What is a Computer Virus?
The term virus stands for ‘Vital Information Recourse Under Siege.’ Fred Cohen first defined the term ‘computer virus’ in 1983. Computer viruses are malicious code or programs that alter the way a computer operates and can multiply itself from one computer to another without the user’s permission. A virus installs or attaches itself to a legitimate program or document supporting macros to execute its code. Computer viruses behave differently depending on their types. Not all PC viruses are meant to harm your computer’s data, software, or hardware. Some remain in memory until the computer is shut down, while others may be active only as long as the infected application is functional. A computer virus is a malicious program created to cause damage to computers on a large scale.
For a long time, viruses have infected various devices through the Internet or other means. Viruses aim to steal information and destroy the device. Here is a list of computer viruses that have been causing damage to users’ PCs since 1970.
|2000||I Love You|
|2020||Fake Coronavirus Alert Email|
Different Types of Computer Viruses
The following are the different types of computer viruses:
|Boot||The virus infects the boot sector of your computer and runs every time the computer boots. It can also infect floppy disks and other bootable media. As a result, these viruses are called memory viruses since they do not contaminate the file system.|
|Botnets||Their goal is to introduce infected computers into a capable network controlled remotely.|
|Directory||Direct action occurs when a virus is attached to an executable file, and when the file is opened or executed, the virus gets installed or spread. This virus does not damage the computer’s performance or delete any files.|
|The virus spreads through email messages. It can be activated when a user clicks on a link, opens an attachment, or interacts with the infected email message.|
|Encrypted||This type of virus is encrypted to avoid detection by antivirus software. It includes a decryption algorithm. When it runs, the virus is unencrypted.|
|File Infectors||It appends itself to the end of a file to infect the system. This modification alters the program’s start so that the control jumps to its code.|
|Logic Bombs||The computer system is infected by viruses only if certain conditions are met, i.e., logic. It is difficult for antivirus software to detect them since they remain undetected until they become active.|
|Macro||These viruses are activated when a program capable of performing a macro is executed. Macro viruses, for example, can be found in spreadsheet files.|
|Multipartite||The virus can infect a computer’s boot sector, memory, and files, among other places. Due to this, its detection and containment are difficult.|
|Overwrite||The overwrite virus can remove the existing program and replace it with malicious code by overwriting it among the most destructive viruses. Eventually, the harmful code can completely replace the host’s programming code.|
|Polymorphic||Poly means many and morphic means shaped. Therefore, this virus changes its form every time. A virus signature is a pattern that can determine whether a virus is present or not (a sequence of bytes in the virus code). To avoid being detected by anti-virus software, this virus changes itself each time it installs. There is no change in the functionality of the virus, and only the signature is updated.|
|Resident||A computer virus saves itself in the computer’s memory before infecting other files and programs after the original software has stopped working. Due to its ability to hide in computer memory and its difficulty removing, this virus can quickly spread to other files.|
|Scareware||When a virus infects a computer, the virus disguises itself. The virus usually appears as a harmless anti-virus program.|
|Spacefiller||A rare virus fills in the empty spaces of a file with viruses. The virus is known as a cavity virus. The virus will neither affect the size of the file nor can it be detected easily.|
|Stealth||Due to its ability to modify the detection code, this virus is difficult to detect. The detection of viruses is therefore complicated.|
|Trojan||The software downloads and spreads other malicious programs and can remotely control the computer installed.|
How does Computer Virus Work?
“Computer virus” is an umbrella term encompassing many types of viruses, delivery mechanisms, and effects. There are two types of computer viruses based on how they work:
- Those which immediately begin to replicate and spread upon entry into your computer.
- Those which lay dormant, waiting to be triggered by unwittingly executing their code.
Computer Virus Life Cycle
The life cycle of a virus consists of four phases (inspired by biologists’ classification of real-life viruses).
- Phase 1 – Dormant Phase: The dormant phase is the period during which a virus remains hidden in your system.
- Phase 2 – Propagation Phase: In the propagation phase, the virus copies itself in files, programs, and other parts of your computer that continue replicating.
- Phase 3 – Triggering Phase: A specific event generally triggers or activates a virus in the triggering phase. An example would be clicking an icon or opening an application.
- Phase 4 – Execution Phase: The virus releases its payload, the malicious code that harms the computer during the execution phase.
How Computer Virus Propagates?
A computer virus can propagate over the internet in several ways like emails, downloads, messaging services, old software & malvertising.
Symptoms of Computer Virus
In the event of a virus attack, you may first observe an increase in your computer’s response time, and gradually other changes become apparent. The virus only affects the programming of the device, so it is not visible. However, some indicators may help you determine whether a device has been infected with a virus. These are some examples of early signs:
- Slow down the speed of the computer
- Destroying system software & files
- Corrupting data & applications
- Record keystrokes
- Pop-up windows
- Self-execution of program
- Log out from Accounts
In addition, the following symptoms may also be observed in a system infected with the virus:
- Browser homepage change
- Disabled antivirus
- Frequent crashes
- Hijacked email
- Increased network traffic
- Intrusive pop-ups
- Missing files
- Slow performance
- Storage space shortage
- Unknown login items
How to Prevent Computer Viruses?
The following are some key measures you can take to protect your computer from viruses:
- Avoid opening attachments in spam emails.
- Before installing apps and software, read their descriptions.
- Check out apps and software by reading user reviews.
- Don’t insert unknown USB drives or disks into your computer.
- Install anti-virus software or a comprehensive internet security solution
- Look at the permissions that applications and software require. Is this appropriate
- Make sure you only download apps from reputable sources.
- Make use of a secure VPN connection when using public Wi-Fi.
- Never click on unverified links in spam emails, messages, or unfamiliar websites.
- Update your software, apps, and operating system regularly.
- Verify the number of downloads an application has received. The higher, the better.
How to Detect Computer Virus?
Cyber security threats and ransomware attacks are increasing at a tremendous pace. It is extremely difficult for cyber security analysts and incident responders to investigate and detect cyber security threats using conventional tools and techniques. NetSecurity’s ThreatResponder, with its diverse capabilities, can help your team detect the most advanced cyber threats, including APTs, zero-day attacks, viruses, and ransomware attacks. It can also help automate incident response actions across millions of endpoints, making it easy, fast, and hassle-free.
Want to try our ThreatResponder, cutting-edge Endpoint Detection & Response (EDR), and ThreatResponder FORENSICS, the Swiss knife for forensic investigators in action? Click on the below button to request a free demo of our NetSecurity’s ThreatResponderplatform.
The page’s content shall be deemed proprietary and privileged information of NETSECURITY CORPORATION. It shall be noted that NETSECURITY CORPORATION copyrights the contents of this page. Any violation/misuse/unauthorized use of this content “as is” or “modified” shall be considered illegal and subjected to articles and provisions that have been stipulated in the General Data Protection Regulation (GDPR) and Personal Data Protection Law (PDPL).