A computer virus is malware (malicious software) that can replicate itself and spread from one computer to another. The term “virus” is also commonly but erroneously used to refer to other types of malware, including the very common trojans and worms.
All viruses are self-replicating computer programs that attach themselves to some form of executable content it could be a document, an application program such as Microsoft Word or Excel, or even boot sectors (Master Boot Record, Volume Boot Record). When the host software is started, the virus code is executed along with it.
Five main families of Computer viruses:
• Boot sector viruses infect the boot sectors of floppy disks and hard drives.
• File or program viruses infect files and programs in executable files, such as those found in the AUTOEXEC.BAT and CONFIG.SYS files are used for booting a computer, or in other non-executable files such as word processor documents.
• Macro viruses infect Microsoft Office documents and rely on the VBA (Visual Basic for Applications) programming language built into these office programs.
• Multipartite viruses have multiple means of propagating themselves, typically using a combination of file infection, boot sector infection, and macro infection.
• Polymorphic viruses change their code as they replicate themselves. This makes disassembly for analysis difficult.
Categories of Computer Viruses:
• Direct action (a virus that can spread without user action)
• Spreading through diskettes, networks, the Internet, or e-mail messages.
Viruses are often said to “infect” a computer system. This is inaccurate. A virus attaches itself to an executable file on the host machine (see Trojan horse). The infected files behave normally as far as the user is concerned. The virus code may make copies of itself and these new viruses will also attach themselves to files, thus spreading until the machine’s hard disk (or entire network) is full of viruses.
Protection from Computer Virus?
There are antivirus programs that can remove viruses from an infected computer system. They work by scanning the file system, memory, and running processes for suspicious code. Some will also hook the disk I/O port in order to detect virus-like activity on the hard drive. This is one of several techniques used by antivirus software to circumvent the attempts of a virus to spread.
The effectiveness of antivirus software has been criticized because the viruses it aims to protect against only a small percentage of all malware.
Some viruses disable the resident protection offered by anti-virus software. The first versions of Symantec’s Norton AntiVirus contained early examples of this class of virus in their virus database (colloquially called “novel this” viruses).
Some later examples of a class of viruses include the CIH virus (also known as the Chernobyl virus) and its derivatives. Production programming techniques were able to defeat some forms of antivirus software, but these were soon replaced by better defense systems.
This post was originally published on 25, December 2021, but according to new information stuff, this post is updated frequently.