In this article, I will be glad to take you through the fundamentals of the computer Virus as well how best to dictate one when you have a viral attack on your computer system.
Hi, welcome to Bazecity.ng, before we delve into the Fundamentals of Computer Virus and Virus Dictations, we would remind you that in our last discussions, we were able to enlighten our readers on the Fundamentals of Computer Processors and Computer Memories with their several kinds. We also looked into the basics of Computer Application Packages and its uses to our daily computational analysis.
A computer virus is a type of computer program that, when executed, replicates itself by modifying other computer programs and inserting its own code. If this replication succeeds, the affected areas are then said to be “infected” with a computer virus, a metaphor derived from biological viruses.
A virus can be spread when a user opens an email attachment, runs an executable file, visits an infected website or views an infected website advertisement, known as malvertising. It can also be spread through infected removable storage devices, such as Universal Serial Bus (USB) drives. Once a virus has infected the host, it can infect other system software or resources, modify or disable core functions or applications, and copy, delete or encrypt data. Some viruses begin replicating as soon as they infect the host, while other viruses will lie dormant until a specific trigger causes malicious code to be executed by the device or system.
Many viruses also include evasion or obfuscation capabilities designed to bypass modern antivirus and antimalware software and other security defenses. The rise of polymorphic malware development, which can dynamically change its code as it spreads, has made viruses more difficult to detect and identify.
Virus vs. malware
The terms “virus” and “malware” are often used interchangeably, but they’re not the same thing. While a computer virus is a type of malware, not all malware are computer viruses.
The easiest way to differentiate computer viruses from other forms of malware is to think about viruses in biological terms. Take the flu virus, for example. The flu requires some kind of interaction between two people—like a hand shake, a kiss, or touching something an infected person touched. Once the flu virus gets inside a person’s system it attaches to healthy human cells, using those cells to create more viral cells.
A computer virus works in much the same way:
- A computer virus requires a host program.
- A computer virus requires user action to transmit from one system to another.
- A computer virus attaches bits of its own malicious code to other files or replaces files outright with copies of itself.
It’s that second virus trait that tends to confuse people. Viruses can’t spread without some sort of action from a user, like opening up an infected Word document. Worms, on the other hand, are able to spread across systems and networks on their own, making them much more prevalent and dangerous.
Famously, the 2017 WannaCry ransomware worm spread around the world, took down thousands of Windows systems, and raked in an appreciable amount of untraceable Bitcoin ransom payments for the alleged North Korean attackers.
Computer viruses don’t typically capture headlines like that—at least not anymore. They are still a harmful type of malware, but they are not the only type of threat out there today, on your computer or mobile device.
Windows, Mac, Android, and iOS
Many computer viruses target systems running Microsoft Windows. Macs, on the other hand, have enjoyed a reputation as virus-proof super machines, but in Apple’s own admission, Macs do get malware. There are more Windows users in the world than Mac users and cybercriminals simply choose to write viruses for the operating system (OS) with the largest amount of potential victims.
Today, the “computer” in our pockets may be the one we use most often: our smartphones. Android and iOS are susceptible to various forms of malware, too. Fortunately, most cybersecurity companies like Malwarebytes offer protection for Windows, Mac, Android, and iOS today.
Types of Computer Virus
Some file infector computer virus attach themselves to program files, usually selected COM or EXE files. Others can infect any program for which execution is requested, including SYS, OVL, PRG and MNU files.
When the infected program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly contained programs or scripts sent as an attachment to an email note.
These viruses specifically target macro language commands in applications such as Microsoft Word and other programs. In Word, macros are saved sequences for commands or keystrokes that are embedded in the documents.
Macro viruses, or scripting viruses, can add their malicious code to the legitimate macro sequences in a Word file. Microsoft disabled macros by default in more recent versions of Word; as a result, hackers have used social engineering schemes to convince targeted users to enable macros and launch the virus.
Some viruses are designed specifically to destroy a file or application’s data. After infecting a system, an overwrite virus begins overwriting files with its own code. These viruses can target specific files or applications or systematically overwrite all files on an infected device.
An overwrite virus can install new code in files and applications that programs them to spread the virus to additional files, applications and systems.
A polymorphic virus is a type of malware that has the ability to change or apply updates to its underlying code without changing its basic functions or features.
