Google ad

Sunday, March 27, 2011

Computer Virus

A computer virus is written by an 'unknown programmer', carried and spread by innumerable innocent users of Personal Computers without their knowledge.

In this internet age the PCs all over the world are invariably connected/compatible to each other. i.e. Data and programs created in one corner of the world in a PC can be read, rewritten or copied without any difficulty on another PC in a different part of the world. This 'fact' is enough for the 'Computer virus,' being another program, to spread from one PC to another and from one network to another, in quick succession in geometric proportion. Hence it is difficult to locate the origin of a computer virus since the sources are many and complex.

Thus 'Computer Virus' is an 'unwanted guest' in an otherwise normal 'computer environment'. Some 'computer viruses' are 'playful' in nature and some are 'destructive' in nature.

The main characteristics of a 'COMPUTER VIRUS are:

a. Replicate

b. Spread.

Generally computer systems are prone to 'malicious damage' when not properly protected. Some times some programmers with 'perverse' ingenuity want to show to this world that they are capable of doing 'something' extraordinary. Such programmers called 'hackers' write and spread the 'computer virus' to show their expertise.

Some people write 'playful' 'computer viruses' to prove to the world that they are 'capable of doing something different' than a normal programmer.

CLASSIFICATION OF VIRUSES

Depending on their behaviour of attack the computer viruses are classified into certain broad categories.

They are:

a. Boot sector and partition table viruses.

b. File viruses.

c. Network viruses

BOOT SECTOR AND PARTITION TABLE VIRUSES

A computer starts its functions, when powered on, through a certain system routine called 'Booting' or in other words through 'Boot programs'. These 'boot programs' are part of the 'Operating system' of the computer. These 'boot programs' are stored in a place called 'boot sector' either on the 'floppy disk' or in the 'hard disk'. In the Hard disk there is a 'Master boot sector' called 'partition table' which is used for starting up the computer. The computer starts either through Hard disk or floppy disk. Without these boot programs a computer system will not start up.

Some viruses attack and alter these boot programs or replace the original boot program with their codes. These types are called 'Boot Sector viruses'. Such viruses affecting hard disk boot area are called 'partition table' viruses. These viruses can cause immense damage to the system since they start up with the computer at the time of 'booting' and remain in 'Memory' (RAM) through out the operations and spread to other systems through floppies.

FILE VIRUS

A program in a computer is identified by a specific primary name and an extension name. Eg. Scan.Exe, Command.Com, etc. In this example 'Scan' and 'Command' are primary names and 'exe' & 'com' are called the extensions to the file names. The programs which are executed in computers have extensions such as 'Exe', 'Com', and others. The file viruses look for such extensions and affect these ‘executable files’. Hence some times these viruses are called 'EXE viruses' or 'Com viruses'. Programs affected by these viruses execute according to the 'virus code' and lose their original characteristics. One cannot imagine the outcome as to how these virus affected programs will behave.

The latest addition to these file viruses are MACRO viruses. These viruses affect document files created in Windows Operating system environment. They travel from one document to another and ultimately damage the contents of the original file as well as affected files. The viruses are harmful to GUI (Graphic User Interface) environments.

NETWORK VIRUS

The first two types of viruses mostly affect ‘stand alone ‘ computers or PCs which are not connected to each other. But the computer world is fast progressing towards inter connection of computers through ‘Networks’ and ‘Communication protocols’ and ‘Networking software’. The ‘network virus’ spreads through these software and ‘communication hardware resources’ ( such as modems and telephone lines) from one computer to another connected computer. These types of computer viruses are also called ‘worms’. With the proliferation of “INTERNET” access across the Globe the spread of Computer Virus through various networked computers are imminent if PCs are not properly protected.

HOW DOES A COMPUTER VIRUS GET INTO COMPUTER SYSTEMS?

In stand alone computers the 'computer virus' spreads through 'free exchange' of floppies. If one such floppy is affected by a virus then the virus spreads to others, as the virus programs are written that way. 'Copying' files and data from the affected floppy to another will cause virus spreading.

