Malicious code is the general word used and virus is one type of malicious code. Worms and Trojans are different from computer virus and destructive types of worms are sometimes termed as internet types of virus. Computer viruses have made their mark on the PC's since the 90's with different types of viruses causing damage to computers.
The earliest viruses made the most impact as no anti-virus programs were available. The advent of anti-virus programs spelled a death blow to many common types of computer viruses that were written by the various tools to generate types of computer virus. Those who were inept at programming used these various tool to generate the virus. Devious mind always find new ways when they found that the anti-virus software's were able to disinfect and remove the different types of computer viruses they went on to new methods and that is how Trojans and worms came up.
There are a few main types of computer viruses and these computer virus types are classified below depending upon the infection methods:
Boot sector/Master Boot Record Computer Virus
Means of Infection
This virus infects which contain code that can be executed and usually this virus infects files that can execute code like .exe, .com, .drv, .dll, .bin, .ovl and .sys files. These are also known as parasitic viruses and are activated when the executable file containing the virus is executed. The virus then remains in memory and infect other executable files when these files are opened or run. The vast majority of these viruses have been on the Microsoft windows, OS/2 and Apple Computers.
Removal can be done by an anti-virus scanner that needs to be updated regularly. The other ways are using the organizer to find and remove macros. In case you know you are infected just shut down word without saving and then find the normal .dot template and delete it. The other way to remove macro viruses is to open the organizer's dialog box and delete all the macro project items listed. The organizer dialog box can be opened from 'File Templates' command or from 'Tools Macro' command. Then close the file.These viruses are written such that it changes its code when ever it passes to another machine so that it is difficult for an anti-virus scanner to locate them. Flaws in the program code make it easy to track down these viruses. It is usually the encryption of the code that changes every time.
Many types of viruses do more than viruses do. Some are file type viruses and then a trigger may activate a code to make them behave like a worm. Therefore classification becomes difficult in these cases. The basic behavior of a virus which makes it different from a Trojan is that it replicates very fast.
Damage Caused
The File infector virus can cause irreversible damage to files. By overwriting files it permanently destroys the content of these files. Some files viruses have also operated as email worm and Trojan horse as well.Removal
The only way to disinfect files from the file virus is that the files affected with the file virus have to be deleted and restored from back up.Macro Computer Virus
Means of Infection
Macro is a set of commands written by the user to be executed, later. The different ways to create macros would be the macro recorder or Visual Basic for Applications. Macro Viruses uses the macro language for its program. Microsoft office has got the macro language built into its application and so most of its application programs are affected by this virus. Word Documents, Excel Spreadsheets, Power point presentations, and Access Databases are mostly affected. The document template is affected and hence every file that is opened is affected. Some macros viruses contain a trigger which is usually a date on which the virus is programmed to start the actual damage. Some other Macro viruses share the characteristics of a computer worm by spreading across networks by using the macro facility available in Microsoft Outlook.Damage Caused
Some common macros are- AutoExec
- AutoNew
- AutoOpen
- AutoClose
- AutoExit
Removal
Prevention is better than cure and the ways to prevent the virus from running is that the autoexec macro can be prevented from executing by starting word from command prompt. Use the following command to start word 'winword /m'. The auto macros are disabled if we use the command 'DisableAutoMacros' in any macro that is written. It can also be disabled by holding down the shift key while opening a document. Word documents cannot contain macros only word templates can. You can mask a template as a document file to prevent it from infection.Removal can be done by an anti-virus scanner that needs to be updated regularly. The other ways are using the organizer to find and remove macros. In case you know you are infected just shut down word without saving and then find the normal .dot template and delete it. The other way to remove macro viruses is to open the organizer's dialog box and delete all the macro project items listed. The organizer dialog box can be opened from 'File Templates' command or from 'Tools Macro' command. Then close the file.
Other Types of Viruses
A type of computer virus that normally shares a few characteristics of worms or Trojans or other methods used by the main types of computer viruses is differently classified. The nomenclature used is different. We detail some of those below.Multi-Partite Viruses
Some computer viruses appear to behave like many other viruses and sometimes more than one type. These are hybrids and are called as multi-partite computer viruses.
Polymorphic Viruses
Stealth Viruses
Whenever a virus attaches itself onto another file the size of the file increases and this is indicated in the File allocation table. The stealth virus uses techniques to avoid detection by redirecting the disk head to read another sector or alter the file size shown in the Directory listing .Script Viruses
A subset of file viruses these are written in a variety of script languages like Javascript, VBS, BAT, PHP etc… They are also able to infect other file formats such as HTML (if the file format allows script execution)ActiveX & Java Applets
Active X and Java Controls are being used in Web browsers to enable and disable sound or video and a host of other controls. If not properly secured this is another area that virus writes use to get private data from your computer.Many types of viruses do more than viruses do. Some are file type viruses and then a trigger may activate a code to make them behave like a worm. Therefore classification becomes difficult in these cases. The basic behavior of a virus which makes it different from a Trojan is that it replicates very fast.
No comments:
Post a Comment