Virus and Its Types
Virus and Its Types
Virus and Its Types
A Computer Virus is a malicious software program Malware that can infect a computer by
modifying or deleting data files, boot sector of a hard disk drive or causes a software program to
work in an unexpected manner.
A computer virus resides on a host computer and can replicate itself when executed. Virus can steal
user data, delete or modify files & documents, records keystrokes & web sessions of a user. It can
also steal or damage hard disk space, it can slowdown CPU processing.
Definition of Comptuer virus
A computer virus is a program that may disturb the normal working of a computer system. Virus
attaches itself to files stored on floppy disks, USBs, email attachments and hard disks. A file
containing a virus is called infected file. If this file is copied to a computer, virus is also copied to the
computer. The name of first computer virus is Creeper.
According to Wikipedia Computer viruses cause billions of dollars worth of economic
damage each year, due to causing systems failure, wasting computer resources, corrupting
data, increasing maintenance costs, etc.
Most viruses contain a payload, a program that they will execute in addition to spreading
themselves. The effects of common virus payloads include deleting or corrupting files or
disks and passing on usernames and passwords.
Damages caused by virus
Computer virus cannot damage computer hardware. IT may cause many damages to a computer
system.
A virus can:
1.
2.
3.
4.
downloads an email attachment. It may harm the computer when it is activated. It may destroy files
on the hard disk or may send the virus automatically to all email addresses saved in the address
book.
3) Infected / Pornography websites
Thousands of insecure websites can infect computer with viruses. Most of the websites with
pornographic materials are infected, so by visiting these websites the users computer also gets
infected by virus. These websites are developed to spread viruses or other unethical material. The
virus is transferred to the users computer when this material is downloaded. These websites may
access the computer automatically when the users visit them.
4) Networks
Virus can spread if an infected computer is connected to a network. The internet is an example of
such network. When a user downloads a file infected with virus from the internet, the virus is copied
to the computer. It may infect the files stored on the computer.
5) Pirated Software
An illegal copy of software is called pirated software. Virus can spread if user installs pirated
software that contains a virus. A variety of pirated software is available in CDs and from the internet.
Some companies intentionally add virus in the software. The virus is automatically activated if the
user uses the software without purchasing license.
Types of Computer Virus
There are several different types of viruses:
File infector viruses:
These infect program files, such as applications, games or utilities. They are often memoryresident, meaning that once they have been executed they remain active in the computer's
memory and can infect more programs.
Examples include Jerusalem and Cascade.
Cascade: This virus attacked IBM PCs and compatibles. The letters on the screen could be
seen dropping vertically down to the bottom of screen after the virus picked them off in
alphabetical order. This is a sort of parasitic virus. It attaches itself to other programs and gets
activated when the host program is executed. It gets copied to other PCs when the programs are
copied.
Jerusalem: Found in 1987 at Hebrew University, Jerusalem, this virus was designed to
activate only on Friday, January 13 and delete all the files executed on that day. This infects the
COM and EXE files. This is similar to Cascade virus in that it is parasitic in nature. This virus
attaches itself to COM and EXE files to damage the data.
Boot sector viruses:
Floppy disks and hard disks store a small program known as the boot record which is run
when the computer starts up. Boot sector viruses attach themselves to this program and execute
when the computer tries to start up from the infected disk. Once a computer has been infected,
any unprotected floppy disk put into the computer will also be infected. Infected machines will
often refuse to start.
Examples include Michelangelo and Stoned.
Multi-partite or polypartite viruses:
These infect both boot records and program files and are very difficult to repair as the virus code
must be removed from both locations.
Examples include Anthrax and Tequila.
Macro viruses:
These infect data files, such as Word documents or Excel spreadsheets, rather than
programs. They are very common and can be difficult and expensive to repair. Macro viruses are
written using macro programming languages, designed to allow users to automate tasks within an
application. They are easy to produce, so there are now thousands in circulation.
Examples of macro viruses include W97M.Melissa and WM.NiceDay.
Some other well known types:
Virus Type
Program or File Virus
Multipartite Virus
Macro Virus
Stealth Virus
Polymorphic Virus
What It Does
Infects executables (other
programs, with affixes
such as EXE, BIN, COM,
SYS)
i) Infects boot sectors on
hard and floppy disks
Parasitic Virus
Attaches
itself
to Jerusalem' and 'Datacrime'
executable files
and are parasitic viruses.
replicates, when the
infected
program
is
executed, by finding
other executable files to
infect.
