Virus colorful close-up look

Computer viruses are similar to real-world viruses in many ways, they attack by infecting the host, spread to other targets through contact, and relies on the host resources for survival. We have invented many powerful techniques to protect us from virus attacks commonly known as vaccines and antidotes.

However, unlike the real-world virus, computer viruses are not an organically living entity. They do not fade away with seasonal changes or die on their own, instead, they are nearly immortal.

The immortal aspect of computer virus is extremely dangerous as they can actively attack the host 24/7 without sleep or rest, forever. The purpose of its existence is designed to perform malicious activities that are geared toward harm such as gain of control, identity thief, and system termination.

History of Computer Virus

A computer virus has been around since the invention of the computer. The first virus named "Creeper" was developed in 1971 by a BBN employee as a proof of concept showing a program can copy itself between OS. Next coming was the original wild virus "Elk Cloner" found in 1982 infecting macOS through game installed by floppy disk.

The name and definition "Computer Virus" was given in 1983 by Fred Cohen quoted "Virus is a program that can 'infect' other programs by modifying them to include a possibly evolved copy of itself."

Virus Infection Methods

There are a variety of virus infection methods discovered over the years. One of the most common ways virus spreads out to wide areas is through email. Malicious emails are often delivered with an infected file attachment, link to an unauthorized website or contaminated advertisement specifically made for injecting a virus into your system.

Chain infection also occurs quite often based on the system setup, where virus attempts to spread by attacking available devices that are connected through USB cable and shared network. This is why the business environment should be extremely aware of virus infection; if one computer gets infected there is a high chance that the entire workstation is under infection attacks.

Types of Computer Virus

Macro Virus

Written in a macro language compatible with document files such as Microsoft Excel and Word. Most likely the most common type of virus based on the number of incidents reported over the years. A sequence of the program gets triggered to infect the host computer when opening the file, often sent to business staffs as an email attachment. Some also equip feature that sends itself to other devices, within house or office, over the network by analyzing the local contact list.

Boot Sector Virus

Infects the core of the storage system known as the boot sector which triggers the virus injection during startup. One of the hardest type of viruses to remove otherwise require a full format.

File Infector Virus

Type of virus attaches itself to file and infects other files. Infected files are usually delivered by email or download from an unauthorized source. Both direct action viruses and resident viruses are categorized under file infector type.

Direct Action Virus

Type of file infector virus that often comes in .exe or .com extension file and spreads by execution. Restricts access permission of affected files by modifying the part of the file path or file itself. Often hides activities within the computer memory, yet removal can be done fairly easily using antivirus software.

Resident Virus

Another type of file infector virus with unique characteristics of self trigger infection, which makes this virus more dangerous and hard to terminate. The term "resident" comes from its persistent behavior where infection may continue even after the source of the virus is removed. Lives in computer memory similar to Direct Action virus but often much difficult to tackle.

Multipartite Virus

A highly tactical virus is known for using different infection methods based on environment, operation system, and analyzed security holes. Increases infection rates by targeting both sectors and files, which makes the removal task much more challenging.

Polymorphic Virus

Holds a self-modifying defense mechanism to avoid getting referenced by the antivirus blacklist after being detected. The shapeshifting characteristics introduce complexity in virus detection and removal strategy requires constant antivirus update for counter measurement.

Browser Hijacker

Literally hijacks the browser by changing the startup page and/or opening multiple popup windows when the user browses the internet. This type of virus intends to gain profit through the victim's advertisement clicks, therefore frustration may build from using the invaded browser but there is less chance the attack causes critical damages to the system. Most modern browsers are patched with a hijack block feature.

Overwrite Virus

Destroys the system by overwriting hardware data, which distorts files, folders, and applications. Even the virus source is removed, the infected data may become irrecoverable due to the in-depth damage on the hard drive level. Always keep a backup of your important data in case of overwrite attacks.

