15-01-2013, 02:48 PM
Antivirus
What is a Computer Virus?
A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user. With an ability to replicate itself, thus continuing to spread. Also, known as Malicious Software, a program that can cause damage to a computer.
The computer viruses can damage or corrupt data, modify existing data, or degrade the performance of the system by utilising resources such as memory or disk space.
Classification of Computer viruses:
Boot sector virus
Master Boot Record (MBR) virus
File infector virus
Multipartite virus
Macro virus
Boot sector virus
Boot sector viruses generally hide in the boot sector, either in the bootable disk or the hard drive.
It attaches itself to the first part of the hard disk that is read by the computer upon boot up.
These viruses are spread rapidly by floppy disks and not on CD-ROMs.
Once copied to the memory, any floppy disks that are not write protected will become infected when the floppy disk is accessed.
Error message “Invalid system disk”
Master Boot Record (MBR) virus
MBR viruses are memory-resident viruses that infect disks in the same manner as boot sector viruses.
However it, infects the MBR of the system, gets activated when the BIOS activates the Master boot code.
MBR infectors normally save a legitimate copy of the master boot record in an different location.
E.g. AntiEXE, Unashamed, NYB
File infector virus
File infector viruses infect program files.
Normally infect executable code, such as .COM, .SYS, .BAT and .EXE files.
They can infect other files when an infected program is run from floppy, hard drive, or from the network. Many of these viruses are memory resident.
After memory becomes infected, any uninfected executable file that runs becomes infected.
Multipartite virus
Multipartite (also known as polypartite) viruses infect both boot records and program files.
These are particularly difficult to repair. If the boot area is cleaned, but the files are not, the boot area will be reinfected.
The same holds true for cleaning infected files. If the virus is not removed from the boot area, any files that you have cleaned will be reinfected.
Computer Worms
Worms are programs that replicate themselves from system to system without the use of a host file. The worms are spread through networks like LAN, WAN and also through Internet. There are various ways by which a worm spreads, through Internet like E-mails, Messaging and Chats.
Worms almost always cause harm to the network, like consuming network bandwidth.
Computer Trojans
Trojan horses are impostors: files that claim to be something desirable but, in fact, are malicious. Trojan horse programs do not replicate themselves. Trojan horses contain malicious code that when triggered cause loss, or even theft, of data. E.g. Trojan.Vundo
Retrieving user’s critical information. i.e. name, password.
Spreading malware programs i.e. ‘dropper’ or ‘vector’.
Erasing or overwriting data on a computer.
Spying on a user to gather his information like browsing habits, sites visited etc. These are called Spyware.
Antivirus Software
An antivirus software is a computer program that identify and remove computer viruses, and other malicious software like Worms and Trojans from an infected computer. Not only this, an antivirus software also protects the computer from further virus attacks.
We should regularly run an antivirus program to scan and remove any possible virus attacks from a computer.