"a computer virus is a computer program, hidden within another, that can infect other computer programs by modifying

them in such a way as to include a (possibl y evolved) copy of itself These usually infect arbitrary COM and/or EXE programs,though some can infect an y program for which execution or interpretation is requested, such as SYS, OVL, OBJ, PRG, MNU and BAT files. Origins People create viruses. A person has to

write the code, test it to make sure it spreads properly and then release the vi rus. A person also designs the virus's attack phase, whether it's a silly messag e or destruction of a hard disk. So why do people do it? There are at least thre e reasons. The first is the same psychology that drives vandals and arsonists. W hy would someone want to bust the window on someone else's car, or spraypaint si gns on buildings or burn down a beautiful forest? For some people that seems to be a thrill. If that sort of person happens to know computer programming, then h e or she may funnel energy into the creation of destructive viruses. The second reason has to do with the thrill of watching things blow up. Many people have a

fascination with things like explosions and car wrecks. When you were growing up , there was probably a kid in your neighborhood who learned how to make gunpowde r and then built bigger and bigger bombs until he either got bored or did some s erious damage to himself. Creating a virus that spreads quickly is a little like that -- it creates a bomb inside a computer, and the more computers that get in fected the more "fun" the explosion. The third reason probably involves bragging rights, or the thrill of doing it. Sort of like Mount Everest. The mountain is there, so someone is compelled to climb it. If you are a certain type of program mer and you see a security hole that could be exploited, you might simply be com pelled to exploit the hole yourself before someone else beats you to it. "Sure, I could TELL someone about the

hole. But wouldn't it be better to SHOW them the hole???" That sort of logic lea ds to many viruses. Of course, most virus creators seem to miss the point that t hey cause real damage to real people with their creations. Destroying everything on a person's hard disk is real damage. Forcing the people inside a large compa ny to waste thousands of hours cleaning up after a virus is real damage. Even a silly message is real damage because a person then has to waste time getting rid of it. For this reason, the legal system is getting much harsher in punishing t he people who create viruses. History Traditional computer viruses were first widely seen in the late 1980s, and they

came about because of several factors. The first factor was the spread of person al computers (PCs). Prior to the 1980s, home computers were nearly non-existent or they were toys. Real computers were rare, and they were locked away for use b y "experts." During the 1980s, real computers started to spread to businesses an d homes because of the popularity of the IBM PC (released in 1982) and the Apple Macintosh (released in 1984). By the late 1980s, PCs were widespread in busines ses, homes and college campuses. The second factor was the use of computer bulle tin boards. People could dial up a bulletin board with a modem and download prog rams of all types. Games were extremely popular, and so were

simple word processors, spreadsheets, etc. Bulletin boards led to the precursor of the virus known as the Trojan horse. A Trojan horse is a program that sounds really cool when you read about it. So you download it. When you run the program , however, it does something uncool like erasing your disk. So you think you are getting a neat game but it wipes out your system. Trojan horses only hit a smal l number of people because they are discovered quickly. Either the bulletin boar d owner would erase the file from the system or people would send out messages t o warn one another. The third factor that led to the creation of viruses was the floppy disk. In the 1980s, programs were small, and you could fit the operating system, a word processor (plus several other programs) and some documents onto a floppy disk or two.

Many computers did not have hard disks, so you would turn on your machine and it would load the operating system and everything else off of the floppy disk. Vir uses took advantage of these three facts to create the first self-replicating pr ograms. Symptoms of a computer virus: The computer runs slower than usual. The computer crashes, and then it restarts ev ery few minutes. Applications on the computer do not work correctly. Disks or disk drives are inaccessible. You see unusual error messages. An antivirus program can not be installed on the computer, or the antivirus program will not run. New icon s appear on the desktop that you did not put Increases the use of disk space and

growth in file size as virus gets attached itslef to many files. Frequently hangs of the system. Shows abnormal write protect error. Displays a change in data agai nst the filename in the directory, when a virus modifies the file. Reformats the hard disk. Erase files Scramble data on a hard disk Cause erratic screen behavior Halt the P denial-of-service attack (A denialof-service attack is an attack that causes a l oss of service to users, typically the loss of network connectivity and services by consuming the bandwidth of the

 and basically any other nasty thing you can think of. victim network or overloading the computational resources of the victim system.) Difference Between a Virus, Worm and Trojan Horse Virus cannot replicate themselves but worm and trojan can do that. A virus cannot be spread without a human action such as running an infected file or program but worm and trojan have the capabilities to spread themselves automatically from c omputer to computer through network connetion. A virus do not consume system memo ry but worm consumes too much system memory and network bandwidth because

of their copying nature. Trojans are used by malicious users to access your compu ter information but viruses and worms cant do so, they simply infect your compute r. Trojan Horse A Trojan virus is one that opens your computer up to malicious users allowing th em to read your files.

