Types of viruses

Computer virus
From Wikipedia, the free encyclopedia
See also: Malware
A computer virus is a computer program that can replicate itself
[1]
and spread from one computer to
another. The term "virus" is also commonly, but erroneously, used to refer to other types ofmalware,
including but not limited to adware and spyware programs that do not have a reproductive ability.
Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest
adware and other malicious or unwanted software, including true viruses. Viruses are sometimes confused
with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to
spread itself automatically to other computers through networks, while a Trojan horse is a program that
appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a
computer system's data or performance. Some viruses and other malware have symptoms noticeable to
the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some
viruses do nothing beyond reproducing themselves.

Script Viruses - Types and Habitats
Script viruses (sometimes called macro viruses) generally travel embedded in email and office
automation documents, although they can be found in web pages as well.
Old fashioned program viruses are usually implemented in executable system code, whereas script
viruses are usually written in a powerful high-level language that is compiled and run on the fly.
They often have sophisticated functionality and direct interfaces to high level applications such as
word processing, spreadsheet, email, and web programs, and can wreak considerable havoc. Since
they first surfaced in office automation programs, they are sometimes also called "macro" viruses.
Script viruses can also propagate through IRC protocols.
On Microsoft computers, turning on your script checking virus protection is essential. However,
keep in mind that there may be an associated performance hit for some applications. Many
applications on Windows are written in Visual Basic, and real-time script virus checking can double
the time it takes for their usual functions to run. If you find that ordinary functions take an
inordinate length of time to complete, you can try temporarily turning this feature off in your anti-
virus checker -- but don't forget to turn it back on afterwards!
Active threats. The following types of script viruses are currently the most active and dangerous,
on the Windows platform:
Visual Basic is a flexible and powerful programming environment for Microsoft Windows,
Office, and Internetapplications. Script viruses written in Visual Basic can run throughout
the Microsoft architecture, giving them considerable reach and power, and making them
the primary virus threat today.

The first widespread Visual Basic script virus was Melissa, which brought down several of
the large international corporations for several days in March 1999. Melissa traveled in a
Microsoft Word document and ran when the document was opened, then opened the
associated Microsoft Outlook email program, read the user's email address book, and then
sent email copies of itself to the first fifty names it found. It spread very quickly.

The Melissa virus architecture was quickly followed by many similar variants programmed
by hackers around the world, including the ground breaking KAK, the first Visual Basic
script virus that triggered as soon as an email was opened. KAK was then followed
by BubbleBoy, which triggered if an email was even viewed in the preview pane. A steady
stream of Visual Basic script viruses continue to circulate to this day. There are even
automated, point and click programs like VBS Love Generator to help hackers produce
additional variants. Script viruses which use email to send themselves to others are also a
form of worm.

The term "macro virus" is used less often, and generally refers to a virus in an office

automation application macro, most commonly a Visual Basic macro in a Microsoft Word or
Excel document. Macro viruses can cross system boundaries from Wind ows to Macintosh
computers with MS Office documents. Current versions of Microsoft Office contain strong
anti-macro protections to guard against known attacks.
ActiveX is one of Microsoft's distributed application technologies that enable web pages to
download programs on the fly with the full power of any executable running on your
machine. This makes ActiveX modules especially efficient and powerful, but also a security
risk since they can create, change, and delete files, add system programming code, or
take any other action your user account is allowed on your computer.

To help mitigate the risk, Microsoft provides a network architecture of encrypted security
certificates for ActiveX modules. This network gives you the option of refusing the
download of unsigned ActiveX modules from unknown authors, and at least disclosing the
signed identity of those modules that you do accept in case they later cause problems.
However, this approach is not universally accepted by the general user and professional
security communities, and is sometimes called "trust me now, try to catch me later". Users
running Internet Explorer on Windows machines should make sure that their browser
security settings are set to "disable" for unsigned ActiveX applets, and to "prompt" for
signed applets.
Hypothetical threats. The following script viruses are largely theoretical, but illustrate that they
can turn up wherever there is scripting code:
Java is a standard cross platform development environment, and is often used to download
scripts to add functionality like a clock or chat room interface to a web page. Java was
written with a strong security model which protects your computer's data and resources,
and it has so far proved remarkably resistant to script virus infection. You can turn Java off
in your browser if you want to be extra careful, but it will disable some useful functionality
on some web pages.
JavaScript is the standard web programming language. JavaScript also has a well-defined
security model that protects data and resources, and the few JavaScript viruses that have
been discovered have been mainly theoretical in nature. You can turn JavaScript off in
your browser settings if you want to be extra careful, but it will disable functionality on
many web pages.
MIME. The first script virus that triggered as soon as an email was opened was a MIME
virus that applied to older versions of Netscape Mail, Microsoft Outlook, and Eudora Mail.
In a variation on an old hacker technique, the attached MIME file was given a very long
name that triggered a bug which allowed the end of the name to be run as a series of
instructions, which could then be written to run the virus. However, a fix for the bug was
quickly developed for each vulnerable email program, and MIME viruses have so far
remained hypothetical.
Others. Several other scripting environments have also had viruses, including Corel Draw,
Hypertext Preprocessor, Windows Help, Windows installation files, and Windows registry
files. Anywhere there is a script interpreter there is an opportunity for a script virus to run.
Resources. The following sites provide more information on script and macro viruses:
Disabling Windows Scripting Host
Microsoft Macro Viruses
Yahoo -- Macro Viruses.

Computer Virus Symptoms and Solutions


If your computer is infected with a malicious computer virus, it may begin to show a series of Computer
Virus symptoms that indicate that a virus is present. Computer viruses can be very harmful and damaging to
your computer system, root files, and various program files. A computer virus can also increase the risk of
hacker threats and attacks, and open the door to even more unauthorized downloads and software
installations. Once you diagnose the computer virus symptoms, then computer viruses can be counterattacked
with the appropriate antivirus software and suite packages, but this needs to be installed well before the virus
has infected the system.

Many computer viruses are designed to self-replicate and self-install over a very short period of time. They
come encoded with specific instructions to destroy and advance through its host computer, and can affect a
multitude of programs and applications very quickly. Recognizing the symptoms of a computer virus can help
to successfully remove it from the infected computer as quickly as possible; the sooner this is completed, the
easier it will be to recover any documents or programs that may be damaged, and prevent the virus from
further spreading.

Backing up computer files on a regular basis is just one preventative measure in protecting the data on your
computer. Installing a powerful antivirus program is the next step, as this can indicate the presence of a
malicious computer virus before it has a chance to spread. Still, recognizing the symptoms of a virus is fairly
simple when you know what to look for.

A computer virus may have installed itself on your computer through a Trojan, a security breach, unauthorized
access on your computer, or an e-mail attachment that also included malicious code. After a virus begins to
spread, many program files can become unstable and display warnings. The operating system may not launch
properly, and the computer user may need to reboot and restart the computer frequently to ensure all
programs are starting and working fine. Critical files may get deleted automatically, and this can happen
periodically or all at once. Error messages will become prevalent; it may become difficult to save documents,
and the computer may be running slower than usual. If a system or network is infected severely, it may even
black out or not even launch the startup process.

Some other symptoms of a computer virus involve the computer hardware itself. CD-ROM drive trays may
open and close by themselves, without the user directing the function. Programs may launch at their own, and
unusual sounds may play randomly. Some e -mail messages may not be sent or received properly, and e-mail
attachments may disappear. If the computer is freezing consistently, or files and folders seem to disappear or
will not open, these are clear signs that an area of the hard drive is “malfunctioning” (actually is not, but is
affected by a virus). The computer may also display a series of pop-up ads and strange messages upon
startup; this is a clear indicator that adware programs have been installed, and these are very difficult to
remove manually.

In addition, disk space can become overloaded and cause frequent computer crashes. Viruses can duplicate
large-sized programs to the point that the computer cannot handle the files. This will reduce the chances of
even installing an antivirus program successfully, so early detection is key to detecting and removing the
dangerous virus.

Lately, computer viruses have been created so they can change some of the core system files (Microsoft
Windows) so that web sites of most of antivirus software companies become inaccessible. Your Internet

browser will either switch to some other web site or simply show “not found”. What is happening is that you
are being prevented from finding a way of getting antivirus software cleaning your system.

Finally, the best way of recognizing computer virus symptoms and preventing computer viruses and other
Internet based threats to invade your computer is to have the latest, up to date computer security software,
which can be a basic version of antivirus program or some of the all-in-one software suites.


What is a computer virus?
Computer viruses are small software programs that are designed to spread from one computer to another and to
interfere with computer operation.
What do computer viruses do?
Through the course of using the Internet and your computer, you may have come in to contact with computer
viruses. Many computer viruses are stopped before they can start, but there is still an ever growing concern as to
what do computer viruses do and the list of common computer virus symptoms. A computer virus might corrupt
or delete data on your computer, use your email program to spread itself to other computers, or even erase
everything on your hard disk.
Computer viruses are often spread by attachments in email messages or instant messaging messages. That is why
it is essential that you never open email attachments unless you know who it's from and you are expecting it.
Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files.
Computer viruses also spread through downloads on the Internet. They can be hidden in illicit software or other
files or programs you might download.
To help avoid computer viruses, it's essential that you keep your computer current with the latest
updates and antivirus tools, stay informed about recent threats, run your computer as a standard user (not as
administrator), and that you follow a few basic ruleswhen you surf the Internet, download files, and open
attachments.
Once a virus is on your computer, its type or the method it used to get there is not as important as removing it
and preventing further infection.

Definition: "antivirus" is protective software designed to defend your computer against malicious
software. Malicious software, or "malware" includes: viruses, Trojans, keyloggers, hijackers,
dialers, and other code that vandalizes or steals your computer contents. In order to be an
effective defense, your antivirus software needs to run in the background at all times, and should
be kept updated so it recognizes new versions of malicious software.
Types Of Antivirus

A computer virus is a computer program that can copy itself and infect a computer without the
knowledge or permission of the owner. A virus can only be spread from one computer to another
through some form of executable codes. Viruses can be sent over a network, the Internet, floppy
disk, CD, or USB drive. Viruses can increase changes of spreading to other computers by infecting
files on a network system that is accessed by other computers.

The term computer virus is used to include all types or malware such as computer viruses, trojan
horses, most rootkits, spyware, dshonest adware, crimeware, and other malicious unwanted
software. Since most computers are now connected to the Internet and local networks it is increasing
the chance for spreading malicious virus codes. Since February 2009 there are over 287,524 and
growing computer viruses.
Symptoms
Computer viruses are among the most known problem that is affecting online users. The dangers of
viruses have gotten a lot of attention over the year, and without simple attention they will continue to
spread. Computer viruses cause a number of symptoms such as:
Computer programs taking longer to load than normal.
The computer is slower than normal.
Computer stops responding or freezes frequently.
Computer crashes and restarts every few minutes.
The computer does not run as usual.
Applications on the computer do not work correctly.
Disks or disk drives are inaccessible.
Printing items is difficult.
Error messages appear rapidly.
Distorted menus and dialog boxes.
Double extensions on attachments that you have already opened (jpg,vbs,gif, exe, and etc).
Antivirus programs get disabled for no reason, and cannot be restarted.
Antivirus programs will not start, and new programs cannot be installed.
Strange sounds plays from the speakers unexpectedly.
Programs disappear from the computer.

These symptoms are common signs of computer virus infection, and they are also warning signs that
you may be getting a computer virus. When you suspect that you are getting a computer virus there
are many ways to take care of it. Before you can get a virus it is best to prevent them from getting into
your computer by having a anti virus software.
AntiVirus Software
Antivirus software is used to prevent, detect, and remove malware and other computer viruses. Anti
virus software systems detections involve searching for known malicious patterns in executable code.
it is possible for a user to be infected with new viruses that have no sign or symptoms or existence.
To counter this problem of zero day threats, anti virus systems can be used to detect these viruses
when you don't even know that they are there.

There are many different types of anti virus software that have been developed over the years.
Original products were just scanners that would search through the hard disk looking for viruses. As
viruses have become more common and difficult, the more anti virus software is being made to keep
up with current virus issues. There are many different types of general virus scanners that are used
on PCs today:
Conventional Disk Scanner
This is the stand virus check program. It can be ran upon the users request, and it scans the contents
of the disks, directories or files that the users wants, for any boot sectors or files that contain viruses
that it recognizes. These are usually ran manually by the user as a preventive maintenance activity or
when they thing a virus is suspected. The user can schedule automatic scanning through the use of a
program scheduler.
Memory Resident Scanners
An anti virus software that now come with a special program that sits in the background while your
using your computer and it automatically scans for viruses based on different triggers. These
programs can automatically scan as they run or scan floppy disks when you command a shutdown of
your system. This scanner offers increased protection and more chances of catching a virus before it
does damage to your computer.
Behavior Based Detection
Some products offer an option where they will sit in memory and look for virus like behavior and
suspicious activity. Behavior based detection is looking for the types of actions taken on files or boot
sectors that might be performed by viruses trying to spread. This type of antivirus software will look for
a trap, and will generically catch viruses red handed.
Start up Scanners

This type of antivirus scanner is designed to be run every time the PC is booted up. It preforms a
quick scan of the disks boot sectors and critical system files. the idea is to catch these viruses before
the PC boots up reducing the chance of it to spread.
Inoculation
Instead of scanning for viruses this type of antivirus software looks for changes that the viruses make
to files and boot sectors. With a clean system the software will get a snap shot of information in each
boot sector about its content and size. Periodically it will re examine these files to see if anything has
changed.
Top Anti Virus Software
The Shield Deluxe 2009 Antivirus & Antispyware
Webroot Antivirus with Antispyware 6.0
BitDefender Antivirus 2009
CA Anti-Virus Plus 2009
McAfee VirusScan Plus 2009
Norton Antivirus 2009
ESET NOD 32 3.0