virus and its precautions :-
In computers, a virus is a program or programming code that replicates by being copied or initiating its
copying to another program, computer boot sector or document. Viruses can be transmitted as attachments to an e-mail note or in a downloaded file, or be present on a diskette or CD. The immediate source of the e-mail note, downloaded file, or diskette you've received is usually unaware that it contains a virus. Some viruses wreak their effect as soon as their code is executed; other viruses lie dormant until circumstances cause their code to be executed by the computer. Some viruses are benign or playful in intent and effect ("Happy Birthday, Ludwig!") and some can be quite harmful, erasing data or causing your hard disk to require reformatting. A virus that replicates itself by resending itself as an e-mail attachment or as part of a network message is known as a worm.
Generally, there are three main classes of viruses:-
File infectors. Some file infector viruses attach themselves to program files, usually selected .COM or .EXE files. Some can infect any program for which execution is requested, including .SYS, .OVL, .PRG, and .MNU files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly-contained programs or scripts sent as an attachment to an e-mail note.
System or boot-record infectors. These viruses infect executable code found in certain system areas on a disk. They attach to the DOS boot sector on diskettes or the Master Boot Record on hard disks. A typical scenario (familiar to the author) is to receive a diskette from an innocent source that contains a boot disk virus. When your operating system is running, files on the diskette can be read without triggering the boot disk virus. However, if you leave the diskette in the drive, and then turn the computer off or reload the operating system, the computer will look first in your A drive, find the diskette with its boot disk virus, load it, and make it temporarily impossible to use your hard disk. (Allow several days for recovery.) This is why you should make sure you have a bootable floppy.
Macro viruses. These are among the most common viruses, and they tend to do the least damage. Macro viruses infect your Microsoft Word application and typically insert unwanted words or phrases.The best protection against a virus is to know the origin of each program or file you load into your computer or open from your e-mail program. Since this is difficult, you can buy anti-virus software that can screen e-mail attachments and also check all of your files periodically and remove any viruses that are found. From time to time, you may get an e-mail message warning of a new virus. Unless the warning is from a source you recognize, chances are good that the warning is a virus hoax.
1. Resident Viruses
This type of virus is a permanent which dwells in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc.
Examples include: Randex, CMJ, Meve, and MrKlunky.
2. Multipartite Viruses
Multipartite viruses are distributed
through infected media and usually hide in the memory. Gradually, the
virus moves to the boot sector of the hard drive and infects executable
files on the hard drive and later across the computer system.
3. Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
4. Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.
The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.
Examples of this virus include: Way, Trj.Reboot, Trivial.88.D.
5. Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.
The best way of avoiding boot viruses is to ensure that floppy disks are write-protected and never start your computer with an unknown floppy disk in the disk drive.
Examples of boot viruses include: Polyboot.B, AntiEXE.
6. Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.
Examples of macro viruses: Relax, Melissa.A, Bablas, O97M/Y2K.
7. Directory Virus
Directory viruses change the paths that indicate the location of a file. By executing a program (file with the extension .EXE or .COM) which has been infected by a virus, you are unknowingly running the virus program, while the original file and program have been previously moved by the virus.
Once infected it becomes impossible to locate the original files.
8. Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system.
This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption) and also enables them to create a large number of copies of themselves.
Examples include: Elkern, Marburg, Satan Bug, and Tuareg.
9. File Infectors
This type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belongs to this category, and can be classified depending on the actions that they carry out.
10. Encrypted Viruses
This type of viruses consists of
encrypted malicious code, decrypted module. The viruses use encrypted
code technique which make antivirus software hardly to detect them. The
antivirus program usually can detect this type of viruses when they try
spread by decrypted themselves.
11. Companion Viruses
11. Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).
Some examples include: Stator, Asimov.1539, and Terrax.1069
12. Network Virus
Network viruses rapidly spread through a Local Network Area (LAN), and sometimes throughout the internet.
Generally, network viruses multiply through shared resources, i.e.,
shared drives and folders. When the virus infects a computer, it
searches through the network to attack its new potential prey. When the
virus finishes infecting that computer, it moves on to the next and the
cycle repeats itself.
The most dangerous network viruses are Nimda and SQLSlammer.
13. Nonresident Viruses
This type of viruses is similar to
Resident Viruses by using replication of module. Besides that,
Nonresident Viruses role as finder module which can infect to files when
it found one (it will select one or more files to infect each time the
module is executed).
14. Stealth Viruses
Stealth Viruses is some sort of
viruses which try to trick anti-virus software by intercepting its
requests to the operating system. It has ability to hide itself from
some antivirus software programs. Therefore, some antivirus program
cannot detect them.
