Computer Virus Professor Orlando Viloria Computer Virus Concept It a program that is capable of causing damage to computers, businesses

and individ uals, its most outstanding characteristic is that it can replicate itself and sp read and infect "executable entities." Characteristics of a Virus It is harmful. The damage may be implicit when what is seeks to destroy or alter information or may be situations with negative effects on the computer, as cons umption of main memory, processor time, decreased efficiency. Virus Characteristics 2 It is self-reproducing. creates copies of itself, something that no other conven tional program does. It is versatile: it means that you will use several techniq ues to prevent the user being aware of their presence. The first step is to have a reduced size in order to hide at first sight Effects 1 The real danger of a virus is not given instructions for his arsenal of evil, but be cause of how critical the system is infected. Example a rabbit-type virus. If that infect a home computer would hang the machine which can then be reset with a clean boot disk with an antivirus to remove virus. Effects 2 If affect an SME server, possibly the company's computer system would cease to func tion for some time meaning a loss of machine hours and money. Effects 3 But if this virus infect an industrial machine as a crane or a robotic device used i n medicine as a laser machine to operate, the costs would be high and possibly h uman lives would be lost. 4 Effects What if it altered the medical records of a person so as to show a blood type or different RH factor? The patient may die. What if the four millionth digit in t he calculations for the landing of a space mission was altered in 0001 by a fact or of 100? The astronauts die Hardware Damage The computer viruses can not cause direct damage on the hardware. There are no instr uctions that melt the hard drive or monitor the outbreak. A virus can perform operations that reduce the lifetime of the devices. For example: to make the sou

nd card to send signals of various frequencies with a very high to damage the sp eakers Hardware Damage Make the printer head moves side to side or strike it against one side, making t he storage units moving at high speed heads L / E to be worn. All such things ar e possible but highly unlikely and usually prefer to attack the virus files and not mess with the physical. Who ago Computer viruses are made by people with programming skills but not necessarily genius of computers. They have knowledge of assembly language and how the comput er works internally. In fact it is rather more difficult to make a program "in o rder", like a billing system where there are many more things to take into accou nt that a simple virus that is poorly planned but would be enough to annoy the u ser. Virus classification Trojan Horses do not actually become virus because they have the ability to repr oduce itself. They hide within the executable code and executables going unrecog nized by many antivirus controls. Has subroutines that will run in a timely mann er. There are several Trojan horses that will focus on different points of attac k. Its aim will be to steal passwords that the user has in its files or password s for access to networks, including Internet. Trojan Horse 2 After the program obtains the password you want, send it by email to the email a ddress you have registered the person who introduced the horse. A Trojan horse t hat infects the company network is a major security risk because it is greatly f acilitating access by intruders. Many Trojan horses used for industrial espionag e are programmed to self-destruct once they fulfill the purpose for which they w ere programmed, destroying all evidence. Chameleons 1 Similar to Trojan horses, but act like other commercial software, in which the u ser trusts, while in reality they are doing any kind of harm. When properly prog rammed,€chameleons can perform all the functions of legitimate programs to be re placed (they act as product demonstration programs, which are simulations of act ual programs). Chameleons 2 A chameleon software could, for example, emulating a program access to remote sy stems (rlogin, telnet) doing all the actions they perform, but as an additional task (and hidden from users) is a file stored on different logins and passwords so that later can be retrieved and used illegally by the virus writer chameleon. Polymorphic or mutant Virus

polymorphic or mutant polymorphic viruses have the ability to encrypt the body of the virus so it can not be easily detected by an antivirus. Makes available only a few routines that would be responsible for decrypting the virus to spread . Polymorphic or mutant At this point we have a virus that presents a different form of the first, the d ecryption mode, which can infect and make their own freely. But for the virus th is characteristic of change of forms must have some special routines. If you alw ays keep its structure, is encrypted or not, any antivirus can recognize that pa ttern. Polymorphisms or Virus Mutants To that includes a code generator that is known as an engine of change. This eng ine uses a random number generator, combined with a mathematical algorithm that modifies the signature of the virus. Thanks to this virus mutation engine can cr eate a decryption routine that will be different each time it runs. Polymorphisms or Virus Mutants The basic methods of detection can not provide this type of virus. Many times in dividuals are polymorphic virus programs are devoted to find and eliminate them. Some software that can be downloaded free from the Internet dedicated solely to eradicate the latest viruses that have appeared and are also the most dangerous . Do not make commercial enterprises but groups of hackers who want to protect t hemselves from other groups opposed. In this environment, introducing this type of solution is often a way to prove who is superior or who mastered the techniqu es of programming. Retro virus

