Under Attack? Contact Us Start a Free Demo

What is a Computer Virus?

Introduction:

The term virus stands for ‘Vital Information Recourse Under Siege.’ Fred Cohen first defined the term ‘computer virus’ in 1983. Computer viruses are malicious code or programs that alter the way a computer operates and can multiply itself from one computer to another without the user’s permission. A virus installs or attaches itself to a legitimate program or document supporting macros to execute its code. Computer viruses behave differently depending on their types. Not all PC viruses are meant to harm your computer’s data, software, or hardware. Some remain active in memory until the computer is shut down, while others may be active for only as long as the infected application is functional. A computer virus is a malicious program created to cause damage to computers on a large scale.

For a long time, viruses have infected various devices through the Internet or other means. Viruses aim to steal information and destroy the device. Here is a list of computer viruses that have been causing damage to users’ PCs since 1970.

Year

Virus

1970

Rabbit Virus

1971

Creeper System

1982

Elk Cloner

1986

Brain

1988

Catastrophic virus

1988

The Morris

1990

Polymorphic

1995

Concept

1999

Happy99

2000

I Love You

2003

Blaster

2004

Sasser

2006

Nyxem

2007

Storm Worm

2008

Torpig

2009

w32.Dozer

2010

Stuxnet

2011

Anti-Spyware

2012

CryptoLocker

2013

Gameover ZeuS

2014

Regin

2015

BASHLITE

2016

Tiny Banker

2017

WannaCry

2020

Fake Coronavirus Alert Email

2021

Cyborg

2022

Clop Ransomware

Different Types of Computer Viruses

The following are the different types of computer viruses:

Virus Type

Description

Boot

The virus infects the boot sector of your computer and runs every time the computer boots. It can also infect floppy disks and other bootable media. As a result, these viruses are called memory viruses since they do not contaminate the file system.

Botnets

Their goal is to introduce infected computers into a capable network controlled remotely.

Directory 

Direct action occurs when a virus is attached to an executable file, and when the file is opened or executed, the virus gets installed or spread. This virus does not damage the computer's performance or delete any files.

Email

The virus spreads through email messages. It can be activated when a user clicks on a link, opens an attachment, or interacts with the infected email message.

Encrypted

This type of virus is encrypted to avoid detection by antivirus software. It includes a decryption algorithm. When it runs, the virus is unencrypted.

File Infectors

It appends itself to the end of a file to infect the system. This modification alters the program's start so that the control jumps to its code.

Logic Bombs

The computer system is infected by viruses only if certain conditions are met, i.e., logic. It is difficult for antivirus software to detect them since they remain undetected until they become active.

Macro

These viruses are activated when a program capable of performing a macro is executed. Macro viruses, for example, can be found in spreadsheet files.

Multipartite

The virus can infect a computer's boot sector, memory, and files, among other places. Due to this, its detection and containment are difficult. 

Overwrite

The overwrite virus can remove the existing program and replace it with malicious code by overwriting it among the most destructive viruses. Eventually, the harmful code can completely replace the host's programming code.

Polymorphic

Poly means many and morphic means shaped. Therefore, this virus changes its form every time. A virus signature is a pattern that can determine whether a virus is present or not (a sequence of bytes in the virus code). To avoid being detected by anti-virus software, this virus changes itself each time it installs. There is no change in the functionality of the virus, and only the signature is updated.

Resident

A computer virus saves itself in the computer's memory before infecting other files and programs after the original software has stopped working. Due to its ability to hide in computer memory and its difficulty removing, this virus can quickly spread to other files.

Scareware

When a virus infects a computer, the virus disguises itself. The virus usually appears as a harmless anti-virus program.

Spacefiller

A rare virus fills in the empty spaces of a file with viruses. The virus is known as a cavity virus. The virus will neither affect the size of the file nor can it be detected easily.

Stealth

Due to its ability to modify the detection code, this virus is difficult to detect. The detection of viruses is therefore complicated.

Trojan

The software downloads and spreads other malicious programs and can remotely control the computer installed.

How does Computer Virus Work?

"Computer virus" implies an umbrella term encompassing many different types of viruses, delivery mechanisms, and effects. There are two types of computer viruses based on how they work:

  • Those which immediately begin to replicate and spread upon entry into your computer.
  • Those which lay dormant, waiting to be triggered by unwittingly executing their code.

