codescracker


operating system os

Computer Viruses in OS



« Previous Tutorial Next Tutorial »


Virus is a computer program that is used to harm someone by inserting the virus program on his/her computer system.

Virus can do anything, a computer programmer can do.

Virus can do some irritating actions such as typing a message, displaying an image, playing some multimedia or can do some harmful action such as erasing data, deleting files, modifying files, retrieving some important information etc.

Virus is just like your computer's enemy because viruses always perform some actions that you don't like.

Virus can also render the computer system unusable as long as the virus is running on that computer system. This virus attack is also called as denial of service attack.

To do this denial of service attack, virus normally consume resources such as central processing unit (CPU) or filling up the disk with junk.

Here is a short virus program that is used to wipe out any UNIX system:

main()
{
while(1)
fork();
}

A computer virus can permanently damage the computer's hardware.

Therefore, now-a-day, almost every computer hold the BIOS in flash ROM, that can be rewritten under the program control.

But a computer virus can also write random junk in flash ROM, so that the computer will no longer boot.

In case, if flash ROM chip is in a socket, then fixing the problem requires opening up the computer system and replacing that flash ROM chip.

Now, if flash ROM chip is soldered to parentboard then possibly the whole board has to be thrown out and new one purchased.

How Computer Virus Work ?

To understand about how a computer virus works, let's consider an example.

A computer programmer writes a virus program or virus code possibly in assembly language or in C language or in any other programming language, and then inserts this virus code into a program on his own computer system.

Now, that virus containing program or infected program is distributed by that programmer possibly by uploading over the Internet, or sending it through e-mail to the victim's computer etc.

Now the victim will download that virus containing program from the Internet or from e-mail attachment. After the virus containing program is downloaded and stored on the his/her computer, the program ask to execute, now when victim click to execute or allow to execute that virus containing program, the virus comes in action and start doing his required job on the victim's computer.

That virus may delete files, modify files, rename files, steal some files, or retrieve some important and private information etc.

This way, a computer virus works.

Viruses that Infect Executable Programs

A computer virus can also infect the executable programs present on a computer system.

Viruses that can infect executable programs or executable program viruses can also be called as overwriting viruses.

Following is the infection logic of such type of virus that can harm any executable program:

#include<sys/stat.h>
#include<sys/types.h>
#include<dirent.h>
#include<unistd.h>
#include<fcntl.h>

struct stat sbuf;

search(char *dir_name)
{
DIR *dirptr;
struct dirent *dptr;

dirptr = opendir(dir_name);
if(dirptr == NULL)
return;
while(TRUE)
{
dptr = readdir(dirptr);
if(dptr == NULL)
{
chdir("..");
break;
}
if(dptr->d_name[0] == '.')
continue;
Istat(dptr->d_name, &sbuf);
if(S_ISLNK(sbuf.st_mode))
continue;
if(chdir(dptr->d_name) == 0)
{
search(".");
}
else
{
if(access(dptr->d_name, X_OK) == 0)
infect(dptr->d_name);
}
closedir(dirptr);
}
}

Boot Sector Viruses

Computer viruses that can overwrite the master boot record or the boot sector with devastating results are called as boot sector viruses.

Device Driver Viruses

Computer viruses that can infect a device driver are called as device driver viruses.

How Computer Virus Spread ?

You have already learned about how a computer virus can work in this tutorial.

Before placing a computer virus in working mode to effect the victim's computer, first you have to make the virus program and drop or insert that virus program on any program that is called as infected program or virus containing program.

Now to place that virus containing program in running mode, you have to apread that program so that you can find the victim to run and get required task performed through that virus.

To spread computer virus, you can use many technique such as putting it on shareware website, or email it as an attachment, etc.


« Previous Tutorial Next Tutorial »




Tools
Calculator

Quick Links
Signup - Login - Give Online Test