Contributor : Indah Normalita Sari

Definition Of Computer Virus

A computer virus is malicious code that replicates by copying itself to another program, computer boot sector or document and changes how a computer works. The virus requires someone to knowingly or unknowingly spread the infection without the knowledge or permission of a user or system administrator. In contrast, a computer worm is stand-alone programming that does not need to copy itself to a host program or require human interaction to spread. Viruses and worms may also be referred to as malware.A virus can be spread by opening an email attachment, clicking on an executable file, visiting an infected website or viewing an infected website advertisement. It can also be spread through infected removable storage devices, such USB drives. Once a virus has infected the host, it can infect other system software or resources, modify or disable core functions or applications, as well as copy, delete or encrypt data. Some viruses begin replicating as soon as they infect the host, while other viruses will lie dormant until a specific trigger causes malicious code to be executed by the device or system.Many viruses also include evasion or obfuscation capabilities that are designed to bypass modern antivirus and antimalware software and other security defenses. The rise of polymorphic malware development, which can dynamically change its code as it spreads, has also made viruses more difficult to detect and identify. 

Type Of Viruses

  1. File infectors, some file infector viruses attach themselves to program files, usually selected .com or .exe files. Some can infect any program for which execution is requested, including .sys, .ovl, .prg, and .mnu files. When the program is loaded, the virus is loaded as well. Other file infector viruses arrive as wholly contained programs or scripts sent as an attachment to an email note.
  2. Macro viruses, these viruses specifically target macro language commands in applications like Microsoft Word and other programs. In Word, macros are saved sequences for commands or keystrokes that are embedded in the documents. Macro viruses can add their malicious code to the legitimate macro sequences in a Word file. Microsoft disabled macros by default in more recent versions of Word; as a result, hackers have used social engineering schemes to convince targeted users to enable macros and launch the virus. As macro viruses have seen a resurgence in recent years, Microsoft added a new feature in Office 2016 that allows security managers to selectively enable macro use for trusted workflows only, as well as block macros across an organization.
  3. Overwrite Issues some viruses are designed specifically to destroy a file or application's data. After infecting a system, an overwrite virus begins overwriting files with its own code. These viruses can target specific files or applications or systematically overwrite all files on an infected device. An overwrite virus can install new code in files and applications that programs them to spread the virus to additional files, applications and systems.
  4. Polymorphic viruses, a polymorphic virus is a type of malware that has the ability to change or mutate its underlying code without changing its basic functions or features. This process helps a virus evade detection from many antimalware and threat detection products that rely on identifying signatures of malware; once a polymorphic virus' signature is identified by a security product, the virus can then alter itself so that it will no longer be detected using that signature.
  5. Resident viruses, this type of virus embeds itself in the memory of a system. The original virus program isn't needed to infect new files or applications; even if the original virus is deleted, the version stored in memory can be activated when the operating system loads a specific application or function. Resident viruses are problematic because they can evade antivirus and antimalware software by hiding in the system's RAM.
  6. Rootkit , a rootkit virus is a type of malware that installs an unauthorized rootkit on an infected system, giving attackers full control of the system with the ability to fundamentally modify or disable functions and programs. Rootkit viruses were designed to bypass antivirus software, which typically scanned only applications and files. More recent versions of major antivirus and antimalware programs include rootkit scanning to identify and mitigate these types of viruses.
  7. System or boot-record infectors, these viruses infect executable code found in certain system areas on a disk. They attach to the DOS bootsector on diskettes and USB thumb drives or the Master Boot Record on hard disks. In a typical attack scenario, the victim receives storage device that contains a boot disk virus. When the victim's operating system is running, files on the external storage device can infect the system; rebooting the system will trigger the boot disk virus. An infected storage device connected to a computer can modify or even replace the existing boot code on the infected system so that when the system is booted next, the virus will be loaded and run immediately as part of the master boot record. Boot viruses are less common now as today's devices rely less on physical storage media.

How to prevent computer viruses

  •  Install current antivirus and antispyware software and keep it up to date.
  •  Run daily scans of antivirus software.
  •  Disable autorun to prevent viruses from propagating to any media connected to the     system.
  •  Regularly patch the operating system and applications installed on the computer.
  •  Don’t click on web links sent via email.
  •  Don’t download files from the Internet or email.
  •  Install a hardware-based firewall.

Signs you may be infected with a computer virus

     ·     The computer experiences frequent crashes, or shutdown and error messages.
     ·     The computer behaves erratically, such as not responding to clicks or opening files               on its own.
     ·     The computer’s hard drive is acting strangely; for example, constantly spinning or                 making continual noise.
     ·     Email is corrupted.
     ·     The amount of storage on the computer is reduced.
Files and other data on the computer have gone missing.

How to remove a computer virus

     Step 1: Enter Safe Mode. The process for doing so will depend on the version of                                Windows you’re running.
     Step 2: Delete temporary files. While in Safe Mode, use the Disk Cleanup tool to delete                      Temporary Files.     

     Step 3: Download an on-demand and a real-time virus scanner.    

     Step 4: Run the on-demand scanner followed by the real-time scanner.     

     Step 5: Reinstall any files or programs damaged by the virus.

History of computer viruses

The first known computer virus was developed in 1971 by Robert Thomas, an engineer at BBN Technologies. Known as the "Creeper" virus, Thomas' experimental program infected mainframes on ARPANET, displaying the teletype message, "I'm the creeper: Catch me if you can."The first computer virus to be discovered in the wild was "Elk Cloner," which infected Apple II operating systems through floppy disks and displayed a humorous message on infected computers. Elk Cloner, which was developed by 15-year-old Richard Skrenta in 1982, was designed as a prank but it demonstrated how a potentially malicious program could be installed in an Apple computer's memory and prevent users from removing the program.The term "computer virus" wasn't used until a year later. Fred Cohen, a graduate student at the University of California, wrote an academic paper titled "Computer Viruses -- Theory and Experiments" and credited his academic advisor and RSA Security co-founder Leonard Adleman with coining the phrase "computer virus" in 1983.

Popular posts

Sistem informasi global dan penerapannya oleh perusahaan multinasional

Analisis sensitivitas

Ergonomi dan kaitannya dengan dunia kerja