Viruses have two powerful properties which given them their unique power to infect computer systems without any support from the individual computer users.
The two properties are: Autonomy and communication.
1. Autonomy
By autonomy, we mean that they are able to stand alone or act independently without any help from uses thus, making them able to slip through disks and systems unnoticed and thereby performing their malicious activities of replicating self to other files in the system or corrupting them depending on the virus programmer's ingenuity.
Viruses are powerful and because of this unique property, they can attach themselves to system without being noticed except when detected with any Antivirus software.
2. Communication
Viruses can examine various files in the computer to see if their signatures or code are present (that is, if they have infected such file or files at all) , if their signatures are present, then depending on the way they have been programmed. They may re-infect such files (eg. Jerusalem Virus, V2100 Virus) or leave such files since they have already been infected (eg. Antiexe virus). This process is called communication of viruses. Communication of viruses does not require the help of the user else, of course, the user will abort their actions.
An important point to note is that, when viruses attach themselves to any file(s) the size of the file increases by the amount of space the virus occupies, usually, viruses attach themselves at the beginning or at the end of either the .COM or .EXE files they infect so that when such file or files are executed the virus program in such file will be executed first.
COMPUTERS PROTECTOR (ANTIVIRUS SOFTWARE)
We have two major types of virus detection software. They are the virus-specific and the virus-non-specific software.
1. virus-specific software.
This is a virus-scanning program that relies on the knowledge of know virus "pattern" knows its signature or hexadecimal code. When a new virus appears in the wild, it is analyzed and a hexadecimal code associated with it is recorded. The virus scanning program scans all executable programs including the operating system (.COM and .EXE files) and compares their content with known virus patterns. This type of software can only discover viruses that it "knows" i.e. of which it knows their signatures.
Updates are recommended for such software as new viruses appear regularly and virus-specific software can not detect any new viruses they do not know or do not have their signatures. This is the main problem of virus-specific software.
2. virus-non-specific software (checksumming)
Also known as checksumming, it relies on the calculation of a checksum of any executable file (.EXE or .COM files), this is followed by a periodic recalculation in order to verify that the checksum has not changed. If a virus attacks an executable file, this will result in a complete different checksum. The only exception is a special class of viruses known as the Companion viruses which do not change file size but exploit the DOS copy property.
However, a well implemented checksumming algorithm will report modifications such as the bogus hidden .COM files which these viruses create.
These types of software are reactive rather than pro-active, in that a virus attack will be detected after it happens.
The checksumming approach is the only known method which will detect all viruses, present and future, with absolute certainty.
However, most antivirus software uses both methods in detecting viruses. This is due to the ever increasing types of sophisticated viruses being developed by various virus programmers. Example of such antivirus software that uses both methods includes:
a. Dr Solomon's toolkit.
b. McAfee & Associate Antivirus (scandisk)
c. Central Point Antivirus (CPAV)
d. Norton Antivirus.
This are just but a few of the numerous antivirus software available, as more and more antivirus software are being produce to fight the more sophisticated viruses being released by malicious programmers.
Protecting your computer from the infection of these viruses became an individual responsibility. Therefore the elimination of these viruses can be achieved by the use of the antivirus software available, such as the ones mentioned above.
Suffice to say that , no single Antivirus software can effectively track all viruses because new viruses are being introduced regularly, hence the need for a regular update of all Antivirus software in order to meet the ever increasing virus treat and viruses being developed.
Other preventives are:
1. Keeping track of all files in your system, so that any new file(s) created by viruses could be detected.
2. Keeping track of your system speed at boot time so that any reduction in its speed at boot time or when executing a file could indicate possibly, the presence of a virus.
Defensive ways:
Some ways of defending your computer system are but not limited to the followings:
1. Backing up your programs and data.
2. Write protect your disk.
3. Monitor the usage of your system.
4. Performing warm bootstrapping when necessary.
5. Monitor your computer when running a new software program.
6. Scan any external saving device brought to your computer by other users. E.g. flash drive.
Disclaimer: All information on this site is provided for informational purposes only! By no means is any
information presented herein intended to substitute for the advice provided to you by any health care or other professional
or organization.
tweet this!