Computer Virus: Definition

A computer virus is a piece of code that gets implanted in a program and is constructed with the ability to self-replicate;
affecting other programs on a computer. It’s just like how humans get a cold or flu, it can remain dormant within the
system and get activated when you least expect it.

A virus has the potential to cause unexpected damage to the system, such as harming the system software by corrupting
or destroying data.

A computer virus is formed to diffuse from one host to another and thus there are numerous ways how the user’s
computer catches it. It can be through email attachments, downloaded files, during software installations, or using
unsecured links. These viruses can steal the user’s data such as passwords, hack into their social media accounts or online
banking accounts, and also wipe out all the saved data.

When a virus program is executed, it replicates itself by changing other computer programs and rather enters its coding.
This code infects a file or program and if it grows massively, it may ultimately result in the crashing of the device. Certain
indications can help you analyze that a device is virus-hit. Given below are some of them:

In case a virus is fully executed into a user’s device, the time needed to open any application may become longer and the
entire system processing becomes slower.

Started getting too many pops up on the window or screen while working, this is also an indication of a virus attack on
the system.

Files or applications may begin to open by themselves in the background of the system without the user’s knowledge.

In case of a virus attack, the possibility of accounts getting hacked increases and even the user might get logged out of all
the systems and applications.

In most cases, if the virus grows at maximum then changes can be seen in the files and programs, and this may even lead
to a system crash.

Computer Virus & Its Types

Definition: A computer virus is a malicious software program loaded onto a user’s computer without the user’s
knowledge and performs malicious actions.It can self-replicate, inserting itself onto other programs or files, infecting
them in the process. Not all computer viruses are destructive though
Classification of Viruses

Viruses are classified on the basis of their mode of existence and there are three categories of viruses:

Boot Infectors : A system infected by such virus will have the virus residing in a particular area of the disk rather in
a program file. This virus get loaded soon after the Power on Self Test and control the system and remains in control
at all times. Boot infectors create “bad sectors”.

System Infectors : This category of virus deals with the components of the system itself. System infectors attach
themselves to a file such as COMMAND.COM or other memory resident files and manipulate these files. System
infectors differ from boot infectors that system infectors gain control after the computer is booted and infects a
hard disk or bootable floppies which contain system files only.

General Executable Program Infectors : This type of viruses are most dangerous virus. They attach themselves to
a program files and can spread to almost any executable program in any system. This viruses change themselves to a
program instruction. As a result , Whenever the program is executed, the virus gets loaded and executed first and
then allows the original program to proceed.

Different Types of Virus

Brain Virus : This is the first developed virus also known as Pakistani virus. It was developed by Pakistani brothers.
The virus pops up screen saying “welcome to the Dungeon”. This virus is known to destroy data and are highly
contiguous.

Scores Virus : Score virus has a built in time trigger that activates at 2,3,4 and seven days after the disk has
infected. Data files are not directly affected by this virus, but ensure of this virus requires deletion of all the files.

Lehigh Virus : This virus originated at the Lehigh University computer centre. This virus stays in the stack space of
COMMAND.COM . With the booting of a PC from an infected disk, the virus is spread through commands such as
COPY, TYPE, DIR etc. The boot sector and FAT get ruined from this virus.

Friday the 13th : This virus attack not only COMMAND.COM but also other executable files. When a .COM or .EXE
file is executed for the first time after boosting the virus captures a specific interrupt and inserts its own code. It
increases the .EXE and .COM file size cause the program to become too large in loaded into memory.

SunnyVale Slug Virus: This virus display a message “Greeting from SunnyVale. can u find me ? “. And also modifies
the COPY command resulting in deletion of files instead of copying.

Raindrops Virus: This virus infects .COM files. It intercepts the load and execute the function of MS- DOS. It
checks whether the file is .EXE or not. If the file is not an EXE file, the first three bytes of the file are replaced by a
jump instruction at the end of the file . where it gets attached after encryption. This results in drpping or showering
of characters on the screen like raindrops with sounds.

Happy Birthday 30th: This virus gets activated on January 5th, If any of the program get executed , and will ask the
user to type “Happy Birthday 30th”, It can destroy all the data on the disk.
Key Logger: A key logger is a software program designed to record every key stroke on the machine. Its pupose is
usually to allow the user of this tool to gain access to confidential information on the affected machine, such as a
user’s password or other private data.

Password Cracking: Password Cracking is the process of recovering password from data that has been stored in or
transmitted by a computer system. A common approach is to repeatedly try guesses for the password.

Packet Sniffer: A Packet Sniffer is an application that captures data packets, which can be used to capture
passwords and other data in transmit over the network.

