Types of viruses


Published on


Published in: Entertainment & Humor
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Types of viruses

  1. 1. Types Of VirusesNot all computer viruses behave, replicate, or infect the same way. There are several differentcategories of viruses and malware. Below I list and discuss some of the most common types of computerviruses.Trojan Horse:A trojan horse program has the appearance of having a useful and desired function. While it mayadvertise its activity after launching, this information is not apparent to the user beforehand. Secretlythe program performs other, undesired functions. A Trojan Horse neither replicates nor copies itself, butcauses damage or compromises the security of the computer. A Trojan Horse must be sent by someoneor carried by another program and may arrive in the form of a joke program or software of some sort.The malicious functionality of a Trojan Horse may be anything undesirable for a computer user, includingdata destruction or compromising a system by providing a means for another computer to gain access,thus bypassing normal access controls.Worms:A worm is a program that makes and facilitates the distribution of copies of itself; for example, from onedisk drive to another, or by copying itself using email or another transport mechanism. The worm maydo damage and compromise the security of the computer. It may arrive via exploitation of a systemvulnerability or by clicking on an infected e-mail.Bootsector Virus:A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup.These are normally spread by floppy disks.Macro Virus:Macro viruses are viruses that use another applications macro programming language to distributethemselves. They infect documents such as MS Word or MS Excel and are typically spreadto other similar documents.Memory Resident Viruses:Memory Resident Viruses reside in a computers volitale memory (RAM). They areinitiated from a virus which runs on the computer and they stay in memory after itsinitiating program closes. pppppppppppRootkit Virus:A rootkit virus is an undetectable virus which attempts to allow someone to gain controlof a computer system. The term rootkit comes from the linux administrator root user.These viruses are usually installed by trojans and are normally disguised as operatingsystem files.Polymorphic Viruses:A polymorphic virus not only replicates itself by creating multiple files of itself, but it alsochanges its digital signature every time it replicates. This makes it difficult for lesssophisticated antivirus software to detect.Logic Bombs/Time Bombs:These are viruses which are programmed to initiate at a specific date or when a specificevent occurs. Some examples are a virus which deletes your photos on Halloween, or avirus which deletes a database table if a certain employee gets fired.
  2. 2. Computer virusFrom Wikipedia, the free encyclopediaSee also: MalwareA computer virus is a computer program that can replicate itself[1] and spread from one computer toanother. The term "virus" is also commonly, but erroneously, used to refer to other types ofmalware,including but not limited to adware and spyware programs that do not have a reproductive ability.Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonestadware and other malicious or unwanted software, including true viruses. Viruses are sometimes confusedwith worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities tospread itself automatically to other computers through networks, while a Trojan horse is a program thatappears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm acomputer systems data or performance. Some viruses and other malware have symptoms noticeable tothe computer user, but many are surreptitious or simply do nothing to call attention to themselves. Someviruses do nothing beyond reproducing themselves.
