Академический Документы
Профессиональный Документы
Культура Документы
Memory Resident Virus (2) - stays in memory after it executes and after its
host program is terminated. In contrast, non-memory-resident viruses only
are activated when an infected application runs.
Overwriting Virus (3) - will copy its own code over the host computer
system's file data, which destroys the original program.
Direct Action Virus (4) - is considered to be “non-resident” and functions by
selecting one or more files to infect each time the code is executed. The
primary intentions of this virus is copying itself and to spread infection
whenever the code is executed.
Boot Sector Virus (5) - infects computer systems by copying code either to
the boot sector on a floppy disk or the partition table on a hard drive. During
startup, the virus is loaded into memory. Once in memory, the virus will infect
any non-infected disks accessed by the system.
Cluster Virus (6) - associates itself with the execution of programs by
modifying directory table entries to ensure the virus itself will start when any
program on the computer system is started. If infected by this virus it will look
like every program on your PC is infected; however, this virus is only in one
place on the system.
Macro Virus (7) - is written in a macro language and infects Microsoft Word
or similar applications (e.g., word processors and spreadsheet applications)
and causes a sequence of actions to be performed automatically when the
application is started or something else triggers it.
A computer virus is one type of malware that inserts its virus code to multiply itself
by altering the programs and applications. The computer gets infected through the
replication of malicious code.
Computer viruses come in different forms to infect the system in different ways.
Some of the most common viruses are
Boot Sector Virus – This type of virus infects the master boot record and it is
challenging and a complex task to remove this virus and often requires the system
to be formatted. Mostly it spreads through removable media.
Direct Action Virus – This is also called non-resident virus, it gets installed or
stays hidden in the computer memory. It stays attached to the specific type of files
that it infect. It does not affect the user experience and system’s performance.
Resident Virus – Unlike direct action viruses, resident viruses get installed on the
computer. It is difficult to identify the virus and it is even difficult to remove a
resident virus.
Multipartite Virus – This type of virus spreads through multiple ways. It infects
both the boot sector and executable files at the same time.
Polymorphic Virus – These type of viruses are difficult to identify with a traditional
anti-virus program. This is because the polymorphic viruses alters its signature
pattern whenever it replicates.
Overwrite Virus – This type of virus deletes all the files that it infects. The only
possible mechanism to remove is to delete the infected files and the end-user has
to lose all the contents in it. Identifying the overwrite virus is difficult as it spreads
through emails.
Spacefiller Virus – This is also called “Cavity Viruses”. This is called so as they fill
up the empty spaces between the code and hence does not cause any damage to
the file.
#File infectors:
Few file infector viruses come attached with program files, such as .com or .exe
files. Some file infector viruses infect any program for which execution is requested,
including .sys, .ovl, .prg, and .mnu files. Consequently, when the particular program
is loaded, the virus is also loaded.
Besides these, the other file infector viruses come as a completely included
program or script sent in email attachments.
#Macro viruses:
As the name suggests, the macro viruses particularly target macro language
commands in applications like Microsoft Word. The same is implied on other
programs too.
In MS Word, the macros are keystrokes that are embedded in the documents or
saved sequences for commands. The macro viruses are designed to add their
malicious code to the genuine macro sequences in a Word file. However, as the
years went by, Microsoft Word witnessed disabling of macros by default in more
recent versions. Thus, the cybercriminals started to use social engineering
schemes to target users. In the process, they trick the user and enable macros to
launch the virus.
Since macro viruses are making a come back in the recent years, Microsoft quickly
retaliated by adding a new feature in Office 2016. The feature enables security
managers to selectively enable macro use. As a matter of fact, it can be enabled
for trusted workflows and blocked if required across the organization.
#Overwrite Viruses:
The virus design purpose tends to vary and Overwrite Viruses are predominantly
designed to destroy a file or application’s data. As the name says it all, the virus
after attacking the computer starts overwriting files with its own code. Not to be
taken lightly, these viruses are more capable of targeting specific files or
applications or systematically overwrite all files on an infected device.
On the flipside, the overwrite virus is capable of installing a new code in the files or
applications which programs them to spread the virus to additional files,
applications, and systems.