15. Sparse Infectors
In order to spread widely, a virus
must attempt to avoid detection. To minimize the probability of its
being discovered a virus could use any number of different techniques.
It might, for example, only infect every 20th time a file is executed;
it might only infect files whose lengths are within narrowly defined
ranges or whose names begin with letters in a certain range of the
alphabet. There are many other possibilities.
16. Spacefiller (Cavity) Viruses
Many viruses take the easy way out
when infecting files; they simply attach themselves to the end of the
file and then change the start of the program so that it first points to
the virus and then to the actual program code. Many viruses that do
this also implement some stealth techniques so you don't see the
increase in file length when the virus is active in memory.
A spacefiller (cavity) virus, on the other
hand, attempts to be clever. Some program files, for a variety of
reasons, have empty space inside of them. This empty space can be used
to house virus code. A spacefiller virus attempts to install itself in
this empty space while not damaging the actual program itself. An
advantage of this is that the virus then does not increase the length of
the program and can avoid the need for some stealth techniques. The
Lehigh virus was an early example of a spacefiller virus.
17. FAT Virus
The file allocation table or FAT is the part of a disk used to connect information and is a vital part of the normal functioning of the computer.
This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.
18. Worms
A worm is technically not a virus, but a program very similar to
a virus; it has the ability to self-replicate, and can lead to negative
effects on your system and most importantly they are detected and
eliminated by antiviruses.
Examples of worms include: PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson.
19. Trojans or Trojan Horses
Another unsavory breed of malicious code (not a virus as well) are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they self-replicate like worms.
20. Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs.
Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, and the results can be destructive.
How to secure your system From virus:-
Antivirus software:Using an outdated antivirus or using an antivirus which are not good enough to take care of your laptop from evil viruses, you might be keeping your data security in danger. First step would be use any of the best and effective antivirus and always update your antivirus.
Firewall:
If you are using default windows firewall and think you are secure, than think again. The fact is most of Trojan and spies when binned with latest binder are efficient enough to dodge your latest and updated antivirus. Firewall comes in handy to block such program to opening any Internet connection. There are plenty of free firewall to choose among. One of them is comodo firewall. Keep an updated version of Firewall and monitor all your internet activity.
Update all your software :
Usually patches and updates for software are rolled out to add extra features and remove any previous bugs. Either keep option for automatic updates on for all the software or use a freeware like Filehippo update checker to check for software updates.
Proper shut down :
Windows/Linux and Mac has a dedicated button to shut down your Computer. Use it to shut down your system else you might end up creating lots of dump files and corrupted software.
Use your browser's privacy settings:
Being aware of how websites might use your private information is important to help prevent targeted advertising, fraud, and identity theft. If you're using Internet Explorer, you can adjust your Privacy settings or restore the default settings whenever you want. For details, see Change Internet Explorer Privacy settings.
Turn on User Account Control (UAC):
When changes are going to be made to your computer that require administrator-level permission, UAC notifies you and gives you the opportunity to approve the change. UAC can help keep viruses from making unwanted changes. To learn more about enabling UAC and adjusting the settings, see Turn User Account Control on or off.
Install tracking software :
Laptop are portable and chances of loosing them while traveling is high. Use a Laptop tracking software to track your stolen laptop. One of such software is Adeona.It’s an open source software and free to use.
Backup your files at regular Interval:
Precaution is better then cure. Same thing goes here. Make a practice to take a backup of your files using a portable hard disk or some online storage. One of such free online storage program is Skydrive which offers 25Gb of free online storage.
Use a password for login:
Most of laptop users tends to avoid using password for their laptops and this is like leaving a big security loop hole. Any intruder can take control of your system when you connect to a network. Even the system is hacked, hacker have easy access to all your data files. So use a strong password to ensure your laptop safety. Always try to use a complex password using Alphabet, numeric and special characters.
Defragmentation:
Windows system has a inbuilt feature call Defragmentation which keep all the scattered file organized. You can access Defragmentation feature under Mycomputer>Manage>Defragmentation.
Make sure you follow these few tips to ensure the security and safety of your laptop.
Avoid Shady Web Sites – If you need to look at porn, then make sure you do it in a virtual environment. You are DEFINITELY going to get a virus or spyware if you browse porn sites on your computer. Virtualization basically allows you to run programs like Internet Explorer in a virtual environment that does not effect your current operating system. If you want to find out more, search for “Virtual PC” or “VM Ware” in Google. Otherwise, simply avoid going to shady web sites
0 comments
Post a Comment