Shares the Knowledge !


Computer Virus


A computer virus is a man-made program or code that can cause damage to your data and software on a computer. It is able to replicate usually without knowledge and permission of the computer user.

It is a malicious software program written intentionally to enter a computer without the user's permission or knowledge. It has the ability to replicate itself, thus continues to spread. Some viruses do little but replicate, while others can cause severe harm or adversely affect program and performance of the system.

They are spread unknowingly from one infected computer to another via emails and instant messaging.

Types of Computer Viruses

Trojan horse- These are programs that claim to do one thing but actually do something else (usually damaging activity).

Resident virus- These dwell in the RAM and work by overcoming and interrupting all of operations executed by the system including corrupting of the files and programs that are opened and closed.


Direct action virus- This has a main purpose of replicating and taking action when it is executed. The batch file of this virus is always found in the root directory of the hard disk.

Overwrite virus- These are characterized by the fact that they delete the information that is contained in the files that they infect, and this renders the files as being partially or even totally useless once they have been infected.

Boot virus- These affect the boot sector of a floppy or hard disk.

Macro virus- These infect files that are created using certain applications or certain programs that contain macros.

E-mail virus- These can infect your desktop email system. They proliferate through e-mail messages and usually replicate by automatically e-mailing copies to all entries in your e-mail address book.

Worm- These are programs that are able to replicate on their own over computer networks. It scans a network for computers with same security hole that it can exploit to infect that machine, scan other machines for that security loophole, and continue replicating itself independently.

Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs. They are only executed when a certain predefined condition is met. Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go undetected until launched and the results can be destructive.

Resident Virus
This type of virus is a permanent as it dwells in the RAM. From there it can overcome and interrupt all the operations executed by the system. It can corrupt files and programs that are opened, closed, copied, renamed etc.
Examples: Randex, CMJ, Meve, and MrKlunky.

Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in as well as directories that are specified in the AUTOEXEC.BAT file path. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
Examples: Vienna virus.

Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. The only way to clean a file infected by an overwrite virus is to delete the file completely, thus losing the original content.
Examples: Way, Trj.Reboot, Trivial.88.D.

Boot Sector Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information of the disk itself is stored along with a program that makes it possible to boot (start) the computer from the disk. The best way of avoiding boot sector viruses is to ensure that floppy disks are write-protected and never starting your computer with an unknown floppy disk in the disk drive. Examples: Polyboot.B, AntiEXE.

Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one. Examples: Relax, Melissa.A, Bablas, O97M/Y2K.

Directory Virus
Directory viruses change the path that indicate the location of a file. When you execute a program file with an extension .EXE or .COM that has been infected by a virus, you are unknowingly running the virus program, while the original file and program is previously moved by the virus. Once infected it becomes impossible to locate the original files. Examples: Dir-2 virus.

Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system. This makes it impossible for anti-viruses to find them using string or signature searches (because they are different in each encryption). The virus then goes on creating a large number of copies. Examples: Elkern, Marburg, Satan Bug and Tuareg.

File Infector Virus
This type of virus infects programs or executable files (files with .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out. The majority of existing viruses belong to this category, and can be classified depending on the actions that they carry out. Examples: Cleevix and Cascade.

Companion Viruses
Companion viruses can be considered as a type of file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they 'accompany' the other files that already exist. In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident virus) or act immediately by making copies of themselves (direct action virus). Some examples include: Stator, Asimov.1539 and Terrax.1069

FAT Virus
The file allocation table or FAT is the part of a disk used to store all the information about the location of files, available space, unusable space etc. FAT virus attacks the FAT section and may damage crucial information. It can be especially dangerous as it prevents access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

Multipartite Virus
These viruses spread in multiple ways possible. It may vary in its action depending upon the operating system installed and the presence of certain files.
Examples: Invader, Flip and Tequila

Web Scripting Virus
Many web pages include complex code in order to create an interesting and interactive content. This code is often exploited to bring about certain undesirable actions. 


Share:

0 comments:

Post a Comment

Popular Posts