Trojan horse appears to do one thing (install a screen saver, or show a picture inside an e-mail for example) when in fact it does something entirely different, and potentially malicious, such as erase files. Trojans can also open back doors so that computer hackers can gain access to passwords, and other personal information stored on a computer.

Although often referred to as such, Trojan horses are not viruses in the strict sense because they cannot replicate automatically. For a Trojan horse to spread, it must be invited onto a computer by the user opening an email attachment or downloading and running a file from the Internet, for example.

Worm

A worm is a piece of software that uses computer networks and security flaws to create copies of itself. A copy of the worm will scan the network for any other machine that has a specific security flaw. It replicates itself to the new machine using the security flaw, and then begins scanning and replicating a new.

Worms are programs that replicate themselves from system to system without the use of a host file. This is in contrast to viruses, which requires the spreading of an infected host file. Although worms generally exist inside of other files, often Word or Excel documents, there is a difference between how worms and viruses use the host file. Usually the worm will release a document that already has the "worm" macro inside the document. The entire document will travel from computer to computer, so the entire document should be considered the worm. Mydoom or ILOVEYOU are two examples of worms.

posted by Le Minh Nhut at 2:00 PM

0Comments:

Post a Comment

<< Home

FUNNY CLIPS
Blow Skirt Fan Prank
Beach Babe Crab
Sexy Drunk
Putting On Bra Action Style
Sexy Milk

Page 1   Page 2   Page 3   Page 4   Page 5   Page 6  

DIGITAL PRODUCTS

FLASH MUSIC
Ánh sao trong mơ(Full house)

Bad Day

Chia đôi cơn mơ

First Love

Forever

I Cry

Love you and love me

Mouse love rice

Paint my love

Doll love

Pretty Boy

Promises don't come easy

Soledad

Sometimes

Take me to your heart

Tonghua

Võ lâm truyền kỳ(1)

Võ lâm truyền kỳ(2)

Võ lâm truyền kỳ(3)

Wave

Wishing upon a star

Mirror mirror

My Love

Queen of my heart

Season in the sun

Up town girl

When you believe



Digital Attraction

ASSOCIATION
Powered by Blogger
 

© 2007 Digital Attraction
Add to Google Add to Plusmo Subscribe in podnova Subscribe in Bloglines Add Digital Attraction to ODEO