This process helps a virus evade detection from many antimalware and threat detection products that rely on identifying signatures of malware; once a polymorphic virus’s signature is identified by a security product, the virus can then alter itself so it will no longer be detected using that signature.
This type of virus embeds itself in the memory of a system. The original virus program isn’t needed to infect new files or applications. Even if the original virus is deleted, the version stored in memory can be activated when the operating system (OS) loads a specific application or service.
Resident viruses are problematic because they can evade antivirus and antimalware software by hiding in the system’s random access memory (RAM).
A rootkit virus is a type of malware that installs an unauthorized rootkit on an infected system, giving attackers full control of the system with the ability to fundamentally modify or disable functions and programs.
Rootkit viruses were designed to bypass antivirus software, which typically scanned only applications and files. More recent versions of major antivirus and antimalware programs include rootkit scanning to identify and mitigate these types of viruses.
System or boot sector viruses
These viruses infect executable code found in certain system areas on a disk. They attach to the disk OS (DOS) boot sector on diskettes and USB thumb drives or the master boot record (MBR) on hard disks. In a typical attack scenario, the victim receives a storage device that contains a boot disk virus.
When the victim’s OS is running, files on the external storage device can infect the system; rebooting the system will trigger the boot disk virus. An infected storage device connected to a computer can modify or even replace the existing boot code on the infected system so that, when the system is booted next, the virus will be loaded and run immediately as part of the MBR. Boot viruses are less common now as today’s devices rely less on physical storage media.
How do I prevent computer viruses?
Preventing computer viruses from infecting your computer starts with situational awareness.
“Situational awareness is something law enforcement and militaries have practiced for decades. It refers to a police officer or a soldier’s ability to perceive threats and make the best decision possible in a potentially stressful situation,”
“As it applies to cyber security, situational awareness is your first line of defense against cyber threats. By staying on the lookout for phishing attacks and avoiding suspicious links and attachments, consumers can largely avoid most malware threats.”
Regarding email attachments and embedded links, even if the sender is someone you know: viruses have been known to hijack Outlook contact lists on infected computers and send virus laden attachments to friends, family and coworkers, the Melissa virus being a perfect example.
If an email reads oddly, it’s probably a phishing scam or malspam. When in doubt about the authenticity of an email, don’t be afraid to reach out to the sender. A simple call or text message can save you a lot of trouble.
Next, invest in good cyber security software. We’ve made a distinction between computer viruses and malware, which now begs the question, “Do I need antivirus software or anti-malware software?” We’ve covered this topic before in great detail so checkout our article on antivirus vs. anti-malware. For now, though, here’s a quick gloss on the subject.
Antivirus (AV) refers to early forms of cyber security software focused on stopping computer viruses. Just viruses. Anti-malware refers to all-encompassing threat protection designed to stop old-fashioned viruses as well as today’s malware threats. Given a choice between traditional AV with limited threat detection technology and modern anti-malware with all the bells and whistles, invest in anti-malware and rest easy at night.
As mentioned previously in this piece, traditional AV solutions rely on signature-based detection. AV scans your computer and compares each and every file against a database of known viruses that functions a lot like a criminal database. If there’s a signature match, the malicious file is thrown into virus jail before it can cause any damage.
The problem with signature-based detection is that it can’t stop what’s known as a zero-day virus; that is, a virus that cyber security researchers have never seen before and for which there is no criminal profile. Until the zero-day virus is added to the database, traditional AV can’t detect it.
Malware bytes’ Multi-Vector Protection, conversely, combines several forms of threat detection technology into one malware crushing machine. Amongst these many layers of protection, Malware bytes uses what’s called heuristic analysis to look for telltale malicious behavior from any given program. If it looks like a virus and behaves like a virus, then it’s probably a virus.
How do I remove computer viruses?
Going back to our virus analogy one final time—removing a virus from your body requires a healthy immune system. Same for your computer. A good anti-malware program is like having a healthy immune system. As your immune system moves through your body looking for and killing off invading viral cells, anti-malware scans for files and malicious code that don’t belong on your system and gets rid of them.
The free version of Malware bytes is a good place to start if you know or suspect your computer has a virus. Available for Windows and Mac, the free version of Malware bytes will scan for malware infections and clean them up after the fact. Get a free premium trial of Malware bytes for Windows or Malware bytes for Mac to stop infections before they start. You can also try our Android and iOS apps free to protect your smartphones and tablets.