Retro-virus or anti-virus Virus A retro-virus as a defense tries to directly att ack the antivirus program included in the computer. For developers of viruses th is is not difficult to obtain information as they can get any copies of antiviru s on the market. Usually seeking retro-virus virus definition file and pull them out, making it impossible to identify their antivirus enemies. They usually do the same with the record of integrity checker. Other retro-virus program detecte d the virus in memory and try to hide or start a destructive routine before the antivirus I could. Some even change the environment in such a way that ends up a ffecting the operation of the antivirus. Time Bombs Son conventional virus and may have one or more of the characteristics of other type s of virus but the difference is given by the trigger of his form of attack that is triggered by a certain date. Not always seek to create a specific damage. Us ually messages display on the screen at some date that represents an important e vent for the programmer. Michel Angelo virus does cause great harm by removing a

ll information from the partition table on 6 March. Macro viruses Currently are viruses that are spreading over the Internet. Represent a threat to computer networks to independent computers. Their greatest danger is that they are compl etely independent of the operating system or platform. Moreover, not even execut able programs. Macro viruses The macro-viruses are small programs written in the language itself (known as script ing language or macro language) of a program. Thus we find macro viruses to text editors, spreadsheets and utilities that specialize in image manipulation. Macro Virus To date, most known viruses are written in WordBasic of Microsoft, or even the l atest version of Visual Basic for Applications (VBA), also from Microsoft. WordB asic is the internal programming language of Word for Windows (used from version 6.0) and Word 6.0 for Macintosh. As VBA is executed every time a user uses any Microsoft Office program, the macro virus written in the programming language re presents a very serious risk. In other words,€a macro written in VBA virus can i nfect an Excel document, Access or PowerPoint. How are you applications become m ore and more important every day, the presence of macro-virus seems to be assure d. Worms You could say that is a set of programs that have the ability to scatter a segme nt of the body or to other computers connected to a network. There are two types of worms: Host Computer Worm: they are contained entirely in a computer, run an d copied to itself via a network connection. Originally ending when they made a copy of themselves to another host. Then, there is only one copy of the worm run ning somewhere on a network. There are also the Host Computer Worm, making a cop y of themselves and infect other systems, that is, each machine keeps a copy of this worm. Worms Network Worms: consist of a set of parts (called "segments"), each running on a differen t machine (and probably each one performs a different task) and using the networ k for different purposes of communication. Propagating a segment from one mach ine to another is one of the purposes. The Network Worm has a main segment which coordinates the work of the other segments, also known as "Octopus." Common symptoms Virus

Even the best antivirus software may fail to aff about what possible symptoms of computer en a simple headache and a big problem. Here o occupy more space than usual. Files appear

detect a virus. The education of st viruses can be the difference betwe are some symptoms: Programs begin t or disappear. Change the size of a

program or object. Messages appear or foreign objects on the screen. The disc is working harder than necessary. Objects that are on the screen appear slightly d istorted. The amount of free disk space decreases without any explanation, no re ason is amending the name of the files. You can not access the hard drive. Antivirus Software Antivirus software is a computer program more and as such should be suitable for our system and must be properly configured as hardware devices that we have. If we work in a place that has networking is necessary to have an antivirus progra m that has the ability to detect viruses in networks. The antivirus significantl y reduce the risk of infection but should be recognized that not be effective on e hundred percent of the time and their use should be accompanied with other for ms of prevention (More information). Recommendations

Never run any software without prior review (including floppy disks, CDs, e-mail attachments, downloaded over the Internet, Messenger, etc.). Remember, even the original distributed software legitimately by their manufacturers, can contain viruses. A case fairly common and difficult to resolve, is when the PC is used b y children or adolescents living and sharing how software testing falls into the ir hands. In such cases, if not impose some discipline, stick to the consequence s. It is a little common sense. Recommendations

Executable files or cause a change with one opening (eg EXE, COM, BAT, REG, DLL, VBS, etc.) Or containing macros (DOC, RTF (*), XLS, etc..) Should not be accept ed via email (Note (*): RTF files by nature, can not contain macros, however, if you rename a. DOC and. RTF, Word will open it without complaint, leading to the implementation of possible macros included .) Formats seemingly innocent. PIF,. PDF and others, today may contain viruses. Only attachments in ASCII format (. TXT) text-only, can be opened without danger if they are attached to a message. Recommendations Even in the case of someone famous one. DOC and. TXT, this would not be opened by Wor d, because the definition does not pertain to that extension to that program (us ually Notepad is which opens by default). However, the extension may not be tr ue. Default Windows hides extensions used programs. Thus, a file or LEAME.TXT.VB S LEAME.TXT.EXE would be seen as README.TXT, making us believe is an innocent fi le, when in reality it is an executable