Virus Attributes And Their Behaviors

Various types of viruses & their behaviors:

Generally the computer viruses are just like real-life biological viruses. We know that the biological viruses reproduces rapidly and its main motto is to spread in man to man. In the same way the computer viruses work, they tend to go around from PC to PC and sometimes after some months or years they return to infect again the same PC like biological viruses. The viruses spread just like circulating processes. However the computer viruses has some difference from the biological viruses. The computer viruses are man-made and easily to get something unwanted.

Read also: Some important Tips to save your Computer from Keylogger

On the other hand the biological viruses are basically natural and have some symptoms as a side-effect. However both are uncomfortable for people and computer user.

The major viruses are three types. They are very difference from each other.Obviously there are many subcategories each and every group .

Boot sector virus:

Before discussions about boot sector virus we have to know what is boot sector? It is a part of hard disk or floppy disk which contains code for booting programs which stores other parts of the disk.It maintains the information which identifies the version and type of the operating system.

The boot sector viruses may be called boot viruses or system viruses. Boot virus programs attack the boot programs of bootable floppy disk or hard disk. This virus is spread through infected floppy disk in most cases. It happens when user unintentionally leave a infected floppy disk in floppy drive (A:). When the system is next turned on then the PC will boot from that floppy. If this floppy is infected with boot sector virus then the virus will attack the boot sector of the user’s local drive (C:) and the user will get a ‘disk error’ message.

File infectious virus:

This virus is attack to the program files mainly .EXE and .COM files. When this types of files are run then      the virus executes and do some unintentional work. It loads itself to the memory and attacks to the other program files. This type of virus spread via effected floppy disks, networks,and through the internet.

Macro virus :

This is another type of inflection written in macro language (Microsoft Word, Microsoft Excel programs). Macro programs is a series of commands and executions of the automated specific tasks.Basically the regular viruses are low-level machine language programs and the macro virus are high-level interpreted BSSIC programs. Now the common type of macro virus infects is Microsoft Word documents. The macro virus spread through email, floppy disk, network sharing etc.

Now a days some viruses infect both boot sector and files. Basically the virus is a program. When it be executed then it effects the PC some how. The viruses can’t exist in data file. One thing is to remember that virus can’t do anything whatever you run it. So unless you run it you can’t predict that contain any virus.
Some types of viruses attack the BIOS program on the motherboard. This type of virus overwrite the BIOS program and the PC turns into un-bootable stage.

How does this virus work:

when the infected program file is run,the virus is activated. In Microsoft Word the virus is activated when you open the Microsoft Word document for reading. In case if the “normal.dot” document is infected then the virus is activated when you open the Microsoft word.

The virus can be activated in the two ways: Direct-action virus attacked immediately whenever you run the program and infect the other program. Some file infectious virus are direct-action. On the other hand memory-resident don’t attack immediately, at first it load into the memory and wait for triggering. All boot sector viruses are memory-resident. Virus always search unaffected file which they can effect. In this way they spread to all possible files.

Now the virus are very dangerous and more critical to detect and remove from the PC using anti-virus.

The tricks used by the virus creators :

Polymorphing: With using this tricks the virus can change their appearance and size. So the detection process is much harder.

Stealth: With using this technique the virus hides the changes and misguide the antivirus to detect.

Dis-assembly protection: The newer virus are programmed so cleverly that can not be disassemble easily.

Directory Viruses: Some viruses now seek to avoid detection by avoiding modifying the file they infect directly. Instead, they change the cluster pointer in the directory entry of the file to point to the virus instead of the actual program. The virus runs its code and then executes the target program after-wards. The virus is thus able to infect the program without actually modifying it.

This post will be continued. If you have any suggestions then feel free to contact with us.Your Suggestions  are so essential.