Computer Virus and Its Prevention Methods

Only available on StudyMode
  • Download(s): 465
  • Published: April 2, 2013
Read full document
Text Preview

LETTER OF TRANSMITTAL

Chapter one

Computer virus

COMPUTER VIRUS

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously, used to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability.

Malware includes computer viruses, computer worms, ransomware, Trojan horses, keyloggers, most rootkits, spyware, dishonest adware, malicious BHOs and other malicious software. The majority of active malware threats are usually trojans or worms rather than viruses. Malware such as trojan horses and worms is sometimes confused with viruses, which are technically different: a worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a trojan horse is a program that appears harmless but hides malicious functions. Worms and trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.

Chapter Two

Virus’s Classification

Classification

In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs. If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behaviour when they are executed. Non-resident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself.

Non-residents viruses

Non-residents viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file.

Resident viruses

Resident viruses contain a replication module that is similar to the one that is employed by non-residents viruses. This module, however, is not called by a finder module. The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation. The replication module can be called, for example, each time the operating system executes a file. In this case the virus infects every suitable program that is executed on the computer.

Chapter Three

Vectors and Hosts

VECTORS AND HOSTS

Viruses have targeted various types of transmission media or hosts. This list is not exhaustive:

• Binary executable files (such as COM files and EXE files in MS-DOS, Portable Executable files in Microsoft Windows, the Mach-O format in OSX, and ELF files in Linux)

• Volume Boot Records of floppy disks and hard disk partitions

• The master boot record (MBR) of a hard disk

• General-purpose script files (such as batch files in MS-DOS and Microsoft Windows, VBScript files, and shell script files on Unix-like platforms).

• Application-specific script files (such as Telix-scripts)

• System specific autorun script files (such as Autorun.inf file needed by Windows to automatically run software stored on USB memory storage...
tracking img