Spoofing Attack ( Phishing ): A spoofing attack involves one program, or website successfully masquerading as
another by falsifying data and thereby being treated as a trusted system by a user or another program. The pupose
of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and
passwords, to the attacker.

Rootkit: A Rootkit is designed to conceal the compromise of a computer’s security, and can represent any of a set
of programs which work to subvert control of an operating system from its legitimate user to detect the presence of
the intruder on the system by looking at process tables.

Common Security Breach Methods

Worm : Like a virus, a WORM is also a self replicating program. The difference between a Virus and Worm is that a
WORM does not create copies of itself on one system. It propagate through computer network. So it consumes
system memory and network bandwidth.

Trojan horses : A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A
trojan horse can be used to set up a back door in a computer system such that the intruder can gain access access
later.
Boot Sector Virus : A boot sector virus is a type of virus that infects the boot sector of floppy disks or the Master
Boot Record(MBR) of hard disks(some infect the boot sector of the hard disk instead of the MBR). Eg . C Brain was
the first boot sector virus created in 1986 in Lahore Pakistan.

Macro Virus : A macro virus is a computer virus that infects the document files like MS. Word, Excel, Powerpoint
etc. It causes sequence of actions to be performed automatically when the application is started or something else
trigger it. A typical effect is the undesired insertion of some comic text at certain points when writing a line. A macro
virus is often spread as an email virus. Eg, Melissa Virus spread in March 1999.

Spyware : These are the malicious(harmful) program which is installed into our system without your knowledge and
collects the personal information without user permission.”Spyware” is mostly classified into four types : adware ,
system monitors, tracking cookies, and trojans.

Adware : These are the advertisement supporters which automatically renders for advertisement. These
advertisement can be in the form of popup.

Malware : These are malicious program which includes computer virus, worm, trojan horse, spyware and
adware,scareware and other malicious programs.

Important Points

Creeper Virus was the first virus of world in ARPANET(Advanced Research Project Agency Network) in 1970.

ELK Cloner was the first virus that act on PC in 1982.

VIRUS stands for “Vital Information Resource under Seize”.

Computer Virus: Names and Definitions

Explained below are the various types of computer viruses:

Boot Sector Virus

It is a kind of virus that affects the boot sector. This type of virus enters the system when computers are booted from
floppy disks. Nowadays, these viruses can even penetrate in forms of physical media such as external hard drives or USBs.
The Boot sector includes all the files which are needed to start the Operating system of the computer. The virus either
overwrites the existing program or replicates itself to another part of the disk.

Direct Action Virus

When a virus connects itself directly to a .exe or .com file and penetrates the device while its execution is named a Direct
Action Virus. It is also known as a Non-Resident Virus as it does not install itself.

These viruses are active only when the user executes the file containing the virus, otherwise, it remains dormant. The
main objective of this type of virus is to replicate and infect files inside the folder.

Also, learn about Types of Computer Network Topology here.

Resident Virus
Unlike Direct Action Virus this type of virus installs itself in the primary memory of the computer and then infects other
files and programs. A resident virus can affect anytime when an operating system loads; heading towards file and
program corruption. These viruses are hidden in the memory and are hard to find and removed from the system.

Multipartite Virus
This variety of viruses are very infectious and can infect and spread in various ways. It can infect multiple parts of the
system including program files, memory files, and boot sector. If a multipartite virus hits your system, then you are at risk
of cyber threat.

Overwrite Virus
One of the most damaging viruses, the overwrite virus can fully remove the existing program and substitute it with the
malicious code by overwriting it. These types of viruses generally spread through emails and are difficult to trace, to
remove the virus one needs to delete the infected file.

Polymorphic Virus
A polymorphic virus is difficult to track or remove as these viruses alter their code each time an infected file is executed.
Spread through spam and infected websites.

Learn more about the Types of Computer Network Devices here.

File Infector Virus

As the name hints, it first infects a single file and then later grows itself to other executable files and programs. The main
cause of this virus are games and word processors. It is also named a parasitic virus which typically affects files with .exe
or .com extensions. This type of virus generally slows down the performance of the program followed by many other
damages.

Spacefiller Virus
As the name implies, this type of virus fills in the empty spaces of a file with viruses without affecting the size of the file
such that the user cannot detect it easily. It is also recognized as a “cavity virus”.
Macro Virus
Macro viruses are composed in the same macro language adopted for software applications. These viruses are normally
stored as part of a document and can spread when the files are transferred to other computers, often through email
attachments.

Read more about Types of Computers, here.

Browser hijacker
This type of virus targets and modifies the user’s browser settings. It is often termed a “browser redirect virus” as it
redirects the user’s browser to other malicious websites. This virus can also lead to shifting the default home page of the
browser.

