At a time when a lot of new viruses are being developed every day, but especially malware and spyware, it is of increasing importance that anti-virus software tries to detect unknown viruses. Accordingly, almost all current anti-virus software works with reactive methods as well as proactive ones. For this purpose, the software can search for general characteristics of malicious programs and thus recognize patterns of viruses, even if an exact signature is still unknown. However, there are also a number of other variants of how anti-virus software can also detect unknown viruses and render them harmless. This includes, among other things, the SandBox technology (here a computer is simulated and the possibly harmful program is opened in a situation where no damage can occur) or the behavioral analysis (here a real-time monitoring is carried out in real-time monitoring, which detects the suspected virus when a stimulus threshold is exceeded blocked).
What is a computer virus?
The term computer virus is often used as a general term for all malicious software that can infect a computer. In detail, this is not correct. A computer virus is a computer program that is either hidden in other computer programs, a boot sector or RAM. This occurs through reproduction (computer 1 is infected and comes into contact with computer 2. This also infects computer 2. However, the computer virus is not removed from computer 1 and has increased as a result). This reproduction as a distribution and infection function gave the computer virus its name in comparison to the biological variants.
As early as 1949, the first theoretical papers were written on whether and how computer programs can reproduce and spread independently. In 1980 the comparison with biological viruses was used for the first time. In 1982, the first boot virus was written by a 15-year-old student who was able to spread via floppy disks on Apple II systems. Almost all early viruses, which could infect MS-DOS, Amiga, Atari or Unix, used this method of distribution. The virus is usually hidden in a host program. If this is carried out, the virus is also started and spreading is initiated. Computer viruses were often not particularly harmful. The programming was mostly just about the widest possible distribution and getting attention (the so-called existence report). However, even in the early days of computer viruses, there were those that could cause actual damage. This included the destruction of data as well as the targeted destruction of individual hardware elements (e.g. by overclocking the graphics card or reducing the fan speed). Frequently, the firmware was attacked directly, with the result that the computer could no longer be started.
Nowadays the actual computer virus is of little importance and has been replaced by painting software, spyware and computer worms (which are still spreading via e-mails and the Internet, but also via removable media). Nowadays, the threat of computer viruses (including worms, Trojans and malware / spyware) is much greater. The viruses not only aim to spread as widely as possible, but also aim to steal information from other computers. All information - from valuable bank or credit card data to uninteresting data such as Google behavior or shopping preferences - can be marketed profitably. Personal data is one of the most important currencies of the modern age. Of course, computer viruses can also be used specifically to obtain passwords from certain websites. Again and again, even large corporations like Facebook hit the headlines that the passwords were stolen by millions of users. Sites and programs are often also targeted by attacks where users' money is virtually deposited. Examples include telephony programs such as Skype, but also computer games or virtual casinos. By changing the password, users can often no longer access their credit. In addition, bank or credit card details are usually stolen, so that the damage can be double or triple.
Compared to computer worms and malware, the spread rate of real computer viruses was very low and the economic damage was also relatively insignificant.