Home

Computer Viruses and Worms

A large variety of computer viruses/virii roam the Internet to infect computers with an array of maladies from annoying to devastating.  Most of these can be prevented.

A computer virus contains executable code that, when run by someone, infects or attaches itself to other executable code in a computer in an effort to reproduce itself.

Viruses can be transmitted as attachments to an e-mail note, as downloads, or present on a diskette, CD, or on the Internet and downloaded onto your computer without your knowledge. Some viruses take effect immediately; other viruses lie dormant until circumstances cause the code to be executed by the computer. Some viruses are annoying in intent and effect and some can be quite harmful, erasing data or causing your hard disk to require reformatting. Computer virus infections should not go untreated and they can usually be prevented by using best practices.

While there are thousands of variations of viruses, most fall into one of the following general categories as below:

 

  • Boot Sector Virus: replaces or implants itself in the boot sector - an area of a disk accessed when you first turn on your computer. This kind of virus can prevent you from being able to boot your hard disk
  • Bot/Botnet: A bot is a 'zombie' (controlled by someone other than yourself) computer used to carry out automated tasks such as spamming. While the term "botnet" can be used to refer to any group of bots, such as Internet Relay Chat (IRC) bots, this word is generally used to refer to a collection of compromised computers (called Zombie computers) running software, usually installed via wormsTrojan horses, or backdoors, under a common command-and-control infrastructure.
  • File Virus: infects applications. These executables then spread the virus by infecting associated documents and other applications whenever they're opened or run.
  • Macro Virus: Written using a simplified macro programming language, these viruses affect Microsoft Office applications, such as Word and Excel, and account for about 75 percent of viruses found in the wild. A document infected with a macro virus generally modifies a pre-existing, commonly used command (such as Save) to trigger its payload upon execution of that command.
  • Multipartite Virus: infects both files and the boot sector--a double whammy that can re-infect your system dozens of times before it's caught.
  • Polymorphic Virus: changes code whenever it passes to another machine; in theory these viruses should be more difficult for anti-virus scanners to detect, but in practice they're usually not that well written.
  • Stealth Virus: hides its presence by making an infected file not appear infected, but doesn't usually stand up to anti-virus software.