In the history of our entire computer usage, there would be at least once when we would have come across a situation where a virus would hit our computer. Like any other flu virus, a computer virus also spreads from one host to another and replicates.
What is Computer Virus?
To start discussing viruses, let us first understand what a computer virus is and how it works. A computer virus is a piece of malicious code or a program that is written to cause damage to the device or steal the data. A computer virus is similar to a biological virus and has self-replicating capabilities. The virus code replicates itself by modifying other legitimate program codes and inserting its own malicious code to cause harm to the device. Similar to a biological virus, a computer virus cannot replicate without a host program.
How do these viruses attack?
In a world that is connected, a virus is much easier to reach our devices. The virus writers exploit the system’s security vulnerabilities to attack the system initially; the code once attached to a core file of a program starts replicating itself, corrupting the whole system. A computer virus may reach our system via emails, texts, program executable files, internet downloads, and social media scam files. Viruses may also hide disguised as funny images, greeting cards, or audio and video files. For a virus to attack, an infected code or program needs to be executed. Once executed, the virus code starts replicating its self and attacks other system’s files, or in the case of multiple connected computers, it attacks another computer on the same network. A virus may steal your spam file, steal important data, and get personal information such as pictures, videos, and audios.
Viruses may be created with motives such as seeking profit (e.g., ransomware), personal amusement, demonstrating that a vulnerability exists in software, or simply because they wish to explore cybersecurity issues.
It is important to take timely measures if our device is attacked to minimize the impact and save important data. But the question is, how do we determine if a virus has attacked our computer? A computer that has been corrupted with a virus may display the following symptoms:
- Frequent Crashes
If you have encountered a virus, your hard disk may be severely damaged. A damaged hard drive could make your device crash or freeze, and there would not be any chance of coming back on.
- Pop-up windows
Often when you are browsing, you may get these pop-ups which would make you tempted to visit other unusual websites. However, these pop-ups may often ask you to download software programs and antivirus programs.
- Data Loss
If your computer has a virus, then y our computer may start losing data. For example, your homepage may change on its own to another website, and you cannot reset it again.
- Degraded Computer performance
Your computer may appear to be slow in processing data. You will notice a significant change in your computer’s speed, which would signal that it has incurred a virus.
- Unusual programs on the systems.
When you switch on your computer, you will notice that there are unknown programs that start on their own selves. In some cases, these programs may not be visible to you when you start your computer, but you may view them when you check the list of active applications on your computer.
- A mass email was sent to your contacts.
A hacker or criminal may take the power of controlling your email account and sending emails from your account using any virus-infected computer.
- Unusual activities such as password changes.
Though once a virus has attacked, we may need to take proper steps to eradicate it from our system. Either manual steps may achieve this, or we may use antivirus software for the removal.
Types of Computer Viruses
Viruses are classified based on where they reside. A few common examples of viruses are:
- Boot sector virus
A Boot sector virus often takes control when you are booting or starting your computer. This kind of virus can spread if you plug a USB drive that is infected into your computer.
- Browser hijacker
A browser hijacker is a virus that usually takeovers various functions of browsers. When this virus is injected into your computer, you may automatically be directed to an involuntary website, which you would not want to visit.
- Web scripting virus
A web scripting virus abuses the web pages or web browsers’ codes. If, in any case, you come in access to such a web page, your computer may be infected by the web scripting virus.
- Resident virus
Resident Virus is a common term used for any virus that introduces itself to a computer system’s memory. Whenever an operating system loads, a resident virus can implement anytime.
- Macro viruses
Such viruses are scripted in a similar macro language that is used for software applications. This kind of virus usually spread when you open an infected document. Such viruses are often found in email attachments.
- Direct Action Virus
When a file is executed and contains a virus, a Direct Action Virus infects your computer. If you do not execute that file, then this virus stays dormant.
- File infector virus
A File Infector Virus is a virus that injects malicious code into executable files. These are the files that are required to do certain operations and functions on the computer.
- Multipartite Virus
A Multipartite Virus is a virus that spreads and infects in multiple ways. Such types of viruses infect system sectors as well as program files.
- Polymorphic Virus
Every time a file that is infected is executed, a polymorphic virus alters its code. This is done so that the antivirus programs are evaded.
Another important consideration is how to protect our systems from such viruses. The following series of action may help us in defending our system from any virus:
- Using antivirus software
- Updating operating system regularly
- Avoiding questionable Websites
- Downloading software/files from trustable sites
- Avoid opening messages from unknown senders
- Immediately delete any email/media/software suspected to be spam
Which computer virus is the most complex and advance?
The most sophisticated virus to be unleased up till now is considered to be “FLAME,” also known as Flamer and Swiper. It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master. It is an information-gathering program used in targeted cyber-attacks against organizations and nation-states in the Middle East. According to the Telegraph, it is the world’s most complex computer virus, possessing a range of complex espionage capabilities, including the ability to record conversations secretly.
