Types of Computer Viruses

Different Types of Viruses

The following are the different types of viruses :

Program/File infector computer virus

Means of Infection

This virus infects which contain code that can be executed and usually this virus infects files that can execute code like .exe, .com, .drv, .dll, .bin, .ovl

and .sys files. These are also known as parasitic viruses and are activated when the executable file containing the virus is executed. The virus then remains in memory and infect other executable files when these files are opened or run. The vast majority of these viruses have been on the Microsoft windows, OS/2 and Apple Computers.

Damage Caused

The File infector virus can cause irreversible damage to files. By overwriting files it permanently destroys the content of these files. Some files viruses have also operated as email worm and Trojan horse as well.

Removal

The only way to disinfect files from the file virus is that the files affected with the file virus have to be deleted and restored from back up.

Macro Computer Virus

Means of Infection

Macro is a set of commands written by the user to be executed, later. The different ways to create macros would be the macro recorder or Visual Basic for Applications. Macro Viruses uses the macro language for its program. Microsoft office has got the macro language built into its application and so most of its application programs are affected by this virus. Word Documents, Excel Spreadsheets, Power point presentations, and Access Databases are mostly affected. The document template is affected and hence every file that is opened is affected. Some macros viruses contain a trigger which is usually a date on which the virus is programmed to start the actual damage. Some other Macro viruses share the characteristics of a computer worm by spreading across networks by using the macro facility available in Microsoft Outlook.

Damage Caused

Some common macros are

  • AutoExec
  • AutoNew
  • AutoOpen
  • AutoClose
  • AutoExit

The existence of the ‘auto-exec’ macro makes it possible to create many macro viruses.The ‘auto-exec’ macro is executed in response to some event and does not depend on the user command. The autoexec macro and other auto macros are dangerous tools for the virus writer. Other existing Macro viruses are those which replace command names (existing commands like save, open etc.) with their code. Unlike the auto macros which can be disabled; commands cannot be disabled. Once the macro virus uses these commands it can copy itself to other files and even delete files.

Removal

Prevention is better than cure and the ways to prevent the virus from running is that the autoexec macro can be prevented from executing by starting word from command prompt. Use the following command to start word ‘winword /m’. The auto macros are disabled if we use the command ‘DisableAutoMacros’ in any macro that is written. It can also be disabled by holding down the shift key while opening a document. Word documents cannot contain macros only word templates can. You can mask a template as a document file to prevent it from infection.

Removal can be done by an anti-virus scanner that needs to be updated regularly. The other ways are using the organizer to find and remove macros. In case you know you are infected just shut down word without saving and then find the normal .dot template and delete it. The other way to remove macro viruses is to open the organizer’s dialog box and delete all the macro project items listed. The organizer dialog box can be opened from ‘File Templates’ command or from ‘Tools Macro’ command. Then close the file.

Other Types of Viruses

A type of computer virus that normally shares a few characteristics of worms or Trojans or other methods used by the main types of computer viruses is differently classified. The nomenclature used is different. We detail some of those below.

Multi-Partite Viruses

Some computer viruses appear to behave like many other viruses and sometimes more than one type. These are hybrids and are called as multi-partite computer viruses.

Polymorphic Viruses

These viruses are written such that it changes its code when ever it passes to another machine so that it is difficult for an anti-virus scanner to locate them. Flaws in the program code make it easy to track down these viruses. It is usually the encryption of the code that changes every time.

Stealth Viruses

Whenever a virus attaches itself onto another file the size of the file increases and this is indicated in the File allocation table. The stealth virus uses techniques to avoid detection by redirecting the disk head to read another sector or alter the file size shown in the Directory listing .

Script Viruses

A subset of file viruses these are written in a variety of script languages like Javascript, VBS, BAT, PHP etc… They are also able to infect other file formats such as HTML (if the file format allows script execution)

ActiveX & Java Applets

Active X and Java Controls are being used in Web browsers to enable and disable sound or video and a host of other controls. If not properly secured this is another area that virus writes use to get private data from your computer.

Many types of viruses do more than viruses do. Some are file type viruses and then a trigger may activate a code to make them behave like a worm. Therefore classification becomes difficult in these cases. The basic behavior of a virus which makes it different from a Trojan is that it replicates very fast.

Share this Post