A computer virus, much like a coronavirus, is designed to spread from host to host and has the ability to replicate itself. A computer virus cannot reproduce and spread itself but is induced by people. Once created and released, however, their spread is not directly under human control.
A virus is a type of malicious software (malware) comprised of small pieces of code attached to legitimate programs. When that program runs, the virus runs.
A virus operates by inserting or attaching itself to a legitimate program or document that supports Macro so as to execute its code. In the process, a virus has the potential to cause unexpected or damaging effects, such as harming the system software by corrupting or destroying data”.
The purpose of creating a computer virus is to infect vulnerable systems, gain admin control, and steal user sensitive data. Hackers design computer viruses with malicious intent and prey on online users by tricking them.
Once a virus has successfully attached to a program, file, or document, the virus will lie dormant until the computer executes its code. In order for a virus to infect your computer, you have to run the infected program, which causes the virus code to be executed.
Once the virus infects your computer, the virus can infect other computers on the same network. Stealing passwords or data, logging keystrokes, corrupting files, spamming your email contacts, and even taking charge of your machine are just a few of the devastating and aggravating things a virus can do.
One of the most common methods by which viruses spread is thru emails – opening the attachment within the email, visiting an infected website, clicking on an executable file, or viewing an infected advertisement can cause the virus to spread to your system. Besides that, infections also spread while connecting with already infected removable storage devices, like USB drives.
A computer virus comes in several forms to infect the system in different ways. Some of the foremost common types of viruses are, Direct Action Virus, Multipartite Virus, Overwrite Virus, Polymorphic Virus, etc
A backdoor Virus is a malicious computer program used to provide the attacker with unauthorized remote access to a compromised PC by exploiting security vulnerabilities. This backdoor virus works in the background and hides from the user. It is quite difficult to detect as it is very similar to other malware viruses.
Boot sector Virus
A boot sector virus (also known as a boot infector, an MBR virus or DBR virus) targets and infects a specific, physical section of a computer system that contains information crucial to the proper operation of the computer’s operating system (OS).
Browser Hijacker Virus
A web Browser redirect viruses infects your web browser in such a way that, it will bring you to different websites or injects content into webpages you have opened or opens new tabs with ads, multiple fake websites or steals your info.
A companion virus is a complicated computer virus that stores itself in a file. This is a virus that can infect your files without changing a single byte in the infected file. The other viruses, spawning virus, and cluster virus are similar in nature where they also don’t change the bytes of infected files. Companion viruses mostly need human intervention to further infect a computer.
Direct Action Virus
A direct action virus is a program intentionally designed to associate itself with another computer program in a way that when the original program run, the virus program also runs as well. This way the virus replicates itself by attaching itself to other programs. Direct-action viruses load with the host program into computer memory. Direct action viruses are easy to identify and therefore the infected files are often fully restored to their original condition.
A directory virus, also called cluster virus or File System Virus, functions by infecting the directory of your computer. Directory viruses change the path that indicates the locale of a file. When you execute a program file with an extension.EXE or.COM that has been infected by a malware, you are unknowingly running the virus program, while the original file and program are previously moved by the virus. Once infected it becomes impossible to locate the original files.
An encrypted virus encrypts its payload with the intention of making detection more difficult. With encryption, it hides from virus scanners. An encrypted virus’s code begins with a decryption algorithm and continues with scrambled or encrypted code for the remainder of the virus. Each time it infects, it automatically encodes itself differently, so its code is never the same.
File infecting Virus
A file-infecting virus is a type of malware that infects executable files with the intent to cause permanent damage or make them unusable. A file-infecting virus overwrites code or inserts infected code into an executable file. This type of virus can infect a number of operating systems, including Macintosh, Windows, and Unix. This is one of the most common viruses.
The heuristic virus is also known as the Heur.Invader virus. It is dangerous because it can alter your system’s security settings which enables the virus to download more viruses and software. The viruses that are downloaded may steal your information from your computer and transmit it to other people.
Logic bomb Virus
Logic bomb virus also referred to as slag code, it is a malicious program that uses a trigger to activate the malicious code. The logic bomb remains non-active until that trigger activates the code at certain date or time. Once triggered, a logic bomb implements a malicious code that causes harm to a computer. The trigger could include, a particular record being deleted from a system or a specific number of database entries.
A macro virus (application -oriented) is a computer virus written in the same macro language used for software programs, including Microsoft Excel or word processors such as Microsoft Word.It adds its code to the macros associated with spreadsheets, documents, and other data files in a system.When a macro virus infects a software application, it causes a sequence of actions to begin automatically when the application is opened.
A multipartite virus, a fast-moving virus, infects computer systems multiple times and at different times. A multipartite virus is also known as a hybrid virus. The effects of a it is far-reaching and very damaging to a computer system.This virus is able to attack both the boot sector and executable files of an infected computer simultaneously as they have the capacity to spread in multiple ways.
An overwriting virus is a malicious program which, after infection, will effectively destroy the original program code, typically by overwriting data in the system’s memory.It “writes over them” with random data.An overwrite virus actually removes the data completely.Overwriting viruses are extremely harmful because they actually destroy elements of a user’s system.
A polymorphic virus is complex file viruses (infectors) that can create modified versions of itself to avoid detection yet retain the same basic routines after every infection. To change their physical file makeup during each infection, polymorphic viruses encrypt their codes and use different encryption keys every time.In simple words, they constantly change their identifiable features in order to evade detection.
A resident virus is a type of malware that functions by installing malicious code into the memory of the computer. Depending on the virus’ programming, it can then infect any file run by the computer. This type of virus even attaches itself to anti-virus applications, thereby allowing it to infect any file scanned by the program. They are also known as the Terminate and Stay Resident (TSR)
A non-resident virus is a computer virus that does not store or execute from computer memory. Non-resident viruses will have two modules, a finder module, and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file.
A spacefiller virus also called cavity virus or Chernobyl virus or CIH is a rare type of computer virus that attempts to install itself by filling in empty sections of a file. By only using empty sections of a file, the virus can infect a file without changing the size of the file, making it more difficult to detect.
Sparse infector Virus
A sparse infector virus infects files only when certain conditions are met, programmed in the virus. Sparse infectors use this distinct strategy to reduce their detection. For instance to inflict file only when opened 24th time or on 12th of every month etc. They infect occasionally,will not spread as quickly but will also probably not be discovered as easily.
A stealth virus is a hidden computer virus that attacks OS processes and averts typical anti-virus or anti-malware scans. Stealth viruses hide in files, partitions, and boot sectors and are adept at deliberately avoiding detection.