Viruses, Worms and Bacterias are the well known biological pathogens. In computer terminology, experts have termed them for malicious programs. In previous decades, these programs were supposed to be a computer flaws or mistakes. Lateron, many passionate destructive programmers coded such programs which were intentionally programmed to perform some destructive activities. Their benefits are not known, although, their destiny is known to us and that is - Prison. But, question arises that - why such programmers have chosen such a poor activity? I think the reason is the human nature, these people can not do anything good to become famous, so they have chosen to become bad name and gain some fame. Afterall, that is also the kind of fame. In this article, you will find some precautions and ideas to get rid of these malicious programs and also a brief introduction to such programs.
Philosophy of Viruses
Each virus is a malicious program which is programmed and designed to take benefits of flaws in computer system including hardware and software components. The actual thing what each virus demand is - CPU Resource. CPU resource can be understood as state of execution. All the executables programs follow the following states - [1] Dormant State [2] Ready State [3] Execution State [4] Waiting State
The executable program at the beginning is at dormant state. In this state, the executable is only stored in the secondary storage device (Hard disk, Floppy etc.). After the CPU Scheduler schedules the executable file, the executable gets the CPU resource. Each program passes through all these states. The operating system has the scheduler program that runs under the kernel to perform the execution of executable programs. Even a Virus also follows through these states.
In MS-DOS and Windows based Operating systems .COM, .EXE are the common executable files. Many Trojans and Cuckoo eggs take benefit from this. Trojans are the malicious programs, but, they cheat the user by his mistake and also operating system flaws. Such as they may store a program with the same name in a directory which is scanned by operating system shell first; like System32 folder of Windows-2000 is searched for presence of a file before Winnt. Due to this, if you type a executable file without providing its full name, you may accidentally execute a different file that may be malicious too. The other option for such programs (Trojans) may be extensions of Windows operating system. A .COM is executed before .EXE, I meant that if two files have the same name with only difference of extension, you may execute a .COM accidentally which may be a Trojan. One other option which such Trojans follow is typing mistakes. But, GUI based operating systems where icons are followed , such mistakes automatically eradicated.
Effects of Viruses
Viruses not only use system flaws but, they also work with useful components of operating system. The best way for such programs is performing a loss to the computer system by spreading themselves. This quality of viruses matches with biological viruses. I think that is the main reason why 'Virus' name was coined. Viruses may -
[1] Replace the system files and software executable with their own program. [2] Delete some content or modify all the contents. [3] Read you Address Book and mail the Virus program as a attachment to your friends and group. [4] Eat-up all the system resource by using memory acquired by them. (Memory-resident Viruses) [5] Make the whole system state unstable or nearly stop working. [6] Create a Bad Sector to hard disk which Operating system discards reading.
Most of times Viruses act in such a stealth manner that user is not aware with what is going on. A novice user may not notice the incident that is going with his computer system. Sometimes, experts also miss such incidents. Actually, Virus developers do not follow any common method and technique. They are simple programmer who accidentally know some system flaws and enjoy the loss of other people. They do not think of effect of such activity. A computer system may be installed in any place. It may installed in a Hotel, Office and even in Hospital. It may be installed in an ICU of a hospital. Think of a scenario when someone dies only due to failure of computer of ICU. This is a real shame on virus developers. If they can not do something good, why applying all frustration on poor citizens. What they did unfair with you? Whom are you taking revenge? I think they are the heartless fellow who do not understand human feelings and they are apart from humanity. I have just one suggestion to them, meet psychiatrist.
Virus, Trojans, Worm, Bacteria, Spy ware and Botnet
These all programs are collectively called malicious programs. These all the executables in various forms. Some VBA programs are also one of these.
Virus : Any malicious program which creates multiple copies and performs any miscreant activity withing the system resource. They eat-up memory, replace or corrupt boot sectors of hard disk or stop a working systems.
Trojan : These programs resemble with viruses, but, they have interesting way to make themselves executed. They take benefits of typing mistake or priority based system of operating system as discussed above.
Worm : Worm are network based programs that takes network based flaws into consideration. They spread themselves through network and generate serious problems in servers. They may affect bigger organizations to home computers with their execution. Their activities are similar as defined in previous point, but, they differ in their methods of spreading.
Bacteria : These malicious programs have just single intention to copy themselves many times. This causes lack of resource in the computer.
Spyware : Such programs spread through Internet. They take useful information from the computer systems and send them to a web-server which installs them to know the secret user information. These are easy to develop and spread.
Botnet : Such programs are similar to spywares, but, their mechanism is different. These programs are installed by Internet, the developer installs them in may computers of the world and they have interest to copy softwares and programs installed in many organization. They usually command the other systems and implement actions. Once the central server sends a command through IRC, all the computers where botnets are installed, respond to it.
This was a brief information about these malicious programs. Now, I should come to the point what you can do to escape from them and rescue if you affected accidentally.
Escaping from Viruses
There are many precautions which can be taken to avoid viruses. I have enlisted some of the precautions, all of them are mandatory to follow -
[1] Do not store installable programs in Hard disk. Many times, we copy the installation program from CD-Rom of software to Hard-disk directory. Actually, most of viruses replace the executable programs with the virus program. If they affect your hard disk, you may accidentally install them.