Worm Itisaselfreplicatingprogram, similartoacomputervirus.Avirus attachesitse ,anotherexecutableprogram; however,awormisselfcontained anddoesnotneedtobep agateitself.

A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Using a network, a worm can expand from a single copy incredibly quick ly. For example, the Code Red worm replicated itself over 250,000 times in appro ximately nine hours on July 19, 2001. A worm usually exploits some sort of secur ity hole in a piece of software or the operating system. For example, the Slamme r worm (which caused mayhem in January 2003) exploited a hole in Microsoft s SQL server. How Does a Computer Get a Virus? On downloading files from the

Internet. On opening an e-mail attachment. On copying programs or files from any o ther infected computer. Here are some statistics we found on the web: Over 85% of all the known viruses are for Microsoft platforms (nearly all the sel f-propagating worms are as well) Slightly less than 52,000 are viruses for DOS/Wi ndows/NT platforms - about 6000 of these are Word macro viruses - about 150-200 of these are known to be widespread "in the wild" - in 1999, approximately 650 n ew viruses were reported each month (more than 20 a day) About 5 are for Linux/Unix/etc, but none have been found in quantity "in the wild", nor would they be likely to spread very far

if they were "loose" None are for BeOS, ErOS, or other smallpopulation systems. Question: can we reduce the risk of getting a virus infection by not using Micros oft products? Fred Cohens example virus: program virus := { 1234567; subroutine infect-executable := { loop:file = get-ra ndom-executable-file; if first-line-of-file = 1234567 then goto loop; prepend vi rus to file; } subroutine do-damage := { whatever damage is to be done } subrout ine trigger-pulled := { return true if some condition holds } main-program := { infect-executable; if trigger-pulled then do-damage; goto next;} next: }

Different phases of a Virus Most viruses have two phases to their existence, the infection phase and the att ack phase. All viruses have an infection phase, but not all have an attack phase . During the infection phase, the virus spreads itself. If a virus infects too f ast, it is usually easy for anti-virus programs to spot. Therefore many try to b e subtle about it. Viruses can be spread by innocent people that are just doing their daily routine. Infected files can be spread in the following ways: by

diskettes, networks, bulletin boards, or e-mail attachments. Infected files can be stored on servers, floppy disks, hard drives, and CDs. Infected files can eve n be found on new hardware or software. Example: File Virus Infection Phase "You r friend gives you a game on a disk. The game has an infected file that you don t know about. Each time you play the game, the virus copies itself into another program without you knowing. Now, whenever either of the programs are executed, the virus is copied. This continues as the virus infects the rest of the compute r. If any of the files are transferred to a floppy disk or e-mail attachment, an d they are put on another computer, the process starts again"

 On viruses that do have an attack phase, the attack phase is set off by a trigge r, such as a time or date. The attack phase is when the virus causes damage or o ther unwanted system behavior. In order to make sure it has spread, viruses ofte n delay the attack phase, sometimes for years. The attack phase has a wide range of severity. Although all viruses take up space and use system resources, some do little more damage. Some viruses display messages but then others can crash y our hard drive completely. They can even corrupt your backup files if you re not careful. CONCLUSION In just over a decade, most of us have been familiar with the term computer

virus. Even those of us who don t know how to use a computer have heard about vi ruses through Hollywood films such as Independence Day or Hackers (though Hollyw ood s depiction of viruses is usually highly inaccurate). International magazine s and newspapers regularly have virusscares as leading stories. There is no doub t that our culture is fascinated by the potential danger of these viruses. Many people believe the worst a virus can do is format your hard disk. In fact, this type of payload is now harmless for those of us who back up our important data. Much more destructive viruses are those which subtly corrupt data . But dont lay the blame for viruses on the technology or the machines that execute s that technology. The