Web Scripting Virus

This type of virus utilizes the code of web browsers and web pages. If the user enters such a web page, the virus can
contaminate their computer. Web scripting viruses can steal user’s cookies and use the data to post on the user’s behalf
on the infected website.

What is an Anti-Virus?
Antivirus software is a usually available and extensively used program or set of programs that are outlined to restrict,
search for, detect, and remove software viruses, and other malicious software like worms, Trojans, adware, and more.

Why Do We Need Antivirus Software?

These tools are crucial for users to have loaded and up-to-date because a computer in the absence of antivirus software
protection will be infected within minutes of connecting to the internet.

The bombardment is constant, which implies antivirus companies have to update their detection tools periodically to
tackle the more than 60,000 new pieces of malware created every day.

Today’s malware (an umbrella term that encapsulates computer viruses) alters appearance suddenly to prevent
detection by older definition-based antivirus programs. Viruses can be designed to cause damage to the device, prohibit a
user from accessing data, or take control of the computer.

Learn about the various Computer Shortcut Keys here.

What Does Antivirus Software Do?

Various companies create antivirus software and what every one of them offers can be different but all perform the
following essential functions:

Scan particular files or directories for any malware or predetermined malicious patterns.

Allow users to plan scans to automatically run for the user.

Allow users to conduct a scan of a selected file or the entire computer, or of a CD or flash drive at any time.
Quarantine any malicious piece of program detected, sometimes the user will be notified of such infection and asked if
he/she wants to dump the file, other programs will automatically do this in the background.

Reminds about the ‘health’ of the computer.

Always be sure the user has the best, up-to-date security software installed to protect his/her devices like computers,
laptops, tablets, and smartphones.

How Does Antivirus Software Work?

Most of the antivirus software programs still download malware definitions straight to the user’s device and scan the files
in search of any possible matches.

But since, as it’s mentioned above, most malware periodically morphs in appearance to avoid being caught, Webroot
works differently. Rather than storing examples of recognized malware on the device, it saves malware definitions in
cloud storage. This enables us to acquire less space, scan quicker, and manage a more robust threat library. Some of the
examples of antivirus are Norton(for Android and Windows), McAfee( iOS and Mac), Vipre, Avast, and Kaspersky.

MALWARE

“MALWARE = MALICIOUS + SOFTWARE = HARMFULL SOFTWARE .”

· Malware is software used or created to disrupt computer operation, gather Sensitive information, or gain
access to private computer systems.

• It can appear in the form of code, scripts, active content, and other software.

• 'Malware' is a general term used to refer to a variety of forms of hostile, intrusive, or annoying software.

TYPES OF MALWARE

• Viruses

• Trojan

• Horses

• Worms

• Spyware

• Zombie

• Phishing

• Spam

• Adware

• Ransom ware

TROJAN HORSE
Trojan horse is a program that acts as a malicious or harmful code.it designed to cause some malicious activity or
to provide a backdoor to your system.

Example - Beast, Rat, Net bus, Girlfriend etc.

VIRUS

Computer viruses are small software programs that are designed to spread from one computer to another and to
interfere with computer operation VIRUS Stands for “Vital Information Resource Under Seize”.

Backdoor

A program that allows a remote user to execute commands and tasks on your computer without your permission.
These types of programs are typically used to launch attacks on other computers, distribute copyrighted software
or media, or hack other computers

Hijackers

A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own
start page, redirecting search queries to a undesired search engine, or replace search results from popular search
engines with their own information

WORM

A computer worm is a standalone malware computer program that replicates itself in order to spread to other
computers. Often, it uses a computer network to spread itself, relying on security failures on the target computer
to access it.

Spyware

Spyware is software that aims to gather information about a person or organization without their knowledge and
that may send such information to another entity without the consumer's consent, or that asserts control over a
computer without the consumer's knowledge.

Spyware does not necessarily spread in the same way as a virus or worm. Most spyware is installed without
users' knowledge, or by using deceptive tactics. Spyware may try to deceive users by bundling itself with
desirable software. Most common example is key-logger.

ADWARE

Adware or advertising - supported software, is any software package that automatically renders advertisements
in order to generate revenue for its author. The advertisements may be in the user interface of the software or on
a screen presented to the user during the installation process.

ZOMBIE
Zombie programs take control of your computer and use it and its Internet connection to attack other computers
or networks or to perform other criminal activities.

PHISHING

• Phishing (pronounced like the word 'fishing') is a message that tries to trick you into providing information like
your social security number or bank account information or login and password for a web site.

• The message may claim that if you do not click on the link in the message and log onto a financial web site that
your account will be blocked, or some other disaster.