#Polymorphic Viruses:
More and more cybercriminals are depending on the polymorphic virus. It is a
malware type which has the ability to change or mutate its underlying code without
changing its basic functions or features. This helps the virus on a computer or
network to evade detection from many antimalware and threat detection products.
Since virus removal programs depend on identifying signatures of malware, these
viruses are carefully designed to escape detection and identification. When a
security software detects a polymorphic virus, the virus modifies itself thereby, it is
no longer detectable using the previous signature.
#Resident Viruses:
The Resident virus implants itself in the memory of a computer. Basically, the
original virus program is not required to infect new files or applications. Even when
the original virus is deleted, the version stored in memory can be activated. This
happens when the computer OS loads certain applications or functions. The
resident viruses are troublesome due to the reason they can run unnoticed by
antivirus and antimalware software by hiding in the system’s RAM.
#Rootkit Viruses:
The rootkit virus is a malware type which secretly installs an illegal rootkit on an
infected system. This opens the door for attackers and gives them full control of the
system. The attacker will be able to fundamentally modify or disable functions and
programs. Like other sophisticated viruses, the rootkit virus is also created to
bypass antivirus software. The latest versions of major antivirus and antimalware
programs include rootkit scanning.
#System or Boot-record Infectors:
The Boot-record Infectors infect executable code found in specific system areas on
a disk. As the name implies, they attach to the USB thumb drives and DOS boot
sector on diskettes or the Master Boot Record on hard disks. Boot viruses are no
more common these days as the latest devices rely less on physical storage media
Email viruses
Many of the most prolific viruses are email-aware: they distribute themselves
automatically by email.
Typically, email-aware viruses depend on the user clicking on an attached
document. This runs a script that can forward infected documents to other
people. The Netsky virus, for example, searches the computer for files that
may
contain email addresses (e.g. EML or HTML files), and then uses the email
program on your computer to send
itself to those addresses. Some viruses, like Sobig-F, don’t even need to use
your email browser; they include their own “SMTP engine” for sending mail.
Email viruses may compromise your computer’s security or steal data, but
their most common effect is to create excessive email traffic and crash
servers.
Email attachments
Any attachment that you receive by email could carry a virus; launching such
an attachment can infect your
computer. Even an attachment that appears to be a safe type of file, e.g. a
file with a .txt extension, can pose a threat.
That file may be a malicious VBS script with the real file type (.vbs) hidden
from view
2.
3.
How does computer infected by viruse?
A virus program has to be run before it can infect your computer. Though
viruses have ways of making sure that this happens. They can attach
themselves to other programs or hide in code that is run automatically when
you open certain types of file. Sometimes they can exploit security flaws in
your computer’s operating system to run and to spread themselves
automatically. You might receive an infected file in an email attachment, in a
download from the internet, or on a disk. As soon as the file is launched, the
virus code runs. Then the virus can copy itself to other files or disks and
make changes on your computer.
Trojan horses
Worms
Worms are similar to viruses but do not need a carrier program or document.
Worms simply create exact copies of themselves and use communications
between computers to. Many viruses, such as MyDoom or Bagle, behave
like worms and use email to forward themselves.
What can viruses do?
Viruses used to play pranks or stop your computer working, but now they
compromise security in more
insidious ways. Here are the things that viruses can do.
■ Slow down email. Viruses that spread by email, such as Sobig, can
generate so much email traffic that servers slow down or crash. Even if this
doesn't happen, companies may react to the risk by shutting down servers
anyway.
■ Steal confidential data. The Bugbear-D worm records the user's
keystrokes, including passwords, and gives the virus writer access to them.
■ Use your computer to attack websites.
MyDoom used infected computers to flood the SCO software company's
website with data, making the site unusable (a denial of service attack).
■ Let other users hijack your computer. Some viruses place “backdoor
Trojans” on the computer, allowing the virus writer to connect to your
computer and use it for their own purposes.
■ Corrupt data. The Compatable virus makes changes to the data in Excel
spreadsheets.
■ Delete data. The Sircam worm may attempt to delete or overwrite the hard
disk on a certain day.
■ Disable hardware. CIH, also known as Chernobyl, attempts to overwrite
the BIOS chip on April 26, making
the computer unusable.
