What is computer virus

1. ? A virus is a piece of sof ware desig ed a d wri e o adversely affec your compu er by al eri g he way i works wi hou your k owledge or permissio . I more ech ical erms, a virus is a segme of program code ha impla s i self o o e of your execu able files a d spreads sys ema ically from o e file o a o her. Compu er viruses do o spo a eously ge era e: hey mus be wri e a d have a specific purpose. Usually a virus has wo dis i c fu c io s: Spreads i self from o e file o a o her wi hou your i pu or k owledge. ech ically, his is k ow as self-replica io a d propaga io . Impleme s he symp om or damage pla ed by he perpe ra or. his could i clude erasi g a disk, corrup i g your programs or jus crea i g havoc o your compu er. ech ically, his is k ow as he virus payload, which ca be be ig or malig a a he whim of he virus crea or. A be ig virus is o e ha is desig ed o do o real damage o your compu er. For example, a virus ha co ceals i self u il some prede ermi ed da e or ime a d he does o hi g more ha display some sor of message is co sidered be ig . A malig a virus is o e ha a emp s o i flic malicious damage o your compu er, al hough he damage may o be i e io al. here are a sig ifica umber of viruses ha cause damage due o poor programmi g a d ou righ bugs i he viral code. A malicious virus migh al er o e or more of your programs so ha i does o work, as i should. he i fec ed program migh ermi a e ab ormally, wri e i correc i forma io i o your docume s. Or, he virus migh al er he direc ory i forma io o o e of your sys em area. his migh preve he par i io from mou i g, or you migh o be able o lau ch o e or more programs, or programs migh o be able o loca e he docume s you wa o ope . Some of he viruses ide ified are be ig ; however, a high perce age of hem are very malig a . Some of he more malig a viruses will erase your e ire hard disk, or dele e files. Wha Viruses Do Some viruses are programmed specifically o damage he da a o your compu er by corrup i g programs, dele i g files, or erasi g your e ire hard disk. Ma y of he curre ly k ow Maci osh viruses are o desig ed o do a y damage. However, because of bugs (programmi g errors) wi hi he virus, a i fec ed sys em may behave erra ically. Wha Viruses Do ' Do Compu er viruses do ' i fec files o wri e-pro ec ed disks a d do ' i fec docume s, excep i he case of Word macro viruses, which i fec o ly docume s a d empla es wri e i Word 6.0 or higher. hey do ' i fec compressed files ei her. However, applica io s wi hi a compressed file could have bee i fec ed before hey were compressed. Viruses also do ' i fec compu er hardware, such as mo i ors or compu er chips; hey o ly i fec sof ware. I addi io , Maci osh viruses do ' i fec DOS-based compu er sof ware a d vice versa. For example, he i famous Michela gelo virus does o i fec Maci osh applica io s. Agai , excep io s o his rule are he Word a d Excel macro viruses, which i fec spreadshee s, docume s a d empla es, which ca be ope ed by ei her Wi dows or Maci osh compu ers. Fi ally, viruses do ' ecessarily le you k ow ha hey are here - eve af er hey do some hi g des ruc ive.

1 2. ypes of Compu er Viruses owadays umber of viruses is abou 55000. I i creases co s a ly. ew u k ow ypes of viruses appear. o classify hem becomes more a d more difficul . I commo hey ca be divided by hree basic sig s: a place of si ua i g, used opera io sys em a d work algori hms. For example accordi g hese hree classifica io s virus Cher obyl ca be classified as file i fec or a d reside Wi dows virus. Fur her i will be explai ed wha i mea s. 2.1 A place of exis e ce 2.1.1File I fec ors hese are viruses ha a ach hemselves o (or replace) .COM a d .EXE files, al hough i some cases hey ca i fec files wi h ex e sio s .SYS, .DRV, .BI , .OVL a d .OVY. Wi h his ype of virus, u i fec ed programs usually become i fec ed whe hey are execu ed wi h he virus i memory. I o her cases hey are i fec ed whe hey are ope ed (such as usi g he DOS DIR comma d) or he virus simply i fec s all of he files i he direc ory is ru from (a direc i fec or). here are hree groups of file i fec ors. Viruses of he firs group are called overwri i g viruses because hey overwri e heir code i o i fec ed file erasi g co e s. Bu hese viruses are primi ive a d hey ca be fou d very quickly. O her group is called parasi ic or cavi y viruses. I fec ed file is capable of work fully or par ly bu co e s of las o e are cha ged. Viruses ca copy i self i o begi , middle or e d of a file. hey record heir code i da a k ow o o be used. hird group is called compa io viruses. hey do ’ cha ge files. hey make double of i fec ed file so whe i fec ed file is bei g s ar ed a double file becomes ma agi g, i mea s virus. For example compa io viruses worki g wi h DOS use ha DOS firs ly ru s COM. file a d af er if his file is o fou d ru s EXE. file. Viruses make double file wi h a same ame a d wi h ex e sio COM a d copies i self i his file. Duri g s ar of i fec ed file DOS ru s a COM. file wi h a virus firs ly a d he a virus s ar s a EXE. file. Some ime compa io viruses re ame file will be i fec ed a d record heir code i a double file wi h old ame. For example he file XCOPY.EXE is re amed i o XCOPY.EXD a d virus record i self i file XCOPY.EXE. Whe his file is s ar ed compu er ru s a virus code firs ly a d af er virus s ar s origi al XCOPY, saved as XCOPY.EXD. Viruses like his were fou d o o ly i DOS. hey were fou d i Wi dows a d OS/2. I is o o ly o e way o make double files. For example here is subgroup of compa io viruses called pa h-compa io viruses. hey use special fea ure of DOS - PA H: hierarchical record of file loca io . Virus copies i self i file wi h he same ame bu si ua ed o e level higher. I his case DOS will fi d file wi h virus. 2 2.1.2Boo viruses Boo Sec or I fec ors Every logical drive, bo h hard disk a d floppy, co ai s a boo sec or. his is rue eve of disks ha are o boo able. his boo sec or co ai s specific i forma io rela i g o he forma i g of he disk, he da a s ored here a d also co ai s a small program called he boo program (which loads he DOS sys em files). he boo program displays he familiar &quo ; o -sys em Disk or Disk Error&quo ; message if he DOS sys em files are o prese .

