Computer Viruses: The Nasty Truth

By: George Royal

The term, "virus", in computer technology, refers to a self
replicating application that spreads by making copies of itself
by inserting into other programs, other executables or
documents, and when executed begins to perform harmful actions
on the system. All computer viruses are deliberately created,
not always malicious and some of them may be benign and simply
annoying.

Non-Memory Resident and Memory Resident Viruses:

Non-Memory resident viruses, when they are executed, immediately
look for other hosts that can be infected. When they infect
these targets, they transfer control to the application program
they infected. A non-resident virus has a finder module and a
replication module. The finder module, once it finds a new file
to infect, calls upon the replication module to infect that file.

Memory-Resident virus stays in the memory and do not look for
hosts to infect when they are executed. It stays active in the
background after its host program is terminated, and infects
files as soon as they are opened or accessed by other programs
or the operating system. It does have the replication module
like the non-memory resident virus, but without the finder
module.

Types of Computer Viruses:

File Viruses: These types of viruses are the most common, and
mostly infect open files and program libraries on an operating
system. The virus functions by inserting itself into a host
file, modifies it in such a way that the virus is executed when
the file is opened. They are also known as left viruses. Today,
there are known viruses infecting all kinds of executables of
standard DOS: batch command files (BAT), loadable drivers (SYS,
including special purpose files IO.SYS and MS- DOS.SYS) and
binary executables (EXE, COM). There are also viruses targeting
executables of other operating systems - Windows 3.x,
Windows95/NT, OS/2, Macintosh, Unix, including the VxD drivers
of Windows 3.x and Windows95.

Macro viruses: Macros are used in most word processing programs
such as Microsoft Office in order to automate or simplify
recurring tasks in documents. Macro viruses are those viruses
that use the application's own macro programming language to
distribute themselves, in which an unwanted sequence of actions
is performed automatically when the application is started or
something else triggers it. These macro viruses may inflict
damage to the document or to other computer software but are
relatively harmless, and are often spread as an e-mail virus.

Boot Viruses: These were one of the most common viruses
prevalent during the early and mid 1990s, when the use of
diskettes was popular. These viruses infect or substitute their
own code for either the DOS boot sector or the Master Boot
Record (MBR), which controls the boot sequence of the PC. The
MBR is executed every time a computer is booted so the virus
will also be loaded into memory on every startup and spreads to
every disk that the system reads. They are typically very
difficult to remove, and most antivirus programs cannot clean
the MBR while Windows is running. So, bootable antivirus disks
are needed to fix boot sector viruses.

Script viruses: They are a division of file viruses, written in
a variety of script languages such as VBS, JavaScript, BAT, PHP,
HTML etc. They can form a part of multi-component viruses or
infect other scripts such as Windows or Linux command and
service files. If the file format, such as HTML, allows the
execution of scripts, they can infect it.

About the author:
Antivirus HQ: your online resource to help protect your PC from
viruses and spyware.