Wednesday, November 23, 2011

Computer Viruses: Where Did They Come From?

 Viruses have evolved at a high volume over the past years. The first known computer virus was written in 1982 by Rich Skrenta. The next virus was discovered by two Pakistani brothers; the virus was called the Brain. Before the Internet became so popular most viruses were spread through hardware, such as floppy disks, USBs, and other removable media. In this paper, I will define a computer virus and discuss the different types of viruses, preventative measures, and recovery methods.

Definition of a Computer Virus

Today, most computer virus threats are transferred through the Internet and e-mail when downloading file. A computer virus is damaging program that can duplicate itself and continue to do harm to the computer. The virus spreads from one computer to another in some form of executable code when its host is taken from the target computer. Viruses spread fast because the network file system is accessed by other computers. People often confuse viruses with the Trojan Horse and Worms; these are totally different. Trojan horse doesn't get into the system and replicate itself; it is software that hides malicious functions. A worm can exploit security vulnerabilities that spread to other computers through networks without having to attach itself to the program.

Type of Computer Viruses

Viruses are classified into different categories: Nonresident, Resident, Boot Sector, Companion, and Logic Bomb. A non- resident virus is not stored on the hard drive of the computer that it has damaged but is in an executable file that infects the computer every time it is accessed. The non-resident file has a finder module and a replication module. The finder module locates the new file to infect and for every new executable file the finder module finds is call the replication model.

A resident file is a computer virus that stores itself within the memory that infects files instantaneously. This type of virus does not require the user to run the file to infect the file. It operates by loading the replication module into the memory and every time the operating system performs a certain operation the computer is infected.

A boot sector virus is commonly associated with a floppy disk or hard drive. Once the boot code on the drive has been infected, the boot sector virus stays in the memory and from the memory the boot virus can spread to every disk that the system reads.

A companion virus operates by storing itself in a file that is stores itself in a file that is parallel to another program file that is regular executed. When the file is executed, the virus infects the computer and caused malicious acts such as deleting files from the computer.

The logic bomb virus, also known as the "Time Bomb" is an error in the logic of the software programs that inserts itself to other programs or system and performs specific actions. Logic bomb can be caused also by a corrupt file.

Preventive Measures

Preventive measures to detect viruses are used through anti-virus software. Two common types of anti-virus software are virus signature and heuristic. The virus signature is an algorithm that identifies a specific virus and work by exploring the content of the computer's memory and comparing the files against a database that has been created and is called "signatures." When a new virus is discovered in which an existing signature cannot remove it, a new signature is created, tested, and pushed out by the anti-virus vendor.

The heuristic algorithm is used to find viruses based on the viruses' regular behaviors. The heuristic filters and scanners can also detect viruses that have yet to be identified and can stop the infections before a signature is released.

Recovery Method

The System Restore creates and save restore points that contains information about registry setting and other system information used on the computer. The system restore is conducted to re-establish the registry and critical files to a previous checkpoint once a computer has been compromised with a virus.

Most people refer to just reinstall the programs back onto the system. The reinstalling process involves reformatting the computer's hard drive and installing the operating system form it original media, or restoring the partition with a clean backup image. Reinstalling is faster than running multiple anti-virus scans and is guaranteed to remove any malware.

Conclusion

The key to avoid computer viruses is for the user to ensure his or her computer software is updated regularly with the latest security patches and antivirus tools. The user should also stay informed about recent threats, run his or her computer as a standard user and not as the administrator and be cautious when surfing the Internet, downloading files, and opening attachments.

Reprint Terms: You're welcome to reprint these articles on your website and in your e-newsletters free of charge, provided that you do not change the article in any way and you include the byline Kaspersky products store.

In doing so you agree to indemnify Guardian Network Solutions and its directors, officers, employees, and agents from and against all losses, claims, damages, and liabilities that arise out of their use.

Note: By viewing and copying the source of this article, you will be able to retain all formatting.

Publishing Rights: You may republish this article in your website, newsletter, or book, on the condition that you agree to leave the article, author's signature, and all links completely intact.

No comments:

Post a Comment