■ Play pranks. The Netsky-D worm made computers beep sporadically for
several hours one morning.
■ Display messages. Cone-F displays a political message if the month is
May.
■ Damage your credibility. If a virus forwards itself from your computer to
your customers and business partners,
they may refuse to do business with you, or demand compensation.
■ Cause you embarrassment. For example, PolyPost places your
documents and your name on sex related newsgroups.
If you think your computer is infected with malware, here’s how to handle it.
If you already have antivirus software installed on your computer and it still got
infected with a virus, the software you were using is most likely unreliable. Uninstall
it, and get a new one. You can download one online or buy an installer from your
local tech shop. Either way, it’s best to get the paid version of your preferred
program rather than its free counterpart, so that you can get access to its full host
of features.
Some of the best antivirus software programs in the market right now
include Norton Security, McAfee Antivirus, Kaspersky Anti-Virus, Bitdefender,
and Webroot.
A wide variety of malicious programs exist today, and some of the most common
include trojans, viruses, worms, and ransomware. In order to check if your
computer is actually infected with any of these (as well as identify which of them
may have infected your computer), perform a full scan of your computer using your
new antivirus software, and make sure that the antivirus is fully updated before you
start the scan.
This may take a while, depending on the number of files on your computer and the
number of drives on it, so be patient. Once it’s done, you’ll know exactly which file
on which drive is infected.
Once your software identifies the infection, it will provide you with prompts on how
to treat it. Antivirus programs all have different methods, but some of the
most common options include permanent deletion of the virus or storing it in a
secure folder (a.k.a. “quarantine”) where it won’t be able to cause more damage.
When it comes to virus protection, prevention is always better than cure. You can
prevent your computer from getting infected by taking these precautionary
measures:
Follow all of the aforementioned steps, and won’t have to worry about computer
viruses again.
If you want complete computer and internet security, pair your antivirus software
with a high-quality VPN like Hotspot Shield. Our VPN uses the toughest security
protocols, such as TLS 1.2 with perfect forward secrecy and 128-bit AES data
encryption, to make sure hackers won’t be able to access and infect your device.
3.
10 Tips on How to Prevent Malware From Infecting Your Computer
When our computers start slowing down or behaving in an unusual way, we are
often quick to suspect that we have a virus. It might not be a virus, but it is likely
that you have some sort of malware. Some are malicious, and others are just
annoying. The worst culprits are the hijackers—malware programs that take over
your browser, or worse yet, your computer. I have had to remove these types of
evil programs from personal computers and work computers in the past, and I’m
sure you have, too. Here are 10 tips on how to prevent malware from infecting your
computer, keeping your hardware safe.
Look:
You can have the best protection there is, but even the best antivirus software can
fail to detect new malware (e.g., computerviruses, ransomware, spyware, etc.).
Malware threats grow so fast, that antivirus programs take too long to catch up with
malware (even the best free or paid ones).
Then there's a good chance that your PC will get infected one day.
Antivirus software
If you need more functions (e.g., multi-layer ransomware protection) and settings,
then you can try a paid antivirus program.
Most antivirus companies offer the option to download and try their paid antivirus
programs for free for 30 days.
Bitdefender Antivirus
Kaspersky Antivirus
ESET Antivirus (one of the lightest antivirus programs there is)
Free second opinion virus scanners
It's also recommended to use second opinion virus scanners to get more complete
detection coverage, because some programs may detect viruses that others might
miss.
If you think that your PC has a virus (malware) infection, then you can also try the
following free virus (malware) scanners:
You can use these virus (malware) scanners alongside your current antivirus
software.
You can use these scanners to scan your PC periodically (e.g., once a week) or
when you think your PC is infected with a virus or another type of malware.
5.
Q. Computer virus detection and removal
I will show you how to detect and how to get rid of a computer virus for free.
But first:
The first thing you want to keep in mind when your PC is infected by a computer
virus is whether or not you want to clean it. Because sometimes it may be a better
idea to back up any data that you might have and reinstall Microsoft Windows
or restore a system image backup that's 100% clean.
Why?
Malware can nestle itself deeper into your system and hide so that it can't be
discovered by your security software and it can also open doors to other malware.