  3. 3. Script Viruses - Types and HabitatsScript viruses (sometimes called macro viruses) generally travel embedded in email and officeautomation documents, although they can be found in web pages as well.Old fashioned program viruses are usually implemented in executable system code, whereas scriptviruses are usually written in a powerful high-level language that is compiled and run on the fly.They often have sophisticated functionality and direct interfaces to high level applications such asword processing, spreadsheet, email, and web programs, and can wreak considerable havoc. Sincethey first surfaced in office automation programs, they are sometimes also called "macro" viruses.Script viruses can also propagate through IRC protocols.On Microsoft computers, turning on your script checking virus protection is essential. However,keep in mind that there may be an associated performance hit for some applications. Manyapplications on Windows are written in Visual Basic, and real-time script virus checking can doublethe time it takes for their usual functions to run. If you find that ordinary functions take aninordinate length of time to complete, you can try temporarily turning this feature off in your anti-virus checker -- but dont forget to turn it back on afterwards!Active threats. The following types of script viruses are currently the most active and dangerous,on the Windows platform: Visual Basic is a flexible and powerful programming environment for Microsoft Windows, Office, and Internetapplications. Script viruses written in Visual Basic can run throughout the Microsoft architecture, giving them considerable reach and power, and making them the primary virus threat today. The first widespread Visual Basic script virus was Melissa, which brought down several of the large international corporations for several days in March 1999. Melissa traveled in a Microsoft Word document and ran when the document was opened, then opened the associated Microsoft Outlook email program, read the users email address book, and then sent email copies of itself to the first fifty names it found. It spread very quickly. The Melissa virus architecture was quickly followed by many similar variants programmed by hackers around the world, including the ground breaking KAK, the first Visual Basic script virus that triggered as soon as an email was opened. KAK was then followed by BubbleBoy, which triggered if an email was even viewed in the preview pane. A steady stream of Visual Basic script viruses continue to circulate to this day. There are even automated, point and click programs like VBS Love Generator to help hackers produce additional variants. Script viruses which use email to send themselves to others are also a form of worm. The term "macro virus" is used less often, and generally refers to a virus in an office
  4. 4. automation application macro, most commonly a Visual Basic macro in a Microsoft Word or Excel document. Macro viruses can cross system boundaries from Windows to Macintosh computers with MS Office documents. Current versions of Microsoft Office contain strong anti-macro protections to guard against known attacks. ActiveX is one of Microsofts distributed application technologies that enable web pages to download programs on the fly with the full power of any executable running on your machine. This makes ActiveX modules especially efficient and powerful, but also a security risk since they can create, change, and delete files, add system programming code, or take any other action your user account is allowed on your computer. To help mitigate the risk, Microsoft provides a network architecture of encrypted security certificates for ActiveX modules. This network gives you the option of refusing the download of unsigned ActiveX modules from unknown authors, and at least disclosing the signed identity of those modules that you do accept in case they later cause problems. However, this approach is not universally accepted by the general user and professional security communities, and is sometimes called "trust me now, try to catch me later". Users running Internet Explorer on Windows machines should make sure that their browser security settings are set to "disable" for unsigned ActiveX applets, and to "prompt" for signed applets.Hypothetical threats. The following script viruses are largely theoretical, but illustrate that theycan turn up wherever there is scripting code: Java is a standard cross platform development environment, and is often used to download scripts to add functionality like a clock or chat room interface to a web page. Java was written with a strong security model which protects your computers data and resources, and it has so far proved remarkably resistant to script virus infection. You can turn Java off in your browser if you want to be extra careful, but it will disable some useful functionality on some web pages. JavaScript is the standard web programming language. JavaScript also has a well-defined security model that protects data and resources, and the few JavaScript viruses that have been discovered have been mainly theoretical in nature. You can turn JavaScript off in your browser settings if you want to be extra careful, but it will disable functionality on many web pages. MIME. The first script virus that triggered as soon as an email was opened was a MIME virus that applied to older versions of Netscape Mail, Microsoft Outlook, and Eudora Mail. In a variation on an old hacker technique, the attached MIME file was given a very long name that triggered a bug which allowed the end of the name to be run as a series of instructions, which could then be written to run the virus. However, a fix for the bug was quickly developed for each vulnerable email program, and MIME viruses have so far remained hypothetical. Others. Several other scripting environments have also had viruses, including Corel Draw, Hypertext Preprocessor, Windows Help, Windows installation files, and Windows registry files. Anywhere there is a script interpreter there is an opportunity for a script virus to run.Resources. The following sites provide more information on script and macro viruses: Disabling Windows Scripting Host Microsoft Macro Viruses Yahoo -- Macro Viruses.
