Computer virus is a harmful software program written intentionally to enter a computer without the user’s permission or knowledge. It has the ability to replicate itself, thus continuing to spread. Some viruses do little but replicate, while others can cause severe harm or adversely affect the program and performance of the system. A virus should never be assumed harmless and left on a system.
There are different types of viruses which can be classified according to their origin, techniques, types of files they infect, where they hide, the kind of damage they cause, the type of operating system, or platform they attack. Let us have a look at few of them.
1. Boot Sector Virus
Source: http://www.makeuseof.com/
Boot sector viruses became popular because of the use of floppy disks to boot a computer which the virus attaches itself to the first part of the hard disk that is read by the computer upon boot up. The widespread usage of the Internet and the death of the floppy have made other means of virus transmission more effective.
This type of virus affects the boot sector of a hard disk. This is a crucial part of the disk, in which information of the disk itself is stored along with a program that makes it possible to boot (start) the computer from the disk. Examples of the boot sector viruses are Polyboot.B and AntiEXE. To protect, the best way of avoiding boot sector viruses is to ensure that floppy disks are write-protected. Also, never start your computer with an unknown floppy disk in the disk drive.
2. Browser Hijacker
Source: http://www.makeuseof.com/
This type of virus, which can spread itself in numerous ways including voluntary download, effectively hijacks certain browser functions, usually in the form of re-directing the user automatically to particular sites. It’s usually assumed that this tactic is designed to increase revenue from web advertisements. There are a lot of such viruses, and they usually have “search” included somewhere in their description. CoolWebSearch may be the most well known example, but others are nearly as common.
3. Direct Action Virus
This type of virus, unlike most, only comes into action when the file containing the virus is executed. The payload is delivered and then the virus essentially becomes dormant; it takes no other action unless an infected file is executed again.
Most viruses do not use the direct action method of reproduction simply because it is not prolific, but viruses of this type have done damage in the past. The Vienna virus, which briefly threatened computers in 1988, is one such example of a direct action virus. By install an antivirus scanner, it will help to protect your computer. However, this type of virus has minimal effect on the computer’s performance.
4. File Infector Virus
Source: http://www.makeuseof.com/
Perhaps the most common type of virus, the file infector takes root in a host file and then begins its operation when the file is executed. The virus may completely overwrite the file that it infects, or may only replace parts of the file, or may not replace anything but instead re-write the file so that the virus is executed rather than the program the user intended.
Although called a “file virus” the definition doesn’t apply to all viruses in all files generally for example, the macro virus below is not referred to by the file virus. Instead, the definition is usually meant to refer only to viruses which use an executable file format, such as .exe, as their host.
5. Macro Virus
Macro viruses are viruses that use another application’s macro programming language to distribute themselves. Macro viruses infect files that are created using certain applications or programs that contain macros, like .doc, .xls, .pps, .mdb, etc. These viruses automatically infect the file that contains macros, and also infects the templates and documents that the file contains. It is referred to as a type of e-mail virus.
The most well known macro virus is probably Melissa, a Word document supposedly containing the passwords to pornographic websites. The virus also exploited Word’s link to Microsoft Outlook in order to automatically email copies of it. The best protection technique is to avoid opening e-mails from unknown senders. Also, disabling macros can help to protect your useful data.
6. Multipartite Virus
While some viruses are happy to spread via one method or deliver a single payload, multipartite viruses want it all. These viruses spread in multiple ways possible. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files. Examples of this virus are Invader, Flip and Tequila. In the event to protect computer from this virus, you need to clean the boot sector and also the disk to get rid of the virus and then reload all the data in it. However, ensure that the data is clean.
7. Polymorphic Virus
Source: http://www.makeuseof.com/
A polymorphic virus not only replicates itself by creating multiple files of it, but it also changes its digital signature every time it replicates. Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system. This makes it impossible for antivirus software to find them using string or signature searches (because they are different in each encryption). The virus then goes on to create a large number of copies.
The goal of this trickery is evasion. Antivirus programs often find viruses by the specific code used. Obscuring or changing the code of a virus can help it avoid detection. Polymorphic Viruses examples are Elkern, Marburg, Satan Bug and Tuareg. And for protection, to install a high-end antivirus as the normal ones are incapable of detecting this type of virus.
8. Memory Resident Viruses
Memory Resident Viruses reside in a computers volatile memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after its initiating program closes. A resident virus can be compared to a direct payload virus, which does not insert itself into the system’s memory and therefore only takes action when an infected file is executed. These viruses fix themselves in the computer memory and get activated whenever the OS runs and infects all the files that are then opened. Examples of Memory Resident Viruses are Randex, CMJ, Meve, and MrKlunky and protection against this virus a computer should be install with an antivirus program.
9. Web Scripting Virus
Many web pages include complex codes in order to create an interesting and interactive content. Displaying online video in your browser, for example, requires the execution of a specific code language that provides both the video itself and the player interface. Of course, this code can sometimes be exploited, making it possible for a virus to infect a computer or take actions on a computer through a website. Although malicious sites are sometimes created with purposely infected code, many such cases of virus exist because of code inserted into a site without the webmaster’s knowledge. For example, JS Fortnight is a virus that spreads through malicious e-mails. To protect, install the Microsoft tool application that is a default feature in Windows 2000, Windows 7 and Vista. Scan the computer with this application.
10. Trojan Horse
Source: http://www.google.com/image
Trojan Horse, which unlike viruses, do not reproduce by infecting other files, nor do they self-replicate like worms. In fact, it is a program which disguises itself as a useful program or application. A Trojan horse program has the appearance of having a useful and desired function. While it may advertise its activity after launching, this information is not apparent to the user beforehand. Secretly the program performs other, undesired functions. A Trojan Horse must be sent by someone or carried by another program and may arrive in the form of a joke program or software of some sort. The malicious functionality of a Trojan Horse may be anything undesirable for a computer user, including data destruction or compromising a system by providing a means for another computer to gain access, thus bypassing normal access controls.
11. Worms
A worm is a program that makes and facilitates the distribution of copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of system vulnerability or by clicking on an infected e-mail. Examples of worms are PSWBugbear.B, Lovgate.F, Trile.C, Sobig.D, Mapson and to protect, installing an updated version of antivirus will be able to prevent your computer from damage.
12. Logic Bombs/Time Bombs
These are viruses which are programmed to initiate at a specific date or when a specific event occurs. Some examples are a virus which deletes your photos on any events such dinner etc., or a virus which deletes a database table if a certain employee gets fired.
They are not considered viruses because they do not replicate. They are not even programs in their own right, but rather camouflaged segments of other programs. They are only executed when a certain predefined condition is met. Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched, the results can be destructive, and your entire data can be deleted.
Read More…
http://www.makeuseof.com/tag/types-computer-viruses-watch/
http://antivirus-software.topchoicereviews.com/types-of-viruses.html
http://www.buzzle.com/articles/different-types-of-computer-viruses.html
Bibimbap World (MIS 750) 