Under Attack? Contact Us Start a Free Demo

What is a Computer Virus?

Introduction:

The term virus stands for ‘Vital Information Recourse Under Siege.’ Fred Cohen first defined the term ‘computer virus’ in 1983. Computer viruses are malicious code or programs that alter the way a computer operates and can multiply itself from one computer to another without the user’s permission. A virus installs or attaches itself to a legitimate program or document supporting macros to execute its code. Computer viruses behave differently depending on their types. Not all PC viruses are meant to harm your computer’s data, software, or hardware. Some remain in memory until the computer is shut down, while others may be active only as long as the infected application is functional. A computer virus is a malicious program created to cause damage to computers on a large scale.

For a long time, viruses have infected various devices through the Internet or other means. Viruses aim to steal information and destroy the device. Here is a list of computer viruses that have been causing damage to users’ PCs since 1970.

Year Virus
1970 Rabbit Virus
1971 Creeper System
1982 Elk Cloner
1986 Brain
1988 Catastrophic virus
1988 The Morris
1990 Polymorphic
1995 Concept
1999 Happy99
2000 I Love You
2003 Blaster
2004 Sasser
2006 Nyxem
2007 Storm Worm
2008 Torpig
2009 w32.Dozer
2010 Stuxnet
2011 Anti-Spyware
2012 CryptoLocker
2013 Gameover ZeuS
2014 Regin
2015 BASHLITE
2016 Tiny Banker
2017 WannaCry
2020 Fake Coronavirus Alert Email
2021 Cyborg
2022 Clop Ransomware

Different Types of Computer Viruses

The following are the different types of computer viruses:

Virus Type Description
Boot The virus infects the boot sector of your computer and runs every time the computer boots. It can also infect floppy disks and other bootable media. As a result, these viruses are called memory viruses since they do not contaminate the file system.
Botnets Their goal is to introduce infected computers into a capable network controlled remotely.
Directory Direct action occurs when a virus is attached to an executable file, and when the file is opened or executed, the virus gets installed or spread. This virus does not damage the computer’s performance or delete any files.
Email The virus spreads through email messages. It can be activated when a user clicks on a link, opens an attachment, or interacts with the infected email message.
Encrypted This type of virus is encrypted to avoid detection by antivirus software. It includes a decryption algorithm. When it runs, the virus is unencrypted.
File Infectors It appends itself to the end of a file to infect the system. This modification alters the program’s start so that the control jumps to its code.
Logic Bombs The computer system is infected by viruses only if certain conditions are met, i.e., logic. It is difficult for antivirus software to detect them since they remain undetected until they become active.
Macro These viruses are activated when a program capable of performing a macro is executed. Macro viruses, for example, can be found in spreadsheet files.
Multipartite The virus can infect a computer’s boot sector, memory, and files, among other places. Due to this, its detection and containment are difficult.
Overwrite The overwrite virus can remove the existing program and replace it with malicious code by overwriting it among the most destructive viruses. Eventually, the harmful code can completely replace the host’s programming code.
Polymorphic Poly means many and morphic means shaped. Therefore, this virus changes its form every time. A virus signature is a pattern that can determine whether a virus is present or not (a sequence of bytes in the virus code). To avoid being detected by anti-virus software, this virus changes itself each time it installs. There is no change in the functionality of the virus, and only the signature is updated.
Resident A computer virus saves itself in the computer’s memory before infecting other files and programs after the original software has stopped working. Due to its ability to hide in computer memory and its difficulty removing, this virus can quickly spread to other files.
Scareware When a virus infects a computer, the virus disguises itself. The virus usually appears as a harmless anti-virus program.
Spacefiller A rare virus fills in the empty spaces of a file with viruses. The virus is known as a cavity virus. The virus will neither affect the size of the file nor can it be detected easily.
Stealth Due to its ability to modify the detection code, this virus is difficult to detect. The detection of viruses is therefore complicated.
Trojan The software downloads and spreads other malicious programs and can remotely control the computer installed.

How does Computer Virus Work?

“Computer virus” is an umbrella term encompassing many types of viruses, delivery mechanisms, and effects. There are two types of computer viruses based on how they work:

  • Those which immediately begin to replicate and spread upon entry into your computer.
  • Those which lay dormant, waiting to be triggered by unwittingly executing their code.

Computer Virus Life Cycle

The life cycle of a virus consists of four phases (inspired by biologists’ classification of real-life viruses).

  • Phase 1 – Dormant Phase: The dormant phase is the period during which a virus remains hidden in your system.
  • Phase 2 – Propagation Phase: In the propagation phase, the virus copies itself in files, programs, and other parts of your computer that continue replicating.
  • Phase 3 – Triggering Phase: A specific event generally triggers or activates a virus in the triggering phase. An example would be clicking an icon or opening an application.
  • Phase 4 – Execution Phase: The virus releases its payload, the malicious code that harms the computer during the execution phase.

How Computer Virus Propagates?

A computer virus can propagate over the internet in several ways like emails, downloads, messaging services, old software & malvertising.

Symptoms of Computer Virus

In the event of a virus attack, you may first observe an increase in your computer’s response time, and gradually other changes become apparent. The virus only affects the programming of the device, so it is not visible. However, some indicators may help you determine whether a device has been infected with a virus. These are some examples of early signs:

  • Slow down the speed of the computer
  • Destroying system software & files
  • Corrupting data & applications
  • Record keystrokes
  • Pop-up windows
  • Self-execution of program
  • Log out from Accounts

In addition, the following symptoms may also be observed in a system infected with the virus:

  • Browser homepage change
  • Disabled antivirus
  • Frequent crashes
  • Hijacked email
  • Increased network traffic
  • Intrusive pop-ups
  • Missing files
  • Slow performance
  • Storage space shortage
  • Unknown login items

How to Prevent Computer Viruses?

The following are some key measures you can take to protect your computer from viruses:

  • Avoid opening attachments in spam emails.
  • Before installing apps and software, read their descriptions.
  • Check out apps and software by reading user reviews.
  • Don’t insert unknown USB drives or disks into your computer.
  • Install anti-virus software or a comprehensive internet security solution
  • Look at the permissions that applications and software require. Is this appropriate
  • Make sure you only download apps from reputable sources.
  • Make use of a secure VPN connection when using public Wi-Fi.
  • Never click on unverified links in spam emails, messages, or unfamiliar websites.
  • Update your software, apps, and operating system regularly.
  • Verify the number of downloads an application has received. The higher, the better.

How to Detect Computer Virus?

Cyber security threats and ransomware attacks are increasing at a tremendous pace. It is extremely difficult for cyber security analysts and incident responders to investigate and detect cyber security threats using conventional tools and techniques. NetSecurity’s ThreatResponder, with its diverse capabilities, can help your team detect the most advanced cyber threats, including APTs, zero-day attacks, viruses, and ransomware attacks. It can also help automate incident response actions across millions of endpoints, making it easy, fast, and hassle-free.

Want to try our ThreatResponder, cutting-edge Endpoint Detection & Response (EDR), and ThreatResponder FORENSICS, the Swiss knife for forensic investigators in action? Click on the below button to request a free demo of our NetSecurity’s ThreatResponderplatform.

Disclaimer

The page’s content shall be deemed proprietary and privileged information of NETSECURITY CORPORATION. It shall be noted that NETSECURITY CORPORATION copyrights the contents of this page. Any violation/misuse/unauthorized use of this content “as is” or “modified” shall be considered illegal and subjected to articles and provisions that have been stipulated in the General Data Protection Regulation (GDPR) and Personal Data Protection Law (PDPL).