Web Scripting Virus

Injects a small piece of a program called script into your web browser through known security holes, causing various harm such as monitoring user's browser activities and stealing account information. The threat level of this virus depends on the type of user's online activity which can be anywhere from social activity tracing to financial access exposure. Many antivirus software is aware of scripting attacks and able to prevent script injections by monitoring unauthorized events.

How to Prevent Computer Virus Infection

1. Install Antivirus Software

There are countless ways for computer viruses to infect a device, from an email attachment, malicious web advertisement, connected storage device, or even a case of direct hacking attacks. Most effective comprehensive protection is achieved through antivirus software which enables 24/7 continuous defense against attacks from any directions or tactics.

2. Update Antivirus with Latest Security Patches

Viruses are constantly evolving and so as antivirus software are. However, without keeping the antivirus software updated with the latest security patches, there is a higher chance the virus takes the lead to infect your device. Security patches get released by the product vendor when a new virus solution was discovered or to improve feature efficiency. Be aware that some free antivirus software does not apply the updates on its own, which is another reason to choose an antivirus software that comes with a security subscription feature.

3. Set your Antivirus to Scan Regularly

Even when the virus finds a way to invade a device, the infection can be minimized or prevented by performing the terminating in an early stage. Scheduling the antivirus scan to automatically run regularly is the best way to ensure your system is kept pristine. To isolate the performance drain caused by antivirus scans from user's computer usage, scans are commonly scheduled at night or weekends. Keep in mind that a scan will not perform if the computer is shut down or in sleep, so make sure to keep the computer running according to the schedule.

4. Keep OS Version Updated with the Latest Release

The battle of vulnerability discovery and security development between hackers and OS vendors has been constantly happening. Computer users should always apply the latest OS updates to remain protected against newly created threats seeking for OS security hole. Windows and macOS provide automatic OS update features so make sure to turn them on.

5. Backup Files to Safe Isolated Storage

A virus designed to infect data comes in multiple flavors, access restriction, permanent removal, hard drive distortion, and wort case full format. Maintaining a backup of your data is the most effective way to recover from virus infections. A backup must be stored in an isolated safe environment where virus infection will not reach. An ideal solution is to automate the backup using a scheduler targeting a protected hard disk or cloud storage destination, which some antivirus software supports as a service.

6. Scan Email Attachments

Emails have been delivering countless amounts and types of viruses over the years. Although almost any modern email application has an integrated malware protection feature, email receivers should always be aware of opening suspicious emails. Because the virus itself can also send infected emails based on the host computer's contact list, an email from a familiar person, family or co-worker, can sometimes cause harm. A good practice is to always run an antivirus scan against email, especially when a file is attached.

7. Validate Malicious Weblinks Before Clicking

Malicious web links are usually found within messages, friendly or alerting, that are well structured toward insisting users open the linked page. Always validate weblinks before clicking because some attacks occur as soon as the page gets loaded. The best solution is to let an antivirus monitor any URL links, but there are other handy techniques to validate weblinks. One way is to keep an eye on the URL prefix to make sure it starts with "https" to ensure Secure Socket Layer (SSL) is used. Another common way is to use a link checker service available online.

How to Remove Virus After Infection

Virus removal is a challenging task especially with the increasing number of new types of malware and advanced tactics discovered in recent years. An individual performing a clean termination on their own is nearly impossible without proper tools and a profound understanding of technology, which leads to one solution, an antivirus.

Think antivirus software as a concentrated entity filled with techniques and technologies dedicated by countless virus specialists through decades of lab experiments. Antivirus can perform millions of file scans with optimum resource usage while comparing each and all file information against the collection of known viruses metadata stored in the database. Antivirus vendors' are constantly collecting new virus data from every online source to research effective solutions that get delivered to our computer.

An ultimate method to remove any type of viruses from any kind of device is by performing factory reset recovery or hard drive format. This solution requires extra caution because any data stored within the computer will most likely be wiped out and cannot be recovered. Make sure all necessary data are safely backed up from the state before the infection, otherwise restoring the infected data to a clean OS can cause additional virus infection.

References