Its
name comes from an analogy with biological viruses because it has
similarities in the way it is spread using the reproductive capability
of the host cell. It assigns the term "computer virus" in computer and
molecular biologist Leonard Adleman (Fred Cohen, Experiments with
Computer Viruses, 1984). Computer viruses are not to be confused with
computer worms, which are programs that can spread and replicate on
their own without contaminating the host program. In a broad sense, is
often used and misused the word virus to designate any form of malware.
Read and share our guide review on top-best antivirus software for your complete online protection on https://onlinevirusprotection.blogspot.com.ng/2016/03/top-three-best-computer-antivirus.html
The
total number of malicious programs known to be about 95 000 according
to Sophos (all types of malware combined). However, the actual number of
viruses in circulation would not exceed a few thousand depending on the
WildList Organization, every antivirus vendor with an interest in
"inflating" the number of viruses it detects. The vast majority affects
the Windows platform. Although they are extremely few, there are also
virus-like systems Unix / Linux, but no outbreaks similar to that of the
Windows virus has been detected in 2010. The rest is mainly aimed at
operating systems that are distributed over the past few years, as the
27 viruses - none being dangerous - imposed Mac OS 9 and its
predecessors (recorded by John Norstad, author of the antivirus
Disinfectant ). Systems are least affected FreeBSD that focuses its
development on security, as well as Netware and OS / 2 too few to
provide a developer known viruses. Viruses are often subject to false
alarms that the rumor spread, bulky freight.
Some of them, playing
on the ignorance of computer users, they sometimes destroy parts of the
operating system completely healthy. The first autonomous software had
no purpose they have today. The very first software of this type were
mere entertainment, a game between three data of Bell, Core War, created
in 1970 in the laboratories of the company. For this game, each player
writes a program, then loaded into RAM. The operating system, which has
just been multitasking, in turn executes an instruction for each
software. The goal of the game is to destroy the opposing programs while
ensuring its own proliferation. The players do not obviously opposing
the location of the program. The software is capable of copying itself,
repair itself, to move themselves into different areas of memory and
"attacking" the software by writing random opponent in other memory
areas. The game ends after a set time or when a player sees all its
programs inactive or destroyed. The winner is the one that has the
largest number of active copies. This is exactly the principles of
programming viruses.
In 1984, the magazine Scientific American
presented a computer game design consisting of small programs that come
into s'autoreproduisant fight and trying to inflict damage on opponents,
thus setting the stage for future viruses. In 1986, the ARPANET was
infected by Brain, virus renaming all boot disks system (C) Brain. The
creators of this virus gave them their name, address and phone number
because it was an advertisement for them.
The virus is a classic
piece of program, often written in assembler, which fits into a normal
program, most often at the end but also at the beginning or the middle.
Each time the user runs the program "infected", it activates the virus
the opportunity to get integrated into other executable programs.
Moreover, when it contains a payload, it may, after a certain time
(which can be very long) or a special event, perform a predetermined
action. This action can range from a simple message harmless to the
deterioration of some functions of the operating system or damage to
files or even complete destruction of all data on the computer. One
speaks in this case "logic bomb".A boot virus installs a boot sector of a
boot device: hard drive (the main boot sector, the "master boot record,
or that of a partition), floppy or whatever. It replaces a boot loader
(or boot program or "bootloader") entered (by copying the original
elsewhere) or created (on a disc or there was none) but does not modify a
program like a normal virus, when it replaces an existing startup
program, it acts like a virus "prepend" (which is inserted at the
beginning), but the fact of infecting a virgin device of any software
startup differs from classical virus, which never attacks to "nothing."
Macro
viruses that attack software macros in Microsoft Office (Word, Excel,
etc..) Through VBA Microsoft. For example, adhering to the normal.dot
template in Word, a virus can be activated every time the user runs the
program. Viruses, worms, appeared around 2003, having experienced a
rapid development in the years that followed, are classic viruses
because they have a host program. But similar to the worms (in English
"worm") because:
Their mode of propagation is linked to the network, like worms, usually via the exploitation of security vulnerabilities.
Like worms, their action is discreet and non-destructive to users of the infected machine.
Like
worms, they continue to set broad goals, such as distributed denial of
resources attack or DoS (Denial of Service) to a server with thousands
of infected machines connecting simultaneously. [ref. necessary] The
batch-type virus, which emerged in the days when MS-DOS operating system
was in vogue, viruses are "primitive." Although able to reproduce and
infect other batch files, they are slow and have very low infectivity.
