Computer virus is a
malicious, destructive and self-replicating computer program that disrupts the
normal functioning of the computer system. Computer viruses can transfer from
one computer to another through different sources to a computer without the
knowledge and permission of the user and they are capable for hiding themselves
in other files.
Route of transmissions
of Computer Virus are
Sharing of infected
external portable hard disk, pen drive or CDs and DVDs.
Using pirated software
(Illegal software).
Opening of virus
infected e-mail messages and attached file.
By downloading files or
programs from the web sites which are not secured.
By exchanging of data,
information or files over a network.
Browsing untrusted
sites.
Symptoms of Computer
Virus
· Programs
take more time to load, fail to load or hang frequently.
· Unexpected
messages or images appear suddenly on the screen.
· Missing
of files or appearing of unexpected files.
· Displays
unusual error messages or encounters errors frequently.
· Displays
low memory message frequently.
· Programs
open automatically without giving instruction.
Types of Computer Viruses
A computer virus is one type of malware that inserts its virus code to multiply itself by altering the programs and applications. The computer gets infected through the replication of malicious code. Computer viruses come in different forms to infect the system in different ways. Find some of the most common type of computer viruses here,
- Boot Sector Virus
- Direct Action Virus
- Resident Virus
- Multipartite Virus
- Polymorphic Virus
- Overwrite Virus
- Spacefiller Virus
Boot Sector Virus – This type of virus infects the master boot record and it is challenging and a complex task to remove this virus and often requires the system to be formatted. Mostly it spreads through removable media.
Direct Action Virus – This is also called non-resident virus, it gets installed or stays hidden in the computer memory. It stays attached to the specific type of files that it infect. It does not affect the user experience and system’s performance.
Resident Virus – Unlike direct action viruses, resident viruses get installed on the computer. It is difficult to identify the virus and it is even difficult to remove a resident virus.
Multipartite Virus – This type of virus spreads through multiple ways. It infects both the boot sector and executable files at the same time.
Polymorphic Virus – These type of viruses are difficult to identify with a traditional anti-virus program. This is because the polymorphic viruses alters its signature pattern whenever it replicates.
Overwrite Virus – This type of virus deletes all the files that it infects. The only possible mechanism to remove is to delete the infected files and the end-user has to lose all the contents in it. Identifying the overwrite virus is difficult as it spreads through emails.
Spacefiller Virus – This is also called “Cavity Viruses”. This is called so as they fill up the empty spaces between the code and hence does not cause any damage to the file.
#File infectors:
Few file infector viruses come attached with program files, such as .com or .exe files. Some file infector viruses infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files. Consequently, when the particular program is loaded, the virus is also loaded.
Few file infector viruses come attached with program files, such as .com or .exe files. Some file infector viruses infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files. Consequently, when the particular program is loaded, the virus is also loaded.
Besides these, the other file infector viruses come as a completely included program or script sent in email attachments.
#Macro viruses:
As the name suggests, the macro viruses particularly target macro language commands in applications like Microsoft Word. The same is implied on other programs too.
As the name suggests, the macro viruses particularly target macro language commands in applications like Microsoft Word. The same is implied on other programs too.
In MS Word, the macros are keystrokes that are embedded in the documents or saved sequences for commands. The macro viruses are designed to add their malicious code to the genuine macro sequences in a Word file. However, as the years went by, Microsoft Word witnessed disabling of macros by default in more recent versions. Thus, the cybercriminals started to use social engineering schemes to target users. In the process, they trick the user and enable macros to launch the virus.
Since macro viruses are making a come back in the recent years, Microsoft quickly retaliated by adding a new feature in Office 2016. The feature enables security managers to selectively enable macro use. As a matter of fact, it can be enabled for trusted workflows and blocked if required across the organization.
#Overwrite Viruses:
The virus design purpose tends to vary and Overwrite Viruses are predominantly designed to destroy a file or application’s data. As the name says it all, the virus after attacking the computer starts overwriting files with its own code. Not to be taken lightly, these viruses are more capable of targeting specific files or applications or systematically overwrite all files on an infected device.
On the flipside, the overwrite virus is capable of installing a new code in the files or applications which programs them to spread the virus to additional files, applications, and systems.
#Polymorphic Viruses:
More and more cybercriminals are depending on the polymorphic virus. It is a malware type which has the ability to change or mutate its underlying code without changing its basic functions or features. This helps the virus on a computer or network to evade detection from many antimalware and threat detection products.
More and more cybercriminals are depending on the polymorphic virus. It is a malware type which has the ability to change or mutate its underlying code without changing its basic functions or features. This helps the virus on a computer or network to evade detection from many antimalware and threat detection products.
Since virus removal programs depend on identifying signatures of malware, these viruses are carefully designed to escape detection and identification. When a security software detects a polymorphic virus, the virus modifies itself thereby, it is no longer detectable using the previous signature.
#Resident Viruses:
The Resident virus implants itself in the memory of a computer. Basically, the original virus program is not required to infect new files or applications. Even when the original virus is deleted, the version stored in memory can be activated. This happens when the computer OS loads certain applications or functions. The resident viruses are troublesome due to the reason they can run unnoticed by antivirus and antimalware software by hiding in the system’s RAM.
The Resident virus implants itself in the memory of a computer. Basically, the original virus program is not required to infect new files or applications. Even when the original virus is deleted, the version stored in memory can be activated. This happens when the computer OS loads certain applications or functions. The resident viruses are troublesome due to the reason they can run unnoticed by antivirus and antimalware software by hiding in the system’s RAM.
#Rootkit Viruses:
The rootkit virus is a malware type which secretly installs an illegal rootkit on an infected system. This opens the door for attackers and gives them full control of the system. The attacker will be able to fundamentally modify or disable functions and programs. Like other sophisticated viruses, the rootkit virus is also created to bypass antivirus software. The latest versions of major antivirus and antimalware programs include rootkit scanning.
The rootkit virus is a malware type which secretly installs an illegal rootkit on an infected system. This opens the door for attackers and gives them full control of the system. The attacker will be able to fundamentally modify or disable functions and programs. Like other sophisticated viruses, the rootkit virus is also created to bypass antivirus software. The latest versions of major antivirus and antimalware programs include rootkit scanning.
#System or Boot-record Infectors:
The Boot-record Infectors infect executable code found in specific system areas on a disk. As the name implies, they attach to the USB thumb drives and DOS boot sector on diskettes or the Master Boot Record on hard disks. Boot viruses are no more common these days as the latest devices rely less on physical storage media.
Anti-Virus
Antivirus is a
constructive program that detects and eliminates viruses from computer. Some
popular antivirus are Kaspersky Anti-virus, Avira Antivirus, Norton Antivirus
(NAV) , McAfee Antivirus, Panda Anti-Virus, AVG Anti-Virus etc.
No comments:
Post a Comment