Another method of spreading is through copying of virus code from a 'guest floppy' to the hard disk and from the hard disk to other floppies used in the system.

These relate to 'stand alone' systems.

In 'networked PCs' the virus enters the system through the communication lines without the knowledge of the user. In this case even without the usage of floppies the virus gets into the computer system.


WHAT ARE THE HARMS CAUSED BY THE COMPUTER VIRUS

The general types of damages/harms that may be caused to the computer systems by the 'computer virus' are :

a) Computer virus corrupts and overwrites the boot sector with its own special code due to which the 'run time operations ' of the computer are affected. The affected system may not boot or boot with wrong sequences.

In the floppies/hard disk it affects the FAT (File Allocation Table) containing the links of various files. Damaged file linkage leads to damaged data files.

b) It Formats or overwrites all or part of the disk /diskette. Formatting means cleaning the hard disk/floppy diskette through magnetic means. Complete and global erasure of all information/data takes place at the time of formatting.

c) It corrupts programs and the overlay files (the sub files called by the original program) which will result in non-execution of the program or the program behaving differently.

d) The computer virus installs itself in the Main Memory of the computer as a TSR (Terminate and Stay Resident ) program and some times uses Self-Encryption techniques to replicate itself many times.

e) This replication will result in huge occupation of hard disk space, preventing space for the user's data and programs apart from destroying the existing data files.

f) In some cases the viruses use 'absolute' write methods, by which they randomly write on to the hard disk areas, damaging some parts of many files.

g) Some of the viruses are 'logic bombs' and 'time bombs'. Some of them using stealth techniques are called 'Trojan horses'. They enter the systems by attaching themselves to innocent looking programs and once inside the system activate. They attack the hard disk data at an appointed time given in the virus code.

h) Some of the viruses look forward to certain conditions to be met. Meeting such a condition they act and destroy the data. Eg: April 1st COM virus, Friday the 13th virus, 5th January Joshi virus, Melissa the April 26th etc are examples of these. These viruses stay dormant till the appointed time and then flare up.

i) Apart from the above, some viruses are known to possess immense destructive qualities such as burning a monitor/video screen, rotating the hard disk at a great speed to cause the heads to crash etc.,

In short Computer Viruses harm /damage the Hardware, Software, Data and communication links and virtually bring the processing environment to a grinding halt.

WORM &TROJAN HORSE

The chief difference between a worm and a virus is that worm spreads to others systems. A worm can spread itself upon activation. By simply double-clicking a file, the worm can be activated, and deliver its payload (if any), then spread by taking advantage of system settings, macros, and applications that reside on systems in network.

In short, a virus is generally designed to spread throughout an entire system, a worm is designed to propagate itself to all systems on a network

A Trojan horse, or Trojan is nothing more than an application that purports to do one thing, but in-fact does another.

Trojans are named after the mythic Trojan horse in Homer’s Iliad. In the legend, the Greeks created a wooden horse, then gave it to the citizens ofTroy as a peace offering. Greeks were holding siege of Troy for more than 10 years. However, before the horse was presented, Greek soldiers hid inside it. The horse was brought inside the city gates, and when the city was asleep, the Greek soldiers emerged and were able to conquer Troy.

Similarly, a Trojan looks like a benign or useful program, but contains a payload. For example a Trojan can:

o Launch an application that defeats standard authentication procedures

o Delete Files

o Format the hard drive

VIRUS THROUGH E-MAIL

Virus is not spread just by reading a plain-text E-mail message. It actually spreads through encoded messages containing embedded executable code (i.e., JavaScript in an HTML message) or messages that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, our computer has to execute some type of code. This could be a program attached to an E-mail, a Word document we downloaded from the Internet, or something received on a floppy disk. We have to ascertain whether it is a normal, routine messages form known users or not.

