Viruses attach themselves to legitimate programs on the machine of the victim. This affected program transfers to another system and runs on that system. Virus from the affected program attached its self to another program in that system too.
If a virus comes into any system, it may or may not suddenly perform any action. When a virus enters the system, it will wait for specific conditions to meet and then attack it.
Viruses do not directly damage computer hardware. They create such circumstances where hardware controlled by a computer is damaged.
the virus can overheat and damage the computer hardware by instructing it to stop its cooling fan.
Source of virus transmission
It can be transferred, by file transfer and sharing process, instant messages, and affected email attachment. When you download content from a malicious website, then this can also become a source of viruses.
Purpose of viruses
There must be two purposes for viruses
- The virus may be destructive: The virus enters your computer system, then it will check the personal data in your hard disk and destroy that data. Such viruses are called a destructive viruses.
- Spread only viruses: These are the most common viruses. When you copy the data from virus affected system, then it will affect your system using USB.
Viruses cannot carry a dangerous payload. Still, they are capable of consuming network resources and also can cause malfunctioning in a computer program. That is why virus attacks are very effective attacks.
Track virus on your system
If your system is running slow, then you must check the task manager. By opening TM in your system, check which process is running in your system that is consuming more resources like RAM or CPU, and if there is such a program and it is unknown to you, then there is maximum chance that it could be a virus.
Types of viruses
There are the following types of viruses
- Brain viruses
- Boot Sector Viruses
- Polymorphic virus
- Macro virus
Brain virus is a boot sector virus. It was the first virus, written in January 1986 for window-based PC.
It was the era in which the internet was not much known and efficient as it is now. Computers were only limited to scientists and few research organizations in Europe, Japan, and the US.
So that time, the virus was written by the Pakistani brothers. Their names were Basit, 17 years old, and Amjad Farooq, 24 years old Alvi. Both brothers were working in a Pakistani organization its name was brain telecommunication. This virus is documented, in the security literature as malware and virus.
Brain virus transmission process
Most IBM computer was running on MS-DOS and data was stored on 5.25 inches floppy disk. This floppy disk can store 160 kilobytes of files. It was such a desk in which the Alvi brothers copied the virus. This virus becomes the first virus that becomes the first computer infestation around the world.
Somehow copied virus found its way to the US.
It was estimated, Brain Virus attack more than 100,000 computers between 1986 and 1989.
This virus replaces the boot sector of a floppy disk with copied virus and affects IBM personal computers. The boot sector transfer to another sector by marking as bad. Floppy disks contain five-kilobyte malware data.
Viruses cannot destroy the data. Whenever any floppy disk is attached to an infected PC, the virus creates a file and puts their name (Alvi Brothers) and phone number on the Pc screen.
Purpose of Brain Virus transmission
The purpose of this virus development and transmission was a comparison between Microsoft OS security with Unix and Linux and find out security holes in MS-DOS.
Boot sector viruses
The hard drive of the computer contains sectors, and each has a segment of data. Every hardware has a first sector name as the boot sector.
Hence boot sector virus infects the floppy disk boot sector. It also infects the main memory or RAM of the computer.
With the corrupted RAM, it becomes difficult for the computer process to read and write the data. When the disk check is performed virus will remove 2048 bytes of total memory available.
The symptoms of boot sectors virus are following
- Missing files on the hard drive
- Corrupt files
- Computer startup failure
Boot sector determination process
- Open a command prompt. Its black screen will appear.
- Enter “chkdsk” in the command prompt. All the letters would be smaller and not put quotations.
- This process takes few minutes so let it complete.
- Once the whole process ended, it will display the result in this form.
These viruses are dynamic and versatile because they can change their own identity. So that signature scanner and normal antivirus scanner become enable to detect them.
Encrypted payload and mutation engine are present in polymorphic virus
Encryption hide malicious payload from threat detection software and scanner. They cannot identify the threat.
Once virus reached in the targeted device, payload decrypted and it cause damage to the system. Mine while mutation engine randomly generate a new decryption payload so that when virus reaches to other target system, its scanner and threat detection system fail to identify threat. And the whole process continued at every target.
Mutation engine create a new decryption routine for underlying code but underlying code does not change.
These viruses are based on macro programming. It is embedded in world processing application (MS Word/Excel, Power Point etc).
The virus gets activated when the application is open. It damages the document’s format and creates restrictions on changing and even saving the document. A macro virus can be removed from Antivirus.