1

2

A computer virus is a computer program that can replicate itself and spread from one computer to another. The term "virus" is also commonly, but erroneously, used to refer to other types of malware, including but not limited to adware and spyware programs that do not have a reproductive ability.

Malware includes computer viruses, computer worms, ransomware, trojan horses, keyloggers, most rootkits, spyware, dishonest adware, malicious BHOs and other malicious software. The majority of active malware threats are usually trojans or worms rather than viruses.

3

4

In order to replicate itself, a virus must be permitted to execute code and write to memory. For this reason, many viruses attach themselves to executable files that may be part of legitimate programs (see code injection). If a user attempts to launch an infected program, the virus' code may be executed simultaneously. Viruses can be divided into two types based on their behavior when they are executed. Nonresident viruses immediately search for other hosts that can be infected, infect those targets, and finally transfer control to the application program they infected. Resident viruses do not search for hosts when they are started. Instead, a resident virus loads itself into memory on execution and transfers control to the host program. The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system itself.

Nonresident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file.

5

6

Resident viruses contain a replication module that is similar to the one that is employed by nonresident viruses. This module, however, is not called by a finder module. The virus loads the replication module into memory when it is executed instead and ensures that this module is executed each time the operating system is called to perform a certain operation. The replication module can be called, for example, each time the operating system executes a file. In this case the virus infects every suitable program that is executed on the computer.

7

8

Not all computer viruses behave, replicate, or infect the same way. There are several different categories of viruses and malware. Below I list and discuss some of the most common types of computer viruses.

A trojan horse program has the appearance of having a useful and desired function. While it may advertise its activity after launching, this information is not apparent to the user beforehand. Secretly the program performs other, undesired functions.

9

A worm is a program that makes and facilitates the distribution of copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or by clicking on an infected e-mail.

10

A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup. These are normally spread by floppy disks.

11

Macro viruses are viruses that use another application's macro programming language to

distribute themselves. They infect documents such as MS Word or MS Excel and are typically

spread to other similar documents.

12

Memory Resident Viruses reside in a computers volitale memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after it's initiating program closes.

13

A rootkit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term rootkit comes from the linux administrator root user. These viruses are usually installed by trojans and are normally disguised as operating system files.

14

A polymorphic virus not only replicates itself by creating multiple files of itself, but it also changes it's digital signature every time it replicates. This makes it difficult for less sophisticated antivirus software to detect.

15

These are viruses which are programmed to initiate at a specific date or when a specific event occurs. Some examples are a virus which deletes your photos on Halloween, or a virus which deletes a database table if a certain employee gets fired.

16

Appeared at the starting of the year on 27th January 2003 and very quickly it got the highest rank in the list of most dangerous worms of that year because it was the first fileless worm. SQL Slammer was able to spread by taking advantage of the vulnerability found in the SQL Servers. Year 2003 has been one of the Most Destructive year in tech world as it got more than one more dangerous Virus, at the end of the year on 12 August call Blaster, According to Estimate it caused Damaged worth 10 billion dollars and on August 19 worm name Sobig worm has been detected which caused damage of 7 billion dollars and infected over 1 million PCs.

17

First seen on 26th January 2004 and it caused Damage of $38 Billions. MyDoom is still the current record holder for the fastest-spreading mass mailer worm.

Mydoom is primarily spread via e-mail attachments, it comes in email with subject lines including “Error”, “Mail Delivery System”, “Test” or “Mail Transaction Failed” in different languages, including English and French. The mail contains an attachment that, if executed, resends the worm to e-mail addresses found in local files such as a user’s address book.

18

A very similar virus as Beast Trojan Horse (2002) but with improved functionality detected first in middle of 2005. Bandook Rat abbreviation for “Bandook Remote Administration Tool” is a backdoor trojan horse that infects Windows NT, 2000, XP, 2003, Vista, Windows 7 Also, Yes that means new variants of this virus is still being released by different authors and hence making it the most destructive virus till date.

19

Blackworm worm was first virus of 3 found on 20 January, 2006. The worm spreads in e-mails using an external SMTP engine. It sends itself with different subjects, body text and attachment names. The worm also copies itself multiple times to an infected hard drive with similar name as windows files in order to be hidden. Blackworm is designed to corrupt data on infected computers on every 3rd day of each month, in respect to The Day the Music Died. After corrupting the data of the computer it visits a webpage with tracking code, so it can be counted how many Systems has been infected, and over 300,000 unique IPs visited that site.

20