We can avoid email virus through the following measures:

a) Macro Virus Protection

Microsoft applications have a feature called Macro Virus Protectionbuilt into them to prevent this sort of thing. With Macro Virus Protection turned on (the default option is ON), the auto-execute feature is disabled. So when a document tries to auto-execute viral code, a dialog pops up warning the user. Unfortunately, many people don't know what macros or macro viruses are, and when they see the dialog they ignore it, so the virus runs anyway. Many other people turn off the protection mechanism. So the Melissa virus spread despite the safeguards in place to prevent it.

We should make sure that Macro Virus Protection is enabled in all Microsoft applications, and we should NEVER run macros in a document unless we know what they do. There is seldom a good reason to add macros to a document, so avoiding all macros is a great policy.


b) We should never double-click on an attachment that contains an executable that arrives as an e-mail attachment. Attachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage (noting the macro virus problem in Word and Excel documents mentioned above). A file with an extension like EXE, COM or VBS is an executable, and an executable can do any sort of damage it wants. Once we run it, we have given it permission to do anything on the machine. The only defense is to never run executables that arrive via e-mail.

HOW TO PREVENT COMPUTER VIRUS?

a. The axiom 'Prevention is better than cure ' is not only applicable to human systems but also to computer systems. Computer virus can be prevented in more than one way.

b. Usage of unauthorised floppies should be strictly avoided. The popular media for computer virus is 'computer games'.

c. Install anti-virus software from a well-known, reputable company, UPDATE it regularly, and USE it regularly. Scan for viruses on a regular basis. Install an 'on access' scanner and configure it to start automatically each time the system is booted. This will protect the system by checking for viruses each time the computer accesses an executable file. Invoke Virus scan on new programs or other files that may contain executable code before you run or open them, no matter where they come from. There have been cases of commercially distributed floppy disks and CD-ROMs spreading virus infections.

d. Anti-virus programs aren't very good at detecting Trojan horse programs, so be extremely careful about opening binary files and Word/Excel documents from unknown or 'dubious' sources

e. If the E-mail software in the PC has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, It is strongly recommend to disable this feature.

f. Use only legal copies of the software since software is 'intellectual property' protected from copy rights.

g. Segregate the BOOT floppy, DOS floppies, floppies containing EXE , COM and other executable program files from the floppies containing data files. Please attach the 'write protect' to these floppies . The data floppies have to be kept separately . Archived data need be write protected.

h. Sufficient backup copies of data files and program files have to be taken to use them in case the originals are lost or corrupted by viruses.

i. If we know that a system is affected by a computer virus then further usage of floppies on the system is to be avoided.

j. There are certain 'watchdog' type of programs available which 'echo' and alert the users whenever they encounter a virus . Use them for better computing environment.

k. The File server and the nodes have to be properly protected through correct versions of Anti Virus programs. Latest updates to be obtained from the vendor or from the respective websites and virus protection to be given to the networks.

l. Periodically update the virus signatures. We can get free anti virus updates from the websites of popular anti virus software companies.

m. Only authorized virus scanning program should be used.

VIRUS PROTECTION IN NETWORK ENVIRONMENT

If you are a user of PCs with email connection as well LAN connection, take the following precautions –

Ø BE ALERT while opening attachments!

Ø DISCONNECT LAN connection, when you browse Internet. Like wise when downloading a picture/content from Internet, it should be saved into a folder and scanned before put to further use.

Ø Do not open attachments unless they are expected to come from KNOWN USERS.

Ø Always SAVE Mail attachments in a location and scan them for viruses before opening.

Ø IDENTIFY spurious mails on its appearance.

Ø Ensure that the anti virus software sentry or real time monitor is ENABLED.

Ø Worms such as brazil/klez does not require attachment and just by opening the message, it spreads across the network and target the open share folders.

Ø Always keep the shared folders/printers WITH PASSWORD .

Ø Maintain Password SECRECY among Users when working under shared folders/ printers.

Ø Never share the ENTIRE C: drive resulting in opening the entire operating system files.

