The source of this article at the bottom And Profile of the writer
A virus is
a small piece of software or computer code that is inserted by a rogue
programmer in a legitimate program, such as a spreadsheet. The code has the
ability to replicate itself, hide, watch for a specific event, and deliver a
payload. The payload can be just a prank or, more likely, destructive.
How viruses work
When a virus first
enters your computer, there are several places where it can end up.
Boot
record viruses target your computer's master boot record. The boot
record is the first part of the operating system (which controls
how everything works on your computer) that the computer loads when it is
started. The computer must read this record to find out how the disk is
organized before it can begin loading all the files needed to operate the
computer. By putting its code in the boot record, a virus can guarantee it's
executed... even before the operating system is loaded.
Program
viruses look for executable files, such as files that end in.exe.
It usually inserts itself immediately behind the program's header,
a small section of code at the start of a file that contains information about
the file. By inserting itself behind the header, the virus can ensure that when
the legitimate (but infected) program is run the virus is executed first.
Replication
Usually the first thing
a virus does is to insert copies of itself into other program files. Each of
these copies replicates itself in turn whenever its program file or host is
read by the computer.
Camouflage
Many viruses disguise
themselves in order to avoid detection by anti-virus software. There are
various ways in which a virus may do this.
It may, for example,
insert fake non-functioning bits of code inside the working sections of the
virus code. Then, each time the virus replicates, it changes the fake code.
In this way the virus
can disguise its identifying signature, the particular
sequence of commands in the code which allow it to be recognised. In other
words, once the virus has replicated the new copy will look different than the
original copy.
Here's another way a
virus can disguise itself.
The file header of any
program will contain details of the exact length of the file. Adding the virus
code to the program will increase its length and the changed length is liable
to discovery. A virus may falsify the information in the header about the
length of the file so that the program file seems to be the correct size.
Event checking
Each time a virus runs
it checks for a specific condition or triggering event. If the condition is not
present, the virus does nothing. But if the triggering event exists, the virus
delivers its payload.
The triggering event is
usually a particular date. As the virus will already have replicated itself
thousands, perhaps millions, of times, the payload will be delivered in
hundreds of computers all at the same time for a grand effect.
Some viruses,
alternatively, dump their payloads after they have replicated themselves.
Others are programmed to go off after a certain length of time has passed.
Payload delivery
The payload a virus
delivers may be, if you are extra lucky, quite harmless... nothing more than a
rather rude or crude message. More likely, however, the payload will be highly
destructive.
Viruses can erase or
scramble files, which causes you to lose data and programs. They can destroy
the information on your hard drive that tells the operating system how to find
files on the disk and thereby stop your computer from working.
The most insidious
viruses are the ones that quietly insert themselves into files and then do
things such as stealing passwords or subtly changing numbers at random in an
accounting application.
Memory-resident viruses
Some viruses can load
themselves into memory so they can keep running in the background as long as
the computer remains on. This gives viruses a much more effective way to
replicate themselves.
In addition, viruses
resident in your computer's memory can be on the look-out for attempts by
anti-virus software to find infected files and can return phoney information to
hide itself from detection.
Safe computing
Internet viruses are a
plague. But they are not as bad as they were only a few years ago as firewalls
and anti-virus software are now being used almost universally. These now block
viruses before they enter your computer with a high degree of success.
You can protect yourself
with a modicum of common sense:
1-Install anti-virus
software
2-Ensure your anti-virus
software is up to date
3-Be highly cautious
when opening emails or downloading material from the internet
Paul Kennedy is
the marketing manager of Jupiter Support (Ireland). He can be
contacted by email to paul@jupitersupport.ie. You can also go
to jupitersupport.ie where you can use chat
or Skype to talk with a technician free of charge. Alternatively you can
call 0766803006 to speak to a technician and get free advice.
Jupiter Support only charges a fixed fee of€19.99 to rid your
computer of any and all viruses on a no-fix/no-fee basis.
Article Source: http://EzineArticles.com/?expert=Paul_D_Kennedy
Article Source: http://EzineArticles.com/8161740
No comments:
Post a Comment