Pages

Thursday, 20 April 2017

The 7 Types of Computer Viruses & What they do

The 7 Types of Computer Viruses & What they do
Just like human viruses, computer viruses come in many forms and can affect your machine in different ways. Obviously, your computer isn’t going to spend a week in bed and need a course of antibiotics, but a severe infection can wreak havoc on your system. They can delete your files, steal your data, and easily spread to other devices on your network.

In this article, I’m going to introduce you to seven of the most common computer viruses. I’ve excluded Trojan horses and worms; although they might display similar symptoms to a virus, they are technically not the same thing.



1. Boot Sector Virus

From a user perspective, boot sector viruses are some of the most dangerous. Because they infect the master boot record, they are notoriously difficult to remove, often requiring a full system format. This is especially true if the virus has encrypted the boot sector or excessively damaged the code.

They typically spread via removable media. They reached a peak in the 1990s when floppy disks were the norm, but you can still find them on USB drives and in email attachments. Luckily, improvements in BIOS architecture have reduced their prevalence in the last few years.

2. Direct Action Virus

A direct action virus is one of the two main types of file infector viruses (the other being a resident virus). The virus is considered “non-resident”; it doesn’t install itself or remain hidden in your computer’s memory.

It works by attaching itself to a particular type of file (typically EXE or COM files). When someone executes the file, it springs into life, looking for other similar files in the directory for it to spread to.
On a positive note, the virus does not typically delete files nor hinder your system’s performance. Aside from some files becoming inaccessible, it has a minimal impact on a user and can be easily removed with an anti-virus program.

3. Resident Virus

Resident viruses are the other primary type of file infectors. Unlike direct action viruses, they install themselves on a computer. It allows them to work even when the original source of the infection has been eradicated. As such, experts consider them to be more dangerous than their direct action cousin.

Depending on the programming of the virus, they can be tricky to spot and even trickier to remove. You can split resident viruses into two areas; fast infectors and slow infectors. Fast infectors cause as much damage as quickly as possible and are thus easier to spot; slow infectors are harder to recognize because their symptoms develop slowly.
n a worst-case scenario, they can even attach themselves to your anti-virus software, infecting every file the software scans. You often need a unique tool – such as an operating system patch – for their total removal.

4. Multipartite Virus

While some viruses are happy to spread via one method or deliver a single payload, Multipartite viruses want it all. A virus of this type may spread in multiple ways, and it may take different actions on an infected computer depending on variables, such as the operating system installed or the existence of certain files.
They can simultaneously infect both the boot sector and executable files, allowing them to act quickly and spread rapidly.
The two-pronged attack makes them tough to remove. Even if you clean a machine’s program files, if the virus remains in the boot sector, it will immediately reproduce once you turn on the computer again.

5. Polymorphic Virus

According to Symantec, polymorphic viruses are one of the most difficult to detect for an anti-virus program. It claims anti-virus firms need to “spend days or months creating the detection routines needed to catch a single polymorphic”.

But why are they so hard to protect against? The clue is in the name. Anti-virus software can only blacklist one variant of a virus – but a polymorphic virus changes its signature (binary pattern) every time it replicates. To an anti-virus program, it looks like an entirely different piece of software, and can, therefore, elude the blacklist

6. Overwrite Virus

To an end-user, an overwrite virus is one of the most frustrating, even if it’s not particularly dangerous for your system as a whole.
That’s because it will delete the contents of any file which it infects; the only way to remove the virus is to delete the file, and consequently, lose its contents. It can infect both standalone files and entire pieces of software.
Overwrite viruses typically have low visibility and are spread via email, making them hard to identify for an average PC user. They enjoyed a heyday in the early 2000s with Windows 2000 and Windows NT, but you can still find them in the wild.

7. Spacefiller Virus

Also known as “Cavity Viruses”, spacefiller viruses are more intelligent than most of their counterparts. A typical modus operandi for a virus is to simply attach itself to a file, but spacefillers try to get into the empty space which can sometimes be found within the file itself.

This method allows it to infect a program without damaging the code or increasing its size, thus enabling it to bypass the need for the stealthy anti-detection techniques other viruses rely on.
Luckily, this type of virus is relatively rare, though the growth of Windows Portable Executable files is giving them a new lease of life.

Prevention is Better Than the Cure

As always, taking sensible steps to protect yourself is preferable to dealing with the potentially crippling fallout if you’re unlucky enough to get infected.
Use a highly-regarded anti-virus suite, don’t open emails from unrecognized sources, don’t trust free USB sticks from conferences and expos, don’t let strangers use your system, and don’t install software from random websites..


No comments:

Post a Comment