Ø Always scan the EXTERNAL FLOPPIES/CDS before putting them in to use.

Ø Regularly BACK-UP valuable data.

IDENTIFYING COMPUTER VIRUS AND ELIMINATING THEM

The computer virus can be identified by its occupation of the Main memory (reduced size of the memory) and by what is called its 'signature'(unique pattern of coding relevant to the virus). There are utilities available to scan the memory size.

There are certain 'computer virus vaccines' available which find out the virus and eliminate them. Some times it will not be possible to retrieve the system area and damaged files. In such situations the computer's hard disk is formatted or initialised to clean the system.

As and when computer viruses are spotted, researchers analyse them and find out suitable vaccines for them. But before they are detected and cured they cause as much damage as possible. The stronger the 'virus' the more it circulates. When one type of virus gets eliminated a new type crops up. Valuable man-days will be lost if viruses are allowed to continue in our systems. Hence users must take sufficient precautions to keep their computer environment 'free of computer viruses'.

MOUSE OPERATIONS



A computer mouse is the input device that controls the cursor on the monitor.

Different types of Mouse are available in the market.. The main types are Mechanical Mouse and Optical Mouse.

· Mechanical mouse consists of a hard rubber ball that rolls as the mouse is moved. Sensors inside the mouse body detect the movement and translate it into information that the computer interprets.


· Optical mouse uses an LED sensor to detect tabletop movement and then sends off that information to the computer.



The mouse is used for selecting part or full text or object, and also for dragging and dropping the selected text or object.

How to handle the mouse?

When we slide the mouse left across the mouse pad the mouse pointer on the screen moves left on the screen. When we slide it right the pointer moves right. When the mouse is moved forward or backward, it causes the pointer to move up and down.

The following actions are performed with the mouse :

Clicking:Keeping the mouse pointer at any position, if we click the mouse button the cursor will move to that position.

Selecting:

To select a text for copying or deleting, keeping the mouse pointer at the beginning of the text, click the mouse button(left button) and without releasing the finger move the mouse till the end of the text and then release the finger. The text thus selected is highlighted and can be copied or deleted.

Dragging:

After selecting the text as above, bring the mouse pointer at the selected text, press the left mouse button with the finger and without releasing the finger drag the selected text to any desired position.

Right clicking:

By pressing and releasing the right mouse button, the short cut menu is activated.

HOW DATA IS STORED IN COMPUTERS?

We should have an idea about the various number systems to understand about how the data is stored in computers.

Numbering System :

The four numbering systems in vogue are:

Numbering System Name Contains Base

Decimal Numbering system 0 to 9 10

Binary Numbering system 0 and 1 2

Octal Numbering system 0 to 7 8

Hexa Decimal Numbering system 0 to 9,A to F 16

The decimal numbering system based on the number 10 is what we are using in our daily life. The binary numbering system contains two elements i.e 0 and 1. In other words a binary number should contain only 0 and 1.

Example: The decimal number 9 is represented as binary number 1001.

To convert the decimal number into binary number , the number should be divided by 2 and the quotient should be further divided by 2until the reminder is equal to 0 or 1.

e.g 2|9

2| 4 -1

2| 2-0

1-0 ie. 1001

The binary number system is ideal for storing the data because of the two state nature of electronic pulses. These pulses represent either circuits are conducting or non conducting; a pulse or voltage is present or not. The binary number system which has only two digits, zero(0) and one(1) is very convenient to express two possible states. The computer arithmetic using binary system is versatile, since by adding two BITS(Binary Digits) the result will also be made up of 1s and 0s. Thus the result is once again represented in a bit pattern of different combinations of pulses and no pulses.

The computer performs all its functions such as subtraction, division and multiplication by a form of addition only. Subtraction is treated as addition of negative numbers. Multiplication is treated as repeated addition and division is repeated subtraction. These are called as complementary additions and complimentary subtractions.

