A virus is hostile software that replicates its own code inside unrelated files, especially executable or .exe files. In casual parlance, although the term ‘virus’ is also used to refer to trojans, browser hijackers and other types of PC threats, this usage is inaccurate in a technical sense unless the PC threat in question also utilizes file-infecting techniques. In fact, some viruses lack any ability other than reproduction via spreading their code to other files. Viruses were some of the earliest PC threats to be developed, and, as such, have gotten a significant amount of attention from news media.
Viruses don’t have a single type of payload or set of attacks that define them, although our malware researchers have found that many viruses are designed to cause security vulnerabilities. Many of the earliest viruses that were observed were designed to include destructive payloads that damaged files or even the operating system. However, modern viruses, like other types of malicious software, trend towards attacks that generate illegal profit while minimizing system damage that could cause the infection to be noticed.
Although viruses are capable of infecting huge amounts of files over a computer and other accessible resources (such as USB drives), virus infection tactics should be distinguished from other types of code injection attacks. Many types of PC threats, especially spyware, will load their code into the memory processes of other programs during system startup. This differs from virus-based propagation in that the virus’s addition is permanent whereas startup code injection is temporary. Usually, our malware researchers have also found that the latter attack will restrict itself to targeting operating system or web browser processes, while viruses tend to be indiscriminate in their targets.
Common Symptoms of Virus Attacks
Viruses can be detected indirectly by a permanent increase in file size for infected files, although this change may be very small (a matter of kilobytes or even bytes). Typically, using anti-malware programs to detect a virus is the most practical solution. Our malware experts emphasize the fact that virus attacks often fail to exhibit visible symptoms or create system changes that would be detectable without a tediously thorough inspection of the infected PC.
The triggering mechanism for a virus can be roughly categorized into ‘subtle’ and ‘unsubtle’ variants. Unsubtle viruses will strive to infect as many files as they can access once the initially-infected file is launched on a new computer, although this makes it easy for anti-malware programs to detect them. Subtle viruses will sacrifice quantity for safety and may only infect files as they’re accessed by the PC user, the operating system or an application. While the latter type of virus is less prolific than the former, our malware researchers note that it poses a special danger during anti-virus scans. Anti-virus software that scans a PC without detecting and eradicating the relevant virus may grant the virus access to all files that it scans – in essence, practically everything on your computer.
Although .exe files are a favored target of viruses, some types of viruses exist that target other file types. Of these viruses, the most notable is the macro virus, which exploits Microsoft Office vulnerabilities to infect spreadsheets, text documents and similar types of ‘harmless’ files.
The Consequences of a Virus Infection
While some viruses limit their attacks to reproduction, the majority of viruses are designed to take additional actions. Many viruses, particularly old variants, may deliberately delete or mutilate files on your computer. Viruses may also be used for a wide range of other attacks, such as modifying your web browser’s settings to redirect you to malicious sites or disabling security-related features. A virus may act alone or be a single part of a multiple-threat attack against your computer. Our malware analysts have found that advanced families of rootkits and rogue security products are especially guilty of using virus-based components for browser redirect attacks and other purposes.
Poorly-written viruses may also damage the files that they infect permanently, which causes the files in question to be worthless unless they can be restored from a backup. Thankfully, most viruses are coded well enough to avoid such obvious symptoms, and anti-malware programs can delete virus-related code without damaging the files that the code is using as a hiding place.