I is also he program ha ge s i fec ed by viruses. You ge a boo sec or virus by leavi g a i fec ed diske e i a drive a d reboo i g he machi e. Whe he boo sec or program is read a d execu ed, he virus goes i o memory a d i fec s your hard drive. Remember, because every disk has a boo sec or, i is possible (a d commo ) o i fec a machi e from a da a disk. O E: Bo h floppy diske es a d hard drives co ai boo sec ors. Mas er Boo Record I fec ors he firs physical sec or of every hard disk (Side Ш, rack Ш, Sec or 1) co ai s he disk's Mas er Boo Record a d Par i io able. he Mas er Boo Record has a small program wi hi i called he Mas er Boo Program, which looks up he values i he par i io able for he s ar i g loca io of he boo able par i io , a d he ells he sys em o go here a d execu e a y code i fi ds. Assumi g your disk is se up properly, wha i fi ds i ha loca io (Side 1, rack Ш, Sec or 1) is a valid boo sec or. O floppy disks, hese same viruses i fec he boo sec ors. You ge a Mas er Boo Record virus i exac ly he same ma er you ge a boo sec or virus -- by leavi g a i fec ed diske e i a drive a d reboo i g he machi e. Whe he boo sec or program is read a d execu ed, he virus goes i o memory a d i fec s he MBR of your hard drive. Agai , because every disk has a boo sec or, i is possible (a d commo ) o i fec a machi e from a da a disk. 3 2.1.3 Mul i-par i e Viruses Mul i-par i e viruses are a combi a io of he viruses lis ed above. hey will i fec bo h files a d MBRs or bo h files a d boo sec ors. hese ypes of viruses are curre ly rare, bu he umber of cases is growi g s eadily. 2.1.4 Macro Viruses U il rece ly, he macro la guages i cluded wi h mos applica io s were o powerful or robus e ough o suppor wri i g a effec ive virus. However, ma y of he more adva ced applica io s ha are bei g developed oday i clude buil -i programmi g capabili ies ha rival some of he larger developme packages. his has rece ly bee demo s ra ed by he various s rai s of Microsof Word viruses, i cludi g he so-called Word Co cep a d Word uclear viruses. hese viruses ra spor hemselves hrough Microsof Word docume s. Whe ope ed i Word, hey perform various ac io s, i cludi g spreadi g hemselves i o he user's i s alla io of Word, hus prepari g o i fec all fu ure docume s o he sys em. A addi io al co cer is ha macro viruses ca be cross-pla form. he Word Co cep virus has he claim o fame of bei g he firs promi e cross-pla form virus, because i ca i fec bo h Wi dows a d Maci osh sys ems. Because mos applica io macro la guages suppor passi g execu io o a ex er al shell, such as COMMA D.COM or CMD.EXE, he power of he macro virus is o limi ed o he co s rai s of he macro la guage i self4. 2.2 Used opera io sys em. A y compu er or e virus ca i fec files of o e or more opera io sys ems: DOS, Wi dows, OS/2, Li ux, MacOS a d o hers. I is a base of his way of classifica io . For example virus BOZA worki g wi h Wi dows o ly is classified as Wi dows virus, virus BLISS – as Li ux virus. 2.3 Work algori hms. Viruses ca be differed by used algori hms maki g hem da ger a d hard for ca chi g.