The data storage inside the computer is achieved through ‘Character Sets’. These characters (which we see on the keyboard) are alphanumeric characters, numeric characters, special characters and various control characters.

If we type a character say ‘A ‘ using the key board that character ‘A’ is converted in to ASCII( American Standard Code for Information Interchange) code which is 65. The ASCII code 65 is converted into equivalent binary number i.e 1000001. This binary number is stored in the disk. At the time of retrieval of the value , the computer converts the binary number into ASCII code (65) and gives the equivalent character ‘A’.

A binary digit is called a bit. A byte is the collection of 8 bits.

1 byte = 8 bits

1 Kilo Byte (KB) = 1024 bytes

1 Mega Byte(MB) =1024 Kilo Bytes

1 Giga Bytes(GB) =1024 Mega Bytes

1 Tera Byte(TB) =1024 Giga Bytes

1 Pica Byte(PB )= 1024 Tera Bytes

HARDWARE AND SOFTWARE


Hardware

All the physical components of the computer are called as hardware.

Example: Hard disk, Floppy Disk, Compact Disc, Mother board, RAM, etc.

Software

We can compare the software to the human brain. Just as the brain controls the functions of the human body, the software controls the functions of the computer and makes it work. We have to give unambiguous instructions to the computers for performing a job. A set of such instructions to carry out these functions is called as a program. The set of programs or instructions written by the user to operate and control the activities of computer is called as software.

Software can be broadly classified into three groups:

Ø System Software (Operating systems and the utility programs associated with it)

Ø Language processors(Compilers, Interpreters etc)

Ø Application Software(Standard applications like MS Office, Oracle, Java, Visual Basic or customised software )

Operating System.

Ø An Operating System is a set of commands which controls the computer’s hardware and software

Ø Also an Operating System is an interface between the user and the computer.

Ø It is a bridge between the hardware and software.

Operating Systems are classified into two types.

Ø Single User Operating System e.g. MS DOS

Ø Multi User Operating System e.g. UNIX, LINUX,WINDOWS NT,WINDOWS XP.WINDOWS 7,WINDOWS 2003 etc

CONCEPTS OF COMPUTERS



CONCEPTS OF COMPUTERS

Computer is an electronic device that accepts digital information(input) and processes it in a pre-defined fashion, according to a set or sequence of instructions provided to it and produces the desired output.

Computers are capable of storing large data/information and instructions for repeated use. They carry out millions of instructions per second and perform numerical computations with remarkable speed and accuracy. However, like other machines, Computers can do, only what they are instructed to do.

From the definition of computers the following elementary principle follows.

Input-->Process-->Output

INPUT : Input is the signal that is applied to a circuit or a device. Input device is the device with which the operator enters both program and data into the computer. The input devices take the data manually by operation and have built in electronic pulses on which the computer works.

The examples of INPUT DEVICES are : Key board, Mouse, Data collection terminals, Speech Recognition units, Magnetic Card readers and Document readers.

PROCESS: Process is the systematic sequence of operations to produce the desired results. The computer's CPU (Central Processing Unit) takes care of the processing.

OUTPUT: The result obtained after processing of the input data is called as the OUTPUT. The devices used for directing the processed information for display, sensing or saving are called as 'OUTPUT DEVICES'.

The examples of OUTPUT devices are : Monitor or VDU(Visual Display Unit) and Printer.

Components of Personal Computer(PC):

The Personal Computer consists of the following major components:

1) Keyboard, Mouse, Scanner as Input devices

2) Monitor, Printer as Output Devices

3) Central Processing Unit (CPU) which is the brain of the computer system where are the operations are processed

There are other essential components like Compact Disk(CD),DVD, Pen Drive etc (Floppies have gone out of usage now a days)for taking backup of important data, Modem to connect to Network, Speakers, Mike etc for enjoying mufti media features of the computer. To ensure power supply during power outage a suitable UPS (UNINTERRUPTIBLE POWER SUPPLY) is also required.