Computer Virus Analysis Essay
Computer virus Is a software program written with malicious intentions. There are number of computer viruses that can impede the functioning of your computer system. DETAIL ABOUT They are replicated by themselves. Viruses are so dangerous and malicious that they can be automatically copied and pasted from memory to memory over and over; the transmitting power Is too much quick from network to network that can simply hang smoothly running computer. Sometimes damage the important programs of the computer.
Viruses are very dangerous program can go on their activities automatically and can do a great loss of the users. TYPES OF COMPUTER VIRUS Memory Resident Virus 0 Direct Action Virus 0 Overwrite Viruses 0 Boot Sector Virus C] Macro Virus Q Directory virus CLC Polymorphic Virus 0 Companion Virus O FAT Virus 0 Multivariate Virus 0 Web Scripting Virus 0 Worms ; File Infection Virus Memory Resident These viruses fix themselves In the computer memory and get activated whenever the SO runs and infects all the files that are then opened. Stays there even after the malicious code is executed.
It gets control over the system memory and allocate memory blocks through which it runs its own code, and executes the code when any function is executed. 0 Target: It can corrupt files and programs that are opened, closed, copied, renamed, etc. 0 Examples: Ranked, CM, Move, and Murkily 0 Protection: Install an antivirus program. Direct Action Virus The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that are specified in the AUTOCUE. BAT file path.
This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted. Finders/Fineness technique is used where the code selects a few files as its victims. It also infects the external devices like pen drives or hard disks by copying itself on them 0 . Hideout: The viruses keep changing their location into new files whenever the code is executed, but are generally found in the hard disk’s root directory. 0 Target: It can corrupt files. Basically, it is a file-infected virus. 0 Examples: Vienna virus Protection: Install an antivirus scanner.
However, this type of virus has minimal effect on the computer’s performance. Overwrite Virus A virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. 0 Hideout: The virus replaces the file content. However, it does not change the file size. 0 Examples: Way, Try. Reboot, Trivial. 88. D 0 Protection: The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.
However, it is very easy to detect this type of virus, as the original program becomes useless. This type of virus affects the boot sector of a hard disk. This is a crucial part of the disk, in which information of the disk itself is stored along with a program that makes it possible to boot (start) the computer from the disk. This type of virus is also called Master Boot Sector Virus or Master Boot Record Virus. 0 Hideout: It hides in the memory until DOS accesses the floppy disk, and whichever boot data is accessed, the virus infects it. Examples: Polyglot. B, Anatine Protection: The best way of avoiding boot sector viruses is to ensure that floppy disks are hermaphrodites. Also, never start your computer with an unknown floppy disk in the disk drive. Macro Virus Macro viruses infect files that are created using certain applications or programs that contain macros, like . Doc, . XSL, . Ups, . Mid, etc. These mint-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.
These viruses automatically infect the file that contains macros, and also infects the templates and documents that the file contains. It is referred to as a type of e-mail virus. 0 Hideout: These hide in documents that are shared via email or networks. 0 Examples: Relax, Melissa. A, Balls, MONKS 0 Protection: The best protection technique is to avoid opening e-mails from unknown senders. Also, disabling macros can help to protect your useful data. Directory Virus Directory viruses (also called Cluster Virus/File System Virus) infect the directory of your computer by changing the path that indicates the location of a file.
When you execute a program file with an extension . EXE or . COM that has been infected by a virus, you are unknowingly running the virus program, while the original file and program is previously moved by the virus. Once infected, it becomes impossible to locate the original files. 0 Hideout: It is usually located in only one location of the disk, but infects the entire program in the directory. 0 Protection: All you can do is, reinstall all the files from the backup that are infected after formatting the disk.
Polymorphic Virus Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system. This makes it impossible for antivirus software to find them using string or signature searches (because they are different in each encryption). The virus then goes on to create a large number of copies. 0 Examples: Liker, Marabou, Satan Bug and Turret 0 Protection: Install a high-end antivirus as the normal ones are incapable of detecting this type of virus.
Companion Virus Companion viruses can be considered as a type of file infection virus, like resident or direct action types. They are known as companion viruses because once they get into he system they ‘accompany’ the other files that already exist. In other words, to carry out their infection routines, companion viruses can wait in memory until a program is run (resident virus), or act immediately by making copies of themselves (direct action virus). 0 Hideout: These generally use the same filename and create a different extension of it.
For example: If there is a file “Me. Exe”, the virus creates another file named “Me. Com” and hides in the new file. When the system calls the filename “Me”, the “. Com” file gets executed (as “. Com” has higher priority than “. Exe”), thus infecting the system. 0 Examples: Stator, Asimov. 1539 and Terra. 1069 0 Protection: Install an antivirus scanner and also download Firewall. FAT Virus The file allocation table (FAT) is the part of a disk used to store all the information about the location of files, available space, unusable space, etc. Hideout: FAT virus attacks the FAT section and may damage crucial information. It can be especially dangerous as it prevents access to certain sections of caused can result in loss of information from individual files or even entire directories. 0 Examples: Link Virus Protection: Before the virus attacks all the files on the computer, locate all the files that are actually needed on the hard drive, and then delete the ones that are not needed. They may be files created by viruses.
Multivariate Virus These viruses spread in multiple ways possible. It may vary in its action depending upon the operating system installed and the presence of certain files. 0 Hideout: In the initial phase, these viruses tend to hide in the memory as the resident viruses do; then they infect the hard disk. 0 Examples: Invader, Flip and Tequila 0 Protection: You need to clean the boot sector and also the disk to get rid of the virus, and then reload all the data in it. However, ensure that the data is clean.
Web Scripting Virus Many web pages include complex codes in order to create an interesting and interactive content. This code is often exploited to bring about certain undesirable actions. 0 Hideout: The main sources of web scripting viruses are the web browsers or infected web pages. 0 Examples: AS. Fortnight is a virus that spreads through malicious e-mails. 0 Protection: Install the Microsoft tool application that is a default feature in Windows 2000, Windows 7 and Vista. Scan the computer with this application.
Worms A worm is a program very similar to a virus; it has the ability to self-replicate and can lead to negative and eliminated by an antivirus software. 0 Hideout: These generally spread through e-mails and networks. They do not infect files or damage them, but they replicate so fast that the entire network may collapse. 0 Examples: Sportswear. B, Elevate. F, Trill. C, Sobbing. D, Maps 0 Protection: Install an updated version of antivirus. File Infection Virus This is the most popular and most prevalent variant of compiled computer virus.
It attaches itself to executable programs such as word processors, game files, spreadsheets applications, etc. The file infection virus fixes itself into the host file and begins its operation whenever the file is executed. Here is a snapshot of one such threat detected by an antivirus. Effects of Virus It can quickly use all available memory and bring the system to a halt.