How to remove a computer virus?
To remove a computer virus, you can seek two approaches. One approach is the manual approach, and the other is by seeking help from a well-known antivirus program.
If you want to remove the virus manually or yourself, you may come across many variables. First, you will have to do a web search. Once you do that, you may be told to make a list of steps. However, to successfully follow the steps, you may need expertise and time.
However, a simpler approach would be to use an antivirus program to remove the computer virus. You can use any popular antivirus program such as Norton AntiVirus Basic. It could help remove a lot of infections that are present on your computer. Apart from this, Norton AntiVirus Basic can also be useful for protecting your computer and system from any future threats. If you aren’t sure about it, you can try their free 3 step virus clean-up plan, giving a picture of how it works.
Ten Most Destructive Computer Viruses
Computer viruses can turn out to be really damaging not only for your computer but for the entire country. The United States bears a loss of $109 billion in a yea because of hackers and computer viruses. Some popular viruses are known for their destructive traits, and one should always be aware of them. These are:
The first known ransomware attacks were the Crypto locker. It encrypted the files present on hard drives. To remove this virus or encryption, you had to pay a ransom at a given deadline. Law was enforced to stop this operation. However, until then, millions of dollars were already paid as ransom.
A worm that was injected into above nine million computer systems around the world was known as Conficker. This virus would block the antivirus sites’ access and would also reset any account lockout settings. It would also block access to windows updates and lock out the user accounts.
Zeus was a virus that targeted Windows computers in the year 2009. It used these computers to perform criminal acts. Phishing downloads and scams injected targets. A lot of corporations’ and famous banks’ accounts were compromised due to Zeus. Zeus robbed bank accounts details, email addresses, and social media account details. Approximately seventy million dollars were stolen, and hundred people were arrested due to Zeus.
Stuxnet was one virus that was thought to be produced by the American defense forces and Israeli defense forces for cyber warfare. This virus was used to unsettle Iran’s nuclear program. Stuxnet was spread via USB drives that were infected. About 1/5 of the nuclear centrifuges of Iran are known to be ruined by Stuxnet.
When Stuxnet infected a computer, and the computer was using Siemens software, then the computer’s speed would be altered while tearing it apart.
My Doom was one of the quickest spreading viruses, and it is known to have infected everyone in twelve emails. My Doom aimed to take down popular websites like Lycos and Google. There would be a Mail Transaction Failed attachment which users would open and get infected. My Doom was successful in almost taking down Google for a day.
Storm Trojan was a virus that infected thousands of computer systems in the year 2007. It was activated when people opened emails that had titles like 230 dead when a storm-battered Europe. As this preceded, a program known as wincom32 installed itself and passed the information to other computers that were infected. Such computers then spread the virus.
Millions of 2000 computers and Windows XP were affected by a virus known as Sasser. In the Local Security Authority Subsystem Services, this virus manipulated an abuse. This virus made machines slow down, which ultimately caused crashes and made it difficult to power down. There were many damages due to this virus which resulted in a loss of billions of dollars, causing the governments and airlines to shut down.
Code Red infected the White House website and Microsoft IIS. When this virus infected the website, it would replicate itself and take up all the computer resources. Code Red would then open up the computer to remote access. Code Red infected about every two in 6 million IIS servers.
Melissa is a virus that started infecting word documents in the year 1999. This virus was posted online as a list of passwords for adult websites. Once someone opened this virus, it would get mailed to the opener’s email contacts. Hence, the increased rate of email traffic triggered disruption to corporations and governments, which were alike.
As the name suggests, ILOVEYOU claimed to be a love confession. The virus would mail itself to the users’ mailing lists and then overwrite the files, making the computer systems unbootable. These were the most dangerous viruses ever created and have damaged about $10 billion computers.
Difference Between Viruses and Worms?
One of the major differences between a worm and a virus is that the host’s activation causes viruses. In contrast, a worm is a separate malicious program that replicates itself and spreads independently when they infect a system. Like viruses, worms do not need activation or any intervention from humans to spread or execute their code.
On the other hand, viruses are concealed or attached in downloaded or shared files, both non-executable and executable files. An executable file is a program that can run a script, whereas a non-executable file is an image file or a word document.
A virus stays dormant as long as the infected host file remains active once the file is loaded or accepted by the virus. The virus can only be run if the host file is activated. The virus then executes a malicious and replicated code so that it can infect the other files present on the system.
On the other hand, worms do not need the host file’s activation. As soon as a worm has entered your computer, it starts running, replicating, and spreading without causing any event. A worm can use a downloaded file or network connection to enter. There are multiple copies of a worm which later spread across the entire internet connection or network. The worm would then infect any servers and computers connected to this network or connection. Every copy of the worm reprises the same replication process, spreading and executing, and thus the infections keep spreading across the internet and computer networks.