  5. 5. Computer Virus Symptoms and SolutionsIf your computer is infected with a malicious computer virus, it may begin to show a series of ComputerVirus symptoms that indicate that a virus is present. Computer viruses can be very harmful and damaging toyour computer system, root files, and various program files. A computer virus can also increase the risk ofhacker threats and attacks, and open the door to even more unauthorized downloads and softwareinstallations. Once you diagnose the computer virus symptoms, then computer viruses can be counterattackedwith the appropriate antivirus software and suite packages, but this needs to be installed well before the virushas infected the system.Many computer viruses are designed to self-replicate and self-install over a very short period of time. Theycome encoded with specific instructions to destroy and advance through its host computer, and can affect amultitude of programs and applications very quickly. Recognizing the symptoms of a computer virus can helpto successfully remove it from the infected computer as quickly as possible; the sooner this is completed, theeasier it will be to recover any documents or programs that may be damaged, and prevent the virus fromfurther spreading.Backing up computer files on a regular basis is just one preventative measure in protecting the data on yourcomputer. Installing a powerful antivirus program is the next step, as this can indicate the presence of amalicious computer virus before it has a chance to spread. Still, recognizing the symptoms of a virus is fairlysimple when you know what to look for.A computer virus may have installed itself on your computer through a Trojan, a security breach, unauthorizedaccess on your computer, or an e-mail attachment that also included malicious code. After a virus begins tospread, many program files can become unstable and display warnings. The operating system may not launchproperly, and the computer user may need to reboot and restart the computer frequently to ensure allprograms are starting and working fine. Critical files may get deleted automatically, and this can happenperiodically or all at once. Error messages will become prevalent; it may become difficult to save documents,and the computer may be running slower than usual. If a system or network is infected severely, it may evenblack out or not even launch the startup process.Some other symptoms of a computer virus involve the computer hardware itself. CD-ROM drive trays mayopen and close by themselves, without the user directing the function. Programs may launch at their own, andunusual sounds may play randomly. Some e-mail messages may not be sent or received properly, and e-mailattachments may disappear. If the computer is freezing consistently, or files and folders seem to disappear orwill not open, these are clear signs that an area of the hard drive is “malfunctioning” (actually is not, but isaffected by a virus). The computer may also display a series of pop-up ads and strange messages uponstartup; this is a clear indicator that adware programs have been installed, and these are very difficult toremove manually.In addition, disk space can become overloaded and cause frequent computer crashes. Viruses can duplicatelarge-sized programs to the point that the computer cannot handle the files. This will reduce the chances ofeven installing an antivirus program successfully, so early detection is key to detecting and removing thedangerous virus.Lately, computer viruses have been created so they can change some of the core system files (MicrosoftWindows) so that web sites of most of antivirus software companies become inaccessible. Your Internet
  6. 6. browser will either switch to some other web site or simply show “not found”. What is happening is that youare being prevented from finding a way of getting antivirus software cleaning your system.Finally, the best way of recognizing computer virus symptoms and preventing computer viruses and otherInternet based threats to invade your computer is to have the latest, up to date computer security software,which can be a basic version of antivirus program or some of the all-in-one software suites.What is a computer virus?Computer viruses are small software programs that are designed to spread from one computer to another and tointerfere with computer operation.What do computer viruses do?Through the course of using the Internet and your computer, you may have come in to contact with computerviruses. Many computer viruses are stopped before they can start, but there is still an ever growing concern as towhat do computer viruses do and the list of common computer virus symptoms. A computer virus might corruptor delete data on your computer, use your email program to spread itself to other computers, or even eraseeverything on your hard disk.Computer viruses are often spread by attachments in email messages or instant messaging messages. That is whyit is essential that you never open email attachments unless you know who its from and you are expecting it.Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files.Computer viruses also spread through downloads on the Internet. They can be hidden in illicit software or otherfiles or programs you might download.To help avoid computer viruses, its essential that you keep your computer current with the latestupdates and antivirus tools, stay informed about recent threats, run your computer as a standard user (not asadministrator), and that you follow a few basic ruleswhen you surf the Internet, download files, and openattachments.Once a virus is on your computer, its type or the method it used to get there is not as important as removing itand preventing further infection.Definition: "antivirus" is protective software designed to defend your computer against malicioussoftware. Malicious software, or "malware" includes: viruses, Trojans, keyloggers, hijackers,dialers, and other code that vandalizes or steals your computer contents. In order to be aneffective defense, your antivirus software needs to run in the background at all times, and shouldbe kept updated so it recognizes new versions of malicious software. Types Of Antivirus