And:
Considering time and effort, sometimes it's better to wipe everything and start all
over again. But, if you wanted to do that, you probably wouldn't be reading this
article, so, follow the steps below.
With the following steps, I assume that you have access to your system or at least
can boot Windows into “Safe Mode with Networking”.
Once you have the ISO file you can install it on a USB flash drive with the help of a
free tool called Rufus and then you can boot from the USB drive and use the
rescue disk.
If you cannot open some files on your computer or you see files with missing or
weird file extensions (e.g., .cry, .crypto, .locked, .kraken, etc.), your system is
probably infected by Ransomware.
If your system is infected by Ransomware, the first thing you should do is to check
if your files can be decrypted.
But to do this, you first need to find out which Ransomware has infected your PC.
To find out which Ransomware has infected your PC, look at the ransom note, or
look at any messages on the screen or look at the encrypted files and the
extension they have.
If you cannot find out which Ransomware infected your PC you can visit ID
Ransomware by MalwareHunterTeam and upload the ransom note or an encrypted
file.
On this forum, you can find a lot of malware analysts that you can talk to.
You can post something in the forums and upload one of your encrypted files.
They might be able to tell you whether or not you can decrypt your files.
You can also download the Bitdefender Ransomware Recognition Tool to find out
which ransomware has encrypted your data and then get the appropriate
decryption tool if it exists.
If your files were not affected by ransomware or you were able to decrypt your files,
then you should make a backup of your files.
You can use a free backup program like AOMEI Backupper Standard or copy your
files to a USB flash drive or external hard drive.
Press the [ctrl] + [alt] + [delete] (del) keys on your keyboard and then click
on Task Manager.
Press the [Windows] + [R] keys on your keyboard, type taskmgr and then
click on the OK button or press [Enter].
In Windows 10, you right-click on the taskbar or start menu button and then
click on Task Manager.
2. Click on the Startup tab.
3. Disable everything that you see here, including your antivirus software.
2. Click on the Services tab.
3. Check (select) the Hide all Microsoft services option located below the list.
6. Click on OK.
Important! The order of the following steps are very important, so don't do these
steps in a different order.
Scan your PC with Kaspersky Virus Removal Tool and follow its instructions if it
found something.
Step 6: Malwarebytes
Scan your PC with Malwarebytes and follow its instructions if it found something.
Step 7: Zemana
Scan your PC with Zemana and follow its instructions if it found something.
Step 8: ESET Online Scanner
If you want to scan your computer with more virus scanners, then you can also try
the following virus scanners:
Thank you for reading this article. Hopefully, you learned enough about computer
viruses to keep your PC clean and safe. If you want to learn more about computer
and Internet security (cybersecurity), then visit thi
Here are eight ways you can avoid being the victim of a computer virus:
1. Don't start your computer when there is a USB (thumb) drive or other
type of removable media in a port or driver, especially if that media came
from someone you don't know or trust 100%. Why? Because if there is a
virus on that media, it will load onto your hard drive when you start up.
2. Think twice before opening any attachment that comes in an email. Ask
yourself, "Do I know the sender?" If the answer is "yes," are you sure their
email address is correct? Were you expecting the attachment?
3. If you receive an email from a stranger, either mark it as spam
immediately or delete it without opening the email. If there's an attachment,
do not open the attachment under any circumstances!
4. If you receive an email with an attachment from someone you do know—
but that you weren't expecting—inspect it closely. Check the spelling of the
sender's name and examine the message carefully for spelling errors,
which is often a tipoff that it's not genuine. (Even if a message you weren't
expecting is error-free and seems legitimate, you may want to check with
the sender to make sure he or she sent it.)
5. Learn how to disable and enable macros, which are instructions saved in
spreadsheet and word processing programs. A macro isn't bad, unless
someone who wants to infect your computer puts one there.
6. Make sure you have an antivirus program running on your computer, and
keep it updated. It will identify and remove viruses in your memory, storage
media and any incoming files. Most importantly, an antivirus program
automatically scans files you download from the Internet, email
attachments and open files.
7. Think about installing a software or hardware firewall. A router is an
example of a hardware firewall. Microsoft includes a personal software
firewall in its operating system.
8. Keep your guard up! There are websites that publish lists of the latest
known virus alerts and virus hoaxes.