Computer Virus Life Cycle

The life cycle of a virus consists of four phases (inspired by biologists' classification of real-life viruses).

  • Phase 1 – Dormant Phase: The dormant phase is the period during which a virus remains hidden in your system.
  • Phase 2 – Propagation Phase: In the propagation phase, the virus copies itself in files, programs, and other parts of your computer that continue to replicate themselves.
  • Phase 3 – Triggering Phase: A specific event generally triggers or activates a virus in the triggering phase. An example would be clicking an icon or opening an application.
  • Phase 4 – Execution Phase: The virus releases its payload, the malicious code that harms the computer during the execution phase.

How Computer Virus Propagates?

A computer virus can propagate over the internet in several ways like emails, downloads, messaging services, old software & malvertising.

Symptoms of Computer Virus

In the event of a virus attack, the first thing you may observe is an increase in your computer’s response time, and gradually other changes become apparent. The virus only affects the programming of the device, so it is not visible. However, some indicators may help you determine whether a device has been infected with a virus. These are some examples of early signs:

  • Slow down the speed of the computer
  • Destroying system software & files
  • Corrupting data & applications
  • Record keystrokes
  • Pop-up windows
  • Self-execution of program
  • Log out from Accounts

In addition, the following symptoms may also be observed in a system infected with the virus:

  • Browser homepage change
  • Disabled antivirus
  • Frequent crashes
  • Hijacked email
  • Increased network traffic
  • Intrusive pop-ups
  • Missing files
  • Slow performance
  • Storage space shortage
  • Unknown login items

How to Prevent Computer Viruses?

The following are some key measures you can take to protect your computer from viruses:

  • Avoid opening attachments in spam emails.
  • Before installing apps and software, read their descriptions.
  • Check out apps and software by reading user reviews.
  • Don't insert unknown USB drives or disks into your computer.
  • Install anti-virus software or a comprehensive internet security solution
  • Look at the permissions that applications and software require. Is this appropriate
  • Make sure you only download apps from reputable sources.
  • Make use of a secure VPN connection when using public Wi-Fi.
  • Never click on unverified links in spam emails, messages, or unfamiliar websites.
  • Update your software, apps, and operating system regularly.
  • Verify the number of downloads an application has received. The higher, the better.

How to Detect Computer Virus?

Cyber security threats and ransomware attacks are increasing at a tremendous pace. It is extremely difficult for cyber security analysts and incident responders to investigate and detect cyber security threats using conventional tools and techniques. NetSecurity’s ThreatResponder, with its diverse capabilities, can help your team detect the most advanced cyber threats, including APTs, zero-day attacks, viruses, and ransomware attacks. It can also help automate incident response actions across millions of endpoints, making it easy, fast, and hassle-free.

Want to try our ThreatResponder, cutting-edge Endpoint Detection & Response (EDR), and ThreatResponder FORENSICS, the Swiss knife for forensic investigators in action? Click on the below button to request a free demo of our NetSecurity’s ThreatResponderplatform.


Disclaimer

The page's content shall be deemed proprietary and privileged information of NETSECURITY CORPORATION. It shall be noted that the contents of this page are copyrighted by NETSECURITY CORPORATION. Any violation/misuse/unauthorized use of this content "as is" or "modified" shall be considered illegal and subjected to articles and provisions that have been stipulated in the General Data Protection Regulation (GDPR) and Personal Data Protection Law (PDPL).

Author image
I am a cybersecurity enthusiast and an author. I write technical blogs and articles related to cyber security.
Author image
About Inno Eroraha
Dulles, Virginia Website
Inno Eroraha is the Founder & Chief Strategist of NetSecurity Corporation, a cybersecurity products and services company based in Dulles, VA. NetSecurity is the developer of ThreatResponder Platform.
You've successfully subscribed to NetSecurity Blog
Great! Next, complete checkout for full access to NetSecurity Blog
Welcome back! You've successfully signed in.
Unable to sign you in. Please try again.
Success! Your account is fully activated, you now have access to all content.
Error! Stripe checkout failed.
Success! Your billing info is updated.
Error! Billing info update failed.