[2] Have a Virus Scanning program and scan the executable files before you execute
You must install any Virus scanner program which can scan each file individually on your command. This will escape you from state where you accidentally execute a program that is already virus affected.
[3] Windows users should not follow web view of windows explorer.
Most of viruses replace the Folder.htt with some VBScript. Each time you view a folder, you execute a virus and you keep thinking - why my computer is so slow? Follow the folder option and replace the view of folder with classic folder view.
[4] Use Full extension instead of Filenames only
By default Windows Explorer is designed to hide the extension of known file types. This is the weak point. Actually, most of viruses that executed through e-mails use this weakness. They may use the same icon of Microsoft Word to an executable file. You would take a file as Microsoft Word file which has .DOC extension. You could not see its extension, you are just watching its icon which is similar to .DOC file. You may execute it and accidentally affect your system. So, follow the Folder Option from Control Panel and uncheck the option in View tab that suggests - Hide file extension for known types.
[5] Keep better control on programs that are executed at system start-up
You can follow System information from Program > Accessories > System Tools. Click Software Environment and then click Startup Programs. If you find any program that may be malicious, you can remove it from startup. There are two options for any program to execute at startup -
(a) Programs > Startup Folder.
(b) Windows Registry
You may easily remove a suspected file from startup folder by deletion. But, Windows registry is bit trickier. You may study one of my article on Windows registry.
The Ultimate Solution
Anti-Virus programs are the best solution. There are may freeware Anti-virus programs such as AVG, Avast and others. On the other hand, we have Norton Antivirus, PcCillin and McAfee which are famous ones. Use any one of them that suits your requirements. The anti-virus programs keep some patterns of file organization of a virus infected file and they match the same pattern to all the files stored in your system. They may track a series of viruses. If they find any virus during scanning, you are prompt to delete such files. You are also informed with the name of virus. Actually, these names are given by anti-virus programs, but, names are common to all the anti-virus. You should update your anti-virus software through Internet to make it efficient over new viruses. Most of updations are free of cost.
Rescue for a virus affected computer
If you find some specific files affected by virus while scanning with anti-virus program. Remove them immediately. But, if you find that many files are affected and even system files are also corrupt. Save all the data files stored in boot drive (mostly C:) and store them in other partition of your hard-disk. Scan you boot sector with anti-virus program and if that is also affected, store your data files in a floppy disk or some other media. After this, power off your system, do not shut down properly in this case, there may be some files related with windows shut down process, affected with virus. Such program may also affect your recently secured data files. Next you do is re-installation of operating system. You should format the partition affected by such viruses. Do not install without formatting.
Some VBScript based viruses can be removed by deleting .HTT files. .HTT file keep the customized folder setting. Search these files in all the computer folders and then delete. You may also search them with clause of text containing as 'vbscript'. This will affect only the view setting of all the folders of your computer. But, if you are already using classic view of Folders Option, you will automatically get rid of HTT files related problems.
Worms are real problems for the computer which are part of a LAN or Intranet. Your Internet connection may also be LAN based. If you are not using firewall, Botnet and worms can perform their poor activities. Firewall is a software that can be installed to protect unauthorized access to your system through network and controlling incoming and outgoing traffic efficiently. Such program allow only those applications which are intended to use the Internet or access the network. One of the firewall software is - ZoneAlarm of Zone Labs. This product is freeware for home users. You need not be an expert. This program is by default well configured. Trusted zones are set into it which are the computers of the network which can make connection with you. You can lock the internet facility if you are not using it. Actually, spywares make contact to any server to perform their activity, when they lose the connection, their effect becomes negligible. So, firewalls can be used to get rid of worms, botnets and spywares.
Anti-Spyware softwares are the other method to protect the spywares. Actually, spywares have a similar pattern to work. Making access to Internet and send the useful information and address book to their web-servers. They put themselves in start-up with the resembling name to a system file, such as rundll32.dll or Kernel32.dll. They masquerade with you and play silly game of breaking your privacy. They are not the one who delete something from your system, but, they are the one who want to perform something which can not be regained. Do not use Internet Explorer if you are entangled with again and again installation of viruses. Use Mozilla Firefox instead. Actually, being more powerful Internet Explorer allows execution of some scripts which may be harmful to your computer. Spywares are not the viruses, but, I keep them in malicious programs.
Conclusion
You should trace the reason of any virus infection. If you trace it properly, problem may be avoided in future. Anti-virus programs work to trace virus files, but, no one take guarantee. Your awareness is above all. Afterall, a virus is a program and it has its process in your computer. Use task manager to get them deleted on the spot. Scan your computer with such programs and do not click each executable, first scan the file, then, execute it. I have mentioned some of the precautions, but, the list is long. One best precaution is to use registered softwares only which follow some standard. There are many organizations for standardization. Products downloaded from good software companies do not contain any such problems. You can download such programs from registered companies site. Overall, I can say - "Precaution is better than cure." "One scanning a day, keeps Viruses far away"
- Som Dutt Tripathi