And there are times that we are complacent. This week, let’s probe the composition of a computer virus and its different strains.

John Mc Afee, a foremost expert on computer virus, defines it as "a computer program created to infect other programs with copies of itself. It has the ability to clone itself, so that it can multiply, constantly seeking new host environments. That may be all it does—a single mission to replicate and spread from one system to another. Or the virus program may be written to damage other programs, alter data, and then perhaps self-destruct, leaving no evidence of itself behind, so that defenses cannot be developed against it."

Anatomy

The ability to reproduce itself is one of the characteristics inherent to a computer virus. According to Mayur Kamat (www.boloji.com), a computer virus has three basic parts, namely, replicator, concealer, and payload. Replicator is the most significant part of the virus code. It makes sure that the virus is kept alive by appending to legitimate programs in the machine. When the program is used the virus is activated, paving the way to its reproduction. Concealer uses the method of hiding the virus to make it difficult to detect .

PC Doctor (www.pcdoctor-guide.com) explains the role of a payload:

"The payload is what the computer virus is programmed to do. Some viruses do nothing more than copy themselves onto another PC, much like a real virus does from host to host. This is the simplest payload that a virus can have. However, just like viruses in nature, some computer viruses have a greater effect - maybe they steal files or data or allow someone else to take control over the PC while some will destroy some or all of the data on the computer.

A virus can also have multiple payloads (in fact, any virus that does more than just spread has by default more than one payload) - perhaps it steals data and waits until some date in the future when it activates a new payload and deletes all the data on the drive or something similar."

Types of Viruses

A computer virus needs to be authored. It is a product of a person who writes the code, tests it to make sure it spreads properly and then releases it. The creator of the virus also designs the virus’s attack phase, whether it is a silly message or the destruction of a hard disk.

Computer viruses can be classified according to the area of infection and the extent of damage to the computer. The following are the types of computer viruses as collated by Mayur Kamat and bbc.co.uk (www.bbc.co.uk/science/hottopics) :

Boot viruses: These viruses are fairly rare nowadays and are easy to detect. The areas being attacked are the boot records of the floppy drive and hard drive. The boot record program, the one responsible for loading the operating system in the memory, is replaced by the virus by copying it elsewhere on the disk or overwriting it. Examples: Form, Disk Killer, Michelangelo, and Stone virus.

Program viruses: The attacks are focused at the executable files with extensions like .BIN, .COM, .EXE, .OVL, .DRV, and .SYS. Examples: Sunday, Cascade.

Stealth viruses: These viruses use techniques to make detection difficult, such as redirecting the disk head to read another sector instead of the one they reside or altering the reading of the infected file’s size shown in the directory. Examples: Frodo, Joshi, Whale.

Polymorphic Viruses: The viruses that fall into this category are difficult to track down because of their chameleon-like appearance. Examples: Involuntary, Stimulate, Cascade, Phoenix, Proud, Virus 101

Macro Viruses: The attacks target the macros within the document or template. Upon opening a word processing or spreadsheet document, the macro virus is activated, infecting the normal template. The infection can spread if such documents are opened on other computers. Examples: DMV, Nuclear, Word Concept

Worms: This virus is present in computer networks. It can spread over corporate networks or via emails sent over the Internet. Example: ILOVEYOU virus

For comments and suggestions you can email me at techoclock@advancesolutions.net