The first time the term "virus" is used by Fred Cohen in 1984 in the United States. A computer virus called "virus" because it has some fundamental similarities with the virus at a medical term (biological viruses). Computer viruses can be interpreted as an ordinary computer program. But it has fundamental differences with other programs, which created the virus to infect other programs, change, manipulate and even to damage it. There is to be noted here, the virus will infect only if the trigger program or programs that have been infected earlier executed, this is where the difference with the "worm".
Origin computer virus appears
1949, John von Neumann, expressed "self altering automata theory" which is the result of research mathematicians.
1960, Bell Labs (AT & T), the experts in the lab BELL (AT & T) to experiment the theory expressed by John von Neumann, by making a type of game / game. They create a program that can reproduce itself and can destroy your opponent artificial programs. The program is able to survive and destroy all other programs, would be considered the winner.
CRITERIA Of VIRUS
A program can be called as a virus if it meets the following minimum of 5 criteria:
1. The ability to get information.
2. The ability to check a file.
3. The ability to multiply and infect themselves.
4. The ability of manipulation.
5. The ability to hide themselves.
Now will try to explain briefly what is meant by each of the skills and why this is necessary. Now will try to explain briefly what is meant by each of the skills and why this is necessary:
The ability to obtain information on a virus generally requires a list of file names that exist in a directory. For what? So that he can get a list of files that can he damage. For example, the macro virus will infect all the data files MS Word, will find a list on extension *. doc files.
The ability to check a program, a virus must also be able to check a file to be infected, for example, the program served to infect the extension *. doc, then he should check whether the document files have been infected or not, because if it is, it will infect another useless .
The ability to reproduce themselves from the virus core is the ability to reproduce itself by infecting other files. A virus has been discovered when the victim so she would recognize him with a look. If not infected then the virus will begin transmission action by writing bytes to the file identifier, and copied / write the object code file viruses on the target.
Some common ways by the virus to infect / reproduce itself is: who will be infected files deleted or renamed. Then created a file containing the virus program itself using file names that origin. Program viruses have been executed / loaded into memory will be directly infect other files by entering all the existing files.
A manipulation capabilities, Routine (routine) owned by a virus will be executed after the virus infects a file. The contents of this routine can range from the harmless to the conduct impairment. This routine is generally used to manipulate files or even popularizing the manufacturer. These routines use the ability of an operating system (Operating System), which has the same ability to those of the operating system. For example:
* Create a picture or message on the monitor.
* Replacing / changing the label of each file, directory, or the label of the drive on your PC.
* Manipulate the infected files.
* Damaging files.
* Disrupting the work printer, etc..
Hiding self-ability, ability to hide it should be owned by a virus that all the good work from the beginning to the success of transmission can be done. The usual steps taken is:
* A virus program code stored in the form of machinery and combined with other programs that are considered useful by the user.
* A virus program is placed on Boot Record or the tracks on the disc are rarely noticed by the computer itself.
* The program is made as short as possible viruses, and the infected file is not too much change in size.
The virus does not change the description/information when a file, and others.
VIRUS LIFE CYCLE
viral life cycle in general, through 4 stages:
1. Dormant phase (Phase Rest / Sleep), In this phase the virus is not active. The virus will be activated by a particular condition, such as: the date set, the presence of other programs / execution of other programs, etc.. Not all virus through this phase.
2. Propagation phase (phase distribution), In this phase the virus will copied itself to a program or to a place of storage media (both hard drives, RAM, etc.). Each program will be infected with the "cloning" the virus (depending on how the virus infect it).
3. Trigerring phase (Phase Active), In this phase the virus will be active and this is also the trigger by some conditions such as the dormant phase.
4. Execution phase (execution phase), in this phase of active virus has been to perform its functions. Such as deleting files, display messages, etc..
resource: http://mumtaz-anas.com