Virus Response Mechanisms
How does the virus work?
There're two types of viruses: destructor, which aim is damage and deletion of the data existing on the computer; and the viruses, which aim is not to destroy, but just to enter the system and transfer its data to strangers (e.g. Trojan).
Depending on what virus the user deals with one can speak about the response mechanism of this virus. Knowing the mechanism of the virus operation one can find the solution how to deactivate or delete it.
Standard response mechanism
A traditional computer virus works in the following way:
- Gets into the system with an infected file from the Internet or external data media (CD, flash-card);
- "Wakes up" after the program activation and integrates in the operating system as a bomb waiting for a suitable opportunity to explode;
- Infects any file after the user's run it, is copied from the hard drive to external media;
- And finally, destroys all information on the computer and even erases data from the hard drive. This destructive part of the virus is activated according to programmed date or after a particular number of copies created by the virus. Some viruses are not so destructive; they could just display messages on the screen. There're also viruses that mainly aren't dangerous, except their ability for reproduction (usual worms).
Time bombs
This type of viruses belongs to destructors. Their special feature is absence of the reproduction stage. On getting into the system, this virus will be quietly "dozing" before the moment of its activation. This type of viruses cuts both ways: they don't reveal themselves so it's really hard to detect them. But on the other hand, it's very difficult to spread such viruses, since this virus is self-destroyed after activation.
"Trojan horses"
Trojan doesn't serve for destruction. Like the Trojan horse from the famous legend about the fall of Troy, such virus plays the role of an agent: Trojan doesn't destroy, but harvests information – data, passwords – into the unseen file in order to give them to intruder.
As soon as the hacker gets the access to the computer using the Trojan, he can easily copy all the desirable data and walk away with them. Recently the Trojans performing the functions of network server have become popular: while the user is working in the Internet, the Trojan is passing the users data to the network without his concern. What exactly and to whom it sends this information depends on each specific Trojan. Traditionally it's transferring of passwords that'll further give the intruders the access to all user's information.
Special scanners help the hackers to go over IP-addresses of the Internet users searching for a victim. Having found it, they receive the access to this computer as to their own.