(Institution Name)
Introduction
A virus is a program capable of self-replication. Most viruses tend to be parasitic by nature. It can attach itself to any file or object and can be transmitted to another computer. The virus, once activated, looks for another suitable carrier to attach itself to transfer. By nature, viruses and worms are similar, in the sense that they both can replicate. Unlike a virus, a worm does not need a host to latch on to and can be transmitted by initiating telecommunications. . However, there are several intermediate forms that resemble both viruses and worms, and these terminologies can be used interchangeably for a normal PC user. This paper attempts to describe a particular type of virus and the techniques used to prevent it.
Polymorphic Virus
Polymorphic Viruses are the most difficult to trace and often require anti-virus companies a long time to detect the virus’ detection routes to catch a polymorphic sequence/code. It spreads by attaching itself to some part of a computer program file, e.g. a spreadsheet or word processor. The virus can then attack master boot records, which contains all the information a computer requires when it starts up. .
A polymorphic virus consists of a scrambled virus body and a decryption routine that first gains access to the computer then decrypts the virus. A third component, i.e. a mutation engine is also added which generates random decryption characters that keep on changing continuously when the virus affects each new program. The virus then makes a copy of itself and the mutation engine on Random Access Memory (RAM). The mutation engine decrypts the virus in such a way so that it bears no resemblance to any prior decryption and the “newly” decrypted virus can then move on to other system applications. As a result, the virus decryption routine varies from infection to infection, with the virus scanner being able to specify only a specific decryption routine. Perhaps, the most famous polymorphic virus attacks were those of Tequila and Maltese Amoeba viruses caused in 1991.
Detection of Virus and Corrective Measures
Detection of Polymorphic virus can only be done by the latest, up-to-date anti-virus program.
- The user must search for virus protection in their PC. If the anti-virus has a system scan, run the software to detect the virus.
- Run virus removal software and view the virus findings in the list.
- Quarantine and delete them from your PC.
- Discover alternate anti-virus software possibilities such as McAfee Virus Scan Plus, or Norton Antivirus software, if your PC does not have the appropriate anti-virus and system scan program.
- Download a firewall, spyware or security system to protect your computer from future viruses from entering your system and ease any losses to your save-able data. Regularly run the anti-virus program to clean out all viruses that may enter your computer through polymorphic or any other technique and keep your anti-virus up-to-date by enabling the auto update option.
Preventive Measures
Apart from the detective methods mentioned above, the user can take preventive steps towards ensuring that the virus cannot reach their PC. Some important steps include:
- Turning on auto-scan feature on the anti-virus
- Take caution when working on files received or downloaded from unknown, unsafe or questionable sources on the internet
- Do not open email attachments if sender is an unknown person. Scan any and all attachments with anti-virus before opening them, when received from any sender
- Download files from reputable, reliable and trustworthy websites on the internet
- Perform a complete system scan at least once a month; and
- Back up all your data frequently.
Works Cited
F-Secure Corporation. (2001). Computer Viruses- From an Annoyance to a Serious Threat. San Jose: White Paper.
Nachenburg, C. (n.d.). Understanding and Managing Polymorphic Viruses. Cupertino: The Symentic Enterprises Papers Volume XXX.