fundamental truth about computer viruses is that they are a people problem. Peop le create viruses for various reasons. People disseminate virus infections eithe r deliberately or as a result of the very human traits of innocence, ignorance, or carelessness. And the people who are the potential victims of this phenomenon can acquire the knowledge to turn a real threat into a reasonably calculated ri sk that they can handle. TYPES OF VIRUSES Boot sector Viruses - infect the boot sector of the boot disk of a computer oper ating system. Non-resident Viruses - infect application files and are run when t he

application runs. Typically the virus is prepended to the application source cod e for an interpreted application. Resident Viruses - install themselves into mem ory when they run. Having done this they hand over control to the host applicati on. Fast infecter Viruses - are programmed to spread as rapidly as possible to r educe the risk of the virus being wiped out once introduced into the wild. Slow infecter Viruses - are designed to find other targets to infect infrequently. By spreading slowly this kind of virus is less likely to be detected. Companion Vi ruses - do not modify the infection target directly but are stored in a

separate file. Macro Viruses - use the macro programming languages which are emb edded within popular applications e.g. Word and Excel. Cross Site Scripting (XSS ) Viruses - exploit a combination of vulnerabilities present in both web server applications and web browsers. Stealth Viruses - viruses which trap interrupts t o open a file and cause any application that reads the file containing them to s ee only the uninfected file. Polymorphic and metamorphic Viruses - viruses which modify their code every time they infect another target so they can only be det ected using heuristic measures rather than static code signatures.

Disabling anti-virus software. If a virus detects the presence of a known anti-v irus program on a system it infects, it will modify the anti-virus software to d isable components of this. A computer virus can cause devistation and chaos amon g the computer industry if dangerous enough. For this reason, the majority of th e world has made it punishable under the law to create computer viruses for the intent to cause disruption. Viruses have been around since binary was first inve nted, and will remain a threat to unmaintained and ill formed software programs. Only through proper measures can an individual become educated of possible dama ges of viruses, and procedures at which to prevent

them. Viruses are commiting no illegal action with regards to the computers inte rworkings, but only through the eyes of the user, are viruses effective. WHY COM PUTER VIRUS IS CALLED VIRUS :P ?? Etymology The word virus is derived from and u sed in the same sense as the biological equivalent. The term "virus" is often us ed in common parlance to describe all kinds of malware (malicious software), inc luding those that are more properly classified as worms or Trojans. Most popular antivirus software packages defend against all of these types of attack. In som e

technical communities, the term "virus" is also extended to include the authors of malware, in an insulting sense. The English plural of "virus" is "viruses". S ome people use "virii" or "viri" as a plural, but this is rare. For a discussion about whether "viri" and "virii" are correct alternatives of "viruses", see plu ral of virus. The term "virus" was first used in an academic publication by Fred Cohen in his 1984 paper Experiments with Computer Viruses, where he credits Len Adleman with coining it. However, a 1972 science fiction novel by David Gerrold , When H.A.R.L.I.E. Was One, includes a description of a fictional computer

program called "VIRUS" that worked just like a virus (and was countered by a pro gram called "VACCINE"). The term "computer virus" with current usage also appear s in the comic book Uncanny X-Men #158, written by Chris Claremont and published in 1982. Therefore, although Cohen s use of "virus" may, perhaps, have been the first "academic" use, the term had been used earlier. Computer viruses are called viruses because they share some of the traits of bio logical viruses. A computer virus passes from computer to computer like a biolog ical virus passes from person to person. There are similarities at a deeper leve l, as well. A biological virus is not a living thing. A virus is a fragment of D NA inside a protective jacket. Unlike a cell, a virus has no way to do

anything or to reproduce by itself -- it is not alive. Instead, a biological vir us must inject its DNA into a cell. The viral DNA then uses the cell s existing machinery to reproduce itself. In some cases, the cell fills with new viral part icles until it bursts, releasing the virus. In other cases, the new virus partic les bud off the cell one at a time, and the cell remains alive. A computer virus shares some of these traits. A computer virus must piggyback on top of some oth er program or document in order to get executed. Once it is running, it is then able to infect other programs or documents. Obviously, the analogy between compu ter and biological viruses stretches things a bit, but there are enough similari ties that the name sticks.