Besides viruses, there are other types of destructive programs as listed below:
Trojan Horses -- Like its namesake, this type of program enters a system through an
innocent manner and waits for the right moment to unleash its attack.
Worms -- A self-replicating program which exists independent of other programs.
Logic bombs -- A destructive program which is triggered by a date, time, or event, and
when triggered, it destroys data and/or other programs. Also know as 'Time Bomb'. The
time bomb occurs at a particular date or time.
Salamis -- A special program which invades a financial program and removes assets a "slice
at a time", hence the name.
Trap Doors -- These are facilities which permit a hacker to surreptitiously enter a system
by means of a security loophole which is either inherent in the operating system, or
possibly one which the hacker creates which he is a user on the system.
Session Hacking -- A special type of hacking which requires hardware, software, and
communications expertise. It involves the penetration of a system via network lines
and/or possibly through the detection of electronic emissions which radiate from active
monitors and terminals.
Zombie - A program that secretly takes over another Internet-attached computer and then
uses that computer to launch attacks.
Backdoor- A backdoor virus is a program that enters a computer system without being
detected and runs in the background to open ports, allowing third parties to control the
computer clandestinely. These backdoor viruses can pass themselves off as legitimate
programs.
What Is A Trojan Horse?
Although Trojan horse programs are categorized as viruses, they are not true viruses, since they do
not replicate. It is a malicious program disguised as something benign, such as a screen saver or built
into a free download.
A Trojan is a virus that hides inside another program. Named after the Trojan horse of Greek
mythology, a computer Trojan disguises itself as something else in order to gain access to your
computer.
Unfortunately, Trojan Horses are often hooked on to free downloads because many of us cannot
resist a free offer! However, this does free downloads a dis-service, as most are genuine and
malware-free
When loaded onto our machine, a Trojan horse can capture information from our system -- such as
user names and passwords -- or could allow a malicious hacker to remotely control our computer.
They really can do significant damage to our privacy and security, so you need software that deals
effectively with this widespread and difficult-to-detect malware.
Trojans are one of the sneakiest of the online risks. They are often downloaded on the back of a
free program (freeware) that has some value to the user -- a free game, software program or
music, for instance.
Worms
Worms can replicate themselves from computer to computer without infecting a host
program, unlike viruses, which must be carried by a host. Although worms are often carried
inside another file, usually a Word document or an Excel spreadsheet, they use the host in a
different manner from a virus.
A worm will usually release a document that already has the worm macro inside it. The
entire document travels from system to system, so the entire document should be regarded
as a worm. W32.Mydoom.AX@mm is an example of a worm. It was designed to allow
spammers to send spam e-mail from infected computers.
Like Trojans, worms are self contained programs that are designed to copy themselves from
computer to computer. Different worms exploit different weaknesses in the programs that
allow computers to communicate with each other.
A common purpose of worms is to install a backdoor into a computer. These are programs
that allow others to gain access to your computer.
Protection from Computer Virus
Virus infects computer system if latest and updated version of an Antivirus program is not installed.
Latest Antivirus software should be installed on Computer to protect it from viruses.
A computer system can be protected from virus by following these precautions.
1. The latest and updated version of Anti-Virus and firewall should be installed on the
computer.
2. The Anti-Virus software must be upgraded regularly.
3. USB drives should be scanned for viruses, and should not be used on infected computers.
4. Junk or unknown emails should not be opened and must be deleted straightaway.
5. Unauthorized or pirated software should not be installed on the computer.
6. An important way of protection against virus is the use of back up of data. The backup is
used if the virus deletes data or modifies it. So back-up your data on regular basis. There are
some great softwares that can back up your data automatically.
7. Freeware and shareware software from the internet normally contain viruses. It is important
to check the software before using them.
8. Your best protection is your common sense. Never click on suspicious links, never download
songs, videos or files from suspicious websites. Never share your personal data with people
you dont know over the internet.
Anti-Virus Software
An anti-virus is a program-code. Anti-virus software should be installed on your computer to
combat the threat of viruses.
There are many manufacturers of anti-virus software including BullGuard, BitDefender, Frisk, Grisoft,
McAfee, Sophos, Symantec and Trend. Some, such as Grisoft, even supply a free version of their AVG
anti-virus software, while others, such as Trend, offer a free online virus scan.
Anti-virus software works in two modes: stand-alone and memory resident. In stand-alone mode the
software works like any other program. You start it and point it at a file, directory or disk to check
the files for viruses.
If any viruses are found the software can: