Computer Virus & Anti-Virus

A computer virus is a kind of malicious computer program, which when executed, replicates itself and
inserts its own code. When the replication is done, this code infects the other files and program present
on your system.These computer viruses are present in various types and each of them can infect a device
in a different manner.

What is a Computer Virus?

A computer virus is a program which can harm our device and files and infect them for no further use.
When a virus program is executed, it replicates itself by modifying other computer programs and instead
enters its own coding. This code infects a file or program and if it spreads massively, it may ultimately
result in crashing of the device.

Example of Computer viruses:

Morris Worm-1988 Nimda operating system ILOVEYOU

SQL SLAMMER Crypto Locker-2013 Stuxnet

Morris Worm-One of the earliest and most pervasive computer virus examples, this self- replicating
computer program spread through the early Internet in 1988, slowing down or crashing many machines.

Nimda-This particular type of worm targeted web servers and computers running Microsoft Windows
operating systems, spreading through multiple infection vectors in 2001.

ILOVEYOU-A highly destructive worm that spread via email disguised as a love confession and caused
widespread damage in 2000 by overwriting files.

SQL Slammer- -A fast-spreading computer worm that exploited a vulnerability in Microsoft SQL Server,
causing network congestion and disrupting Internet services in 2003.

Stuxnet-A sophisticated worm designed to target and sabotage industrial control systems particularly
Iran's nuclear program, by exploiting zero-day vulnerabilities in 2010.

Crypto Locker-This ransomware Trojan, which infected hundreds of thousands of computers in 2013
encrypted victims' files and demanded a ransom for their decryption.

Types of Computer Virus

Discussed below are the different types of computer viruses:

Boot Sector Virus-It is a type of virus that infects the boot sector of floppy disks or the Master Boot Record
(MBR) of hard disks. The Boot sector comprises all the files which are required to start the Operating
system of the computer. The virus either overwrites the existing program or copies itself to another part
of the disk.
 Direct Action Virus-When a virus attaches itself directly to a .exe or.com file andenters the device while
its execution is called a Direct Action Virus. If it gets installed in the memory, it keeps itself hidden. It is
also known as Non-Resident Virus.

Resident Virus-A virus which saves itself in the memory of the computer and then infects other files and
programs when its originating program is no longer working. This virus can easily infect other files because
it is hidden in the memory and is hard to be removed from the system.

Multipartite Virus-A virus which can attack both, the boot sector and the executable files of an already
infected computer is called a multipartite virus. If a multipartite virus attacks your system, you are at risk
of cyber threat.

Overwrite Virus-One of the most harmful viruses, the overwrite virus can completely remove the existing
program and replace it with the malicious code by overwriting it. Gradually it can completely replace the
host's programming code with the harmful code.

Polymorphic Virus-Spread through spam and infected websites, the polymorphic virus are file infectors
which are complex and are tough to detect. They create a modified or morphed version of the existing
program and infect the system and retain the original code.

File Infector Virus-As the name suggests, it first infects a single file and then later spreads itself to other
executable files and programs. The main source of this virus are games and word processors.

Space filler Virus-It is a rare type of virus which fills in the empty spaces of a file with viruses. It is known
as cavity virus. It will neither affect the size of the file nor can be detected easily.

Macro Virus-A virus written in the same macro language as used in the software program and infects the
computer if a word processor file is opened. Mainly the source of such viruses is via emails.

Signs of Computer Virus:Malware authors write code that is undetectable until the payload is delivered.
However, like any software program, bugs could present issues while the virus runs Signs that you have a
computer virus include

 Popup windows, including ads (adware) or links to malicious websites.

 Passwords change without your knowledge or your interaction on the account.

 Frequent error messages arise with basic functions like opening or using programs.
How to Prevent Computer Viruses

Install antivirus software: Antivirus should run on any device connected to the network.Antivirus
software stops malware executable from running on your local device.

Don't open executable email attachments: Many malware attacks including ransomware start with a
malicious email attachment Executable attachments should never be opened, and users should avoid
running macros programmed into files such as Microsoft Word or Excel

Keep your operating system updated: Developers for all major operating systems release patches to
remediate common bugs and security vulnerabilities. Always keep your operating system updated and
stop using end-of-life versions (e.g. Windows 7 or Windows XP)

Avoid questionable websites: Older browsers are vulnerable to exploits used when just browsing a
website. You should always keep your browser updated with the latest patches and avoid these sites to
prevent drive-by downloads or redirecting you to sites that host malware.

Don't use pirated software: Free pirated software might be tempting, but as often packaged
with malware. Download vendor software only from the official sauce and avoid using software
pirated and shared software.
Use strong passwords: Make sure your passwords are highly secure and difficult to guess Avoid
using the same password across multiple accounts and change them regularly to mitigate
vulnerabilities and prevent hackers from stealing them.
Remain vigilant: Always be cautious when downloading files or software from the internet or opening
suspicious email attachments. Turn off file sharing and never share access to your computer .

How to Remove a Computer Virus Removing a computer virus can be a challenging task, but there are
several steps you can take to get rid of it. Common steps to remove a computer virus include:

1. Download and install antivirus software: Assuming you don't already have antivirus software installed,
download and install a real-time and on-demand solution, if possible. A real-time malware scanner scans
for viruses in the background while you use the computer. You nuust start the on-demand scanner
whenever you want to scan your device

2. Disconnect from the internet: Some computer viruses use the internet connection to spread, so it's
best to disconnect from the internet when removing a virus from your PC to prevent further damage

3. Delete any temporary files: Depending on the type of virus. deleting temporary files can also delete
the virus, as some viruses are designed to initiate when your computer boots up.

4. Reboot your computer into safe mode: To help mitigate damages to your computer while you remove
a virus, reboot your device in "Safe Mode. This will inhibit the virus from running and allow you to remove
it more effectively.
5. Run a virus scan: Run a full scan using your antivirus software, opting for the most thorough or complete
scanning option available. If possible, cover all your hard drive letters during the scan.

6. Delete or quarantine the virus: Once the virus is detected, your antivirus software will give you the
option to delete or quarantine the virus. Quarantining the virus will isolate it from the rest of your
computer to prevent it from causing further damage.

7. Reboot your computer: Assuming you've effectively removed the virus, your computer can be
rebooted. Simply turn on the device as you would do so normally without initiating the Safe Mode" option.

8. Update your browser and operating system: To complete the virus removal process update your
operating system and web browser to the latest version possible. Browser and OS Updates often contain
fixes for particular vulnerabilities and exploits.

How Do Viruses Spread:Computer viruses spread through various channels, and being aware of
these channels is essential to protect yourself and your organization from infection,

Email Attachments: One method of virus transmission is through email attachments. Hackers often
disguise their malicious code as seemingly harmless files, such as documents or images unsuspecting users
open without a second thought. For example, Ursnif banking Trojan campaigns are known to spread via
email attachments posing as invoices or financial statements.

Internet Downloads: Viruses can also hide in software installers, media files, or even browser extensions
that you download from the web. It's important to be cautious when downloading files from unknown
sources or sketchy websites. A notorious case was the Download.com scandal, where popular applications
were bundled with adware and other unwanted programs by default.

File Sharing Networks: File sharing networks like torrent sites and peer-to-peer platforms can easily
transmit viruses, Innocent-looking movie torrents or cracked software may carry hidden payloads
designed to compromise your device upon installation. For example, The Pirate Bay used a browser-based
crypto currency miner, so when someone visited the website, their computer was used to mine crypto
currency without their knowledge or consent.

Removable media: Virus can attach to removable media, such an USB drives and CD/DVDs infecting way
computer they're plugged into.

 What are the Causes of Computer Viruses?

Ego-driven: Some virus authors seek fame within the hacker community by creating destructive or
widespread viruses that gamer media attention.

Cybercrime: Hackers often use computer viruses as tools for ransomware attacks, identity theft, and other
forms of online fraud.

Sabotage: In some cases, disgruntled employees create computer viruses to intentionally damage their
employer's infrastructure.

Cyber espionage: State-sponsored hackers may develop advanced persistent threats (APT) using custom-
made malware designed for long-term infiltration into targeted networks.
How Do Computer Viruses Work

The Infection Process: A virus can attach itself to any legitimate prograin or document that supports
macros to execute its code, such as an email attachment or a file download from a website. Once the file
is opened or downloaded, the vinis springs into action and starts executing.

Hiding in Plain Sight: Computer viruses can be quite crafty to remain hidden from both users and antivirus
solivare alike. Viruses employ stealth techniques such as polymorphism, which changes their appearance.
or encryption methods.

The Damage Done: Once activated, a virus may wreak havoc on your computer system. It can steal
sensitive data, corrupt files, slow down performance, and even crash your entire system. It can spread
from system to system after a user takes action that either intentionally or accidentally facilitates it.

What is an Anti-Virus?

An anti-virus is a software which comprises programs or set of programs which can detect and remove all
the harmful and malicious software from your device. This anti-virus software is designed in a manner
that they can search through the files in a computer and determine the files which are heavy or mildly
infected by a virus. Given below is a list of few of the major antivirus software which is most commonly
used:

 Norton Antivirus
 F-Secure Antivirus Kaspersky Antivirus
 AVAST Antivirus
 Comodo Antivirus
 McAfee Antivirus

These are few of the much anti-virus software widely used to remove viruses from a device.