  7. 7. A computer virus is a computer program that can copy itself and infect a computer without theknowledge or permission of the owner. A virus can only be spread from one computer to anotherthrough some form of executable codes. Viruses can be sent over a network, the Internet, floppydisk, CD, or USB drive. Viruses can increase changes of spreading to other computers by infectingfiles on a network system that is accessed by other computers.The term computer virus is used to include all types or malware such as computer viruses, trojanhorses, most rootkits, spyware, dshonest adware, crimeware, and other malicious unwantedsoftware. Since most computers are now connected to the Internet and local networks it is increasingthe chance for spreading malicious virus codes. Since February 2009 there are over 287,524 andgrowing computer viruses.SymptomsComputer viruses are among the most known problem that is affecting online users. The dangers ofviruses have gotten a lot of attention over the year, and without simple attention they will continue tospread. Computer viruses cause a number of symptoms such as: Computer programs taking longer to load than normal. The computer is slower than normal. Computer stops responding or freezes frequently. Computer crashes and restarts every few minutes. The computer does not run as usual. Applications on the computer do not work correctly. Disks or disk drives are inaccessible. Printing items is difficult. Error messages appear rapidly. Distorted menus and dialog boxes. Double extensions on attachments that you have already opened (jpg,vbs,gif, exe, and etc). Antivirus programs get disabled for no reason, and cannot be restarted. Antivirus programs will not start, and new programs cannot be installed. Strange sounds plays from the speakers unexpectedly. Programs disappear from the computer.
  8. 8. These symptoms are common signs of computer virus infection, and they are also warning signs thatyou may be getting a computer virus. When you suspect that you are getting a computer virus thereare many ways to take care of it. Before you can get a virus it is best to prevent them from getting intoyour computer by having a anti virus software.AntiVirus SoftwareAntivirus software is used to prevent, detect, and remove malware and other computer viruses. Antivirus software systems detections involve searching for known malicious patterns in executable code.it is possible for a user to be infected with new viruses that have no sign or symptoms or existence.To counter this problem of zero day threats, anti virus systems can be used to detect these viruseswhen you dont even know that they are there.There are many different types of anti virus software that have been developed over the years.Original products were just scanners that would search through the hard disk looking for viruses. Asviruses have become more common and difficult, the more anti virus software is being made to keepup with current virus issues. There are many different types of general virus scanners that are usedon PCs today:Conventional Disk ScannerThis is the stand virus check program. It can be ran upon the users request, and it scans the contentsof the disks, directories or files that the users wants, for any boot sectors or files that contain virusesthat it recognizes. These are usually ran manually by the user as a preventive maintenance activity orwhen they thing a virus is suspected. The user can schedule automatic scanning through the use of aprogram scheduler.Memory Resident ScannersAn anti virus software that now come with a special program that sits in the background while yourusing your computer and it automatically scans for viruses based on different triggers. Theseprograms can automatically scan as they run or scan floppy disks when you command a shutdown ofyour system. This scanner offers increased protection and more chances of catching a virus before itdoes damage to your computer.Behavior Based DetectionSome products offer an option where they will sit in memory and look for virus like behavior andsuspicious activity. Behavior based detection is looking for the types of actions taken on files or bootsectors that might be performed by viruses trying to spread. This type of antivirus software will look fora trap, and will generically catch viruses red handed.Start up Scanners
  9. 9. This type of antivirus scanner is designed to be run every time the PC is booted up. It preforms aquick scan of the disks boot sectors and critical system files. the idea is to catch these viruses beforethe PC boots up reducing the chance of it to spread.InoculationInstead of scanning for viruses this type of antivirus software looks for changes that the viruses maketo files and boot sectors. With a clean system the software will get a snap shot of information in eachboot sector about its content and size. Periodically it will re examine these files to see if anything haschanged.Top Anti Virus Software The Shield Deluxe 2009 Antivirus & Antispyware Webroot Antivirus with Antispyware 6.0 BitDefender Antivirus 2009 CA Anti-Virus Plus 2009 McAfee VirusScan Plus 2009 Norton Antivirus 2009 ESET NOD 32 3.0