Some programmers have been up to create encrypted and polymorphic
viruses Batch. This is a real technical feat Batch as the language is
simple and primitive.
Other threats exist in IT, it often
distinguished by the absence of reproductive system that characterizes
the viruses and worms, the term "malicious software (" malware "in
English) is more appropriate in this case. The term computer virus was
created by analogy with the virus in biology: a computer virus uses its
host (the computer it infects) to reproduce and spread to other
computers. Like biological viruses, where the genetic diversity slows
growth chances of a virus, computer systems and what are the most
popular software that are most affected by viruses: Microsoft Windows,
Microsoft Office, Microsoft Outlook, Microsoft Internet Explorer,
Microsoft Internet Information Server... Professional versions of
Windows (NT/2000/XP Pro) to manage rights in a professional manner are
not immunized against these stealthy invaders.
The commoditization
of Internet access was a major factor in the rapid widespread
dissemination of the latest viruses. This is mainly due to the ability
of viruses to appropriate email addresses found on the infected machine
(in the address book but also in the messages or archives visited web
pages or messages to newsgroups ). Similarly, the interconnection of
computers in local networks has amplified the ability to spread viruses
that find this way more potential targets. However, systems with limited
distribution are not affected proportionately. The majority of these
systems, as variants of the architecture UNIX (BSD, Mac OS X or Linux),
using standard management rights of each user allowing them to avoid the
simplest attacks, the damage is so normally confined to areas
accessible only to users, saving the base operating system. Legal
viruses.
When discovered, the virus is assigned a name. This
theory is consistent with the agreement signed in 1991 by members of
Computer
Best Antivirus Research Organization. This name is determined as follows:
- Prefix, mode of infection (macro viruses, trojan horses, worms...) or the operating system concerned;
-
A word expressing its special or flaw that exploits (Swen is an anagram
of News, an anagram of Admin Nimda, Sasser exploits a vulnerability
LSASS );
- In a version number suffix (the viruses are often taken
the form of variants with similarities to the original version).
Unfortunately, the analytical laboratories of various antiviral
publishers sometimes affect their own name to the virus they are working
on, which makes it difficult to find information. Thus, for example,
the Netsky virus in Alternative Q is called W32.Netsky.Q @ mm Symantec,
Trend Micro WORM_NETSKY.Q, W32/Netsky.Q.worm at Panda and I-Worm.NetSky.
r at Kaspersky. It is possible to search for a generic name given
through specialized search engines, such as Virus Bulletin or Kevin
Spicer. Virus on Linux. The Linux operating system, as well as the Unix
operating systems and related, is usually fairly well protected against
computer viruses. However, some viruses can potentially damage Linux
systems are not secure.
Like other Unix systems, Linux implements a
multi-user environment, in which users have rights corresponding to
their specific needs. There is thus a system of access control to
prevent a user to read or edit a file. Thus, viruses typically have less
capacity to affect and infect a system running Linux or DOS on Windows
files always having FAT32 (NTFS files have the same protection as files
UNIX, Windows NT database also isolate the accounts between them).
Therefore, no viruses written for Linux, including those listed below,
could spread successfully. In addition, security vulnerabilities that
are exploited by viruses are corrected in a few days for updates of the
Linux kernel. Virus scanners are available for Linux systems to monitor
the activity of active viruses on Windows. They are mainly used on proxy
servers or mail servers that have Microsoft Windows client systems The
antivirus software designed to identify, neutralize and eliminate
malware (including viruses are just one example) that are based on the
exploitation of security vulnerabilities. Antivirus checks the files and
emails. Different methods are possible:
- The major antivirus market are focusing on signature files and then compare the signature of the virus to viral code to check.
-The
heuristic method is the most powerful, seeking to discover malicious
code by its behavior. She tries to detect it by analyzing the code of an
unknown program. Sometimes false alarms may be caused.
- The
shape analysis is based on filtering rules between regexp or other, put
in a junk file. The latter method can be very effective for mail servers
supporting postfix regexp type since it does not rely on a signature
file. Antivirus programs can scan the contents of a hard drive, but also
the computer memory. For the more modern they act upstream of the
machine by scanning the file exchanges with the outside world, both in
amount that flows downhill. Thus, emails are reviewed, but the files
copied to or from removable media such as CDs, floppy disks, network
connections, USB keys... Virus creators have previously identified and
recorded information about the virus, like a dictionary, the antivirus
can detect and locate the presence of a virus. When this occurs, the
virus has three options, it may:
1. try to repair the corrupted files by removing viruses;
2. put the files in quarantine so they can be accessible to other files or spread and they can eventually be repaired later;
3.
