Primer on Computer Viruses

120px-VirusAnybody with a computer knows that there are a host of computer viruses that can cause them problems. Most of us just load some sort of virus checking software on our computers and then hope to not get infected. But few of us have ever read much about the different kinds of viruses. So I offer a short description of the most common kinds of viruses that are attacking us each day. This isn’t an exhaustive list and also doesn’t include other malware like worms or trojan horses.

File Infector Virus. These are probably the most common viruses and they attach themselves to root key root files on a computer, the kinds of files that are needed to make the computer turn on and become operational. When the infected file is opened the virus is activated and can do almost anything imaginable inside the computer. These viruses may overwrite all or parts of the root file such that the virus is executed whenever the file is executed.

Browser Hijacker. This virus is the one that mostly gets onto machines by the user opening an infected email or file. These viruses then typically send people to specific websites assumedly to increase web hits.

Macro Virus. These viruses exploit the macro functions of programs like Microsoft Word and Excel. Those programs have very powerful macro tools that allow for sophisticated manipulation of data and files. The version of a macro virus that almost everybody has noticed in a version that infects Microsoft Outlook and then sends a spam email to everybody in the address book.

Boot Sector Virus. These were some of the first viruses developed. They take root in the boot sector, or those key files that are needed to start a computer. I remember a time when these got on the machine through loading an infected floppy disk into a machine. There is one story (or possibly an urban legend) that claims that a boot sector virus infected a major government agency after an employee there loaded a flash drive they had picked up in the parking lot.

Web Scripting Virus. These are virus that are activated when you read an infected web site. More often than not the web site has been hacked without the knowledge of the owner.

Polymorphic Virus. Polymorphic viruses morph over time and change each time they are activated. Normally this function is used to relocate the virus onto a different part of the computer to avoid detection. These viruses are good at evasion and are the hardest ones to eradicate.

Resident Virus. This class of virus embeds itself in a computer’s memory and is no longer associated with any specific file. This is the most common type of virus used when somebody is trying to spy on your keystrokes or hijack your computer in some way.

Direct Action Virus. These viruses only get activated when a specific file is executed. I remember a very early version of this back in the MS DOS days that formatted the entire hard drive and wiped out everything in memory. These viruses are somewhat rare now since they are hard to disseminate.

Multipartite Virus. These are the mac daddy of viruses and they combine multiple forms of viruses from the list above. This is generally done so that these viruses can survive on a machine. They have multiple components and functions and can be delivered to a computer in multiple ways and can spread in multiple ways. They also can take different actions on different computers based upon what they find.

Leave a Reply