delete infected files. To maximize the yield of virus, it is essential
to make frequent updates by downloading newer versions. Internet and
conscientious with good computer skills can identify themselves from
viruses and send their information to software developers so that their
antivirus database is updated. Typically, antivirus review each file
when it is created, opened, closed, or read. In this way, viruses can be
identified immediately. It is possible to program the system of
administration which conducts a regular review of all files on the
storage space (hard disk, etc.). Although antivirus software are very
reliable and regularly updated, virus writers are just as often be
inventive. In particular, the virus "oligomorphiques", "polymorphic" and
more recently "metamorphic" are harder to detect. Whitelist. The "white
list" is a technique increasingly used to fight against malware.
Read and share our guide review on top-best antivirus software for your complete online protection on https://onlinevirusprotection.blogspot.com.ng/2016/03/top-three-best-computer-antivirus.html
Instead
of seeking software known as malware, it prevents execution of any
program except those that are considered reliable by the system
administrator. By adopting this method of blocking by default, it avoids
the problems inherent in the updating of virus signature file. In
addition, it helps prevent the execution of unwanted programs. Given
that modern enterprises have many applications are considered reliable,
the efficiency of this technique depends on the ability of the
administrator to establish and update the whitelist. This task can be
facilitated by the use of tools for process automation and inventory
maintenance. Another approach to localize the virus is to detect
suspicious behavior programs. For example, if a program tries to write
data to a program run, the antivirus will detect this suspicious
behavior and notify the user that will indicate the steps to follow.
Unlike
the previous approach, the method used to identify suspicious behavior
very recent viruses that are not yet known in the dictionary of the
virus. However, the fact that users are constantly warned of false
alarms can make them insensitive to the real threats. If users answer
"Agree" to all of these alerts, antivirus offered them no protection.
This problem has worsened since 1997, since many programs have changed
some harmless executable files without observing these false alarms.
Therefore, most modern antivirus software use less this method. The
heuristic analysis is used by some viruses. For example, the antivirus
can scan the beginning of each code of all new applications before
transferring control to the user. If the program seems to be a virus,
then the user is notified. However, this method can also lead to false
alarms. The heuristic method can detect virus variants, and
automatically communicating the results of the analysis to the editor,
it can verify the accuracy and updating its database of virus
definitions.
The method of the sandbox (sandbox in English) is to
emulate the operating system and run the file during the simulation.
Once the program is terminated, software analyzes the results of the
sandbox to detect changes that may contain viruses. Because of
performance problems, such detection usually takes place during the
scanning on demand. This method may fail as viruses can be
nondeterministic and result in different actions or perhaps even no
action when executed. It is impossible to detect from a single
execution. Many companies claim the title of creator of the first
antivirus software. The first public announcement of a neutralization of
a virus for PC was made by European Bernt Fix (or Bernd) in early 1987,
the Vienna virus. Following this virus, several other viruses have
surfaced such as ping pong, Lehigh and Survive-3, also known as
Jerusalem.
Since 1988, several companies with the objective of
further research in the field of antivirus software came together. The
first breakthroughs in anti-virus occurred in March 1988 with the
release of Den Zuk, created by Indonesian Denny Yanuar Ramdhani. Den Zuk
virus could neutralize the Brain. In April 1988, the Virus-L forum has
been created on Usenet, and mid-1988 saw the design of a search engine
can detect viruses and Trojans that were known to the public. In autumn
1988 appeared antivirus software Dr. Solomon's Anti-Virus Toolkit
designed by Briton Alan Solomon. At the end of December 1990, the market
has come to the point of offering the consumer products related to 19
different anti-virus, among them, Norton Antivirus and McAfee VirusScan.
Peter Tippett was extensively involved in the emerging field of
detection of computer viruses. It was an emergency occupation and also
had his software company. He read an article about the Lehigh virus,
which was the first to be developed, but it's actually on Lehigh himself
that Tippett was the most knowledgeable.
He asked if there were
similar characteristics between these viruses and those that attack
humans. From a standpoint epidemic, he was able to determine how these
viruses affect the same processor computer (the boot sector was affected
by the Brain virus, the. Com with the Lehigh virus, while the Jerusalem
virus attacked both files. com and. exe). Tippett's company, Certus
International Corp.. was therefore involved in the creation of antivirus
software. He sold the company to Symantec Corp. in 1992. Tippett and
joined them by implementing the software developed on behalf of
Symantec, Norton AntiVirus.
computer,virus,computer virus,operating system,antivirus software,computer viruses,false alarms
Posts
