1.

1 Introduction
A computer virus is a malicious software program that is designed to
replicate itself and spread to other computers. It can cause damage to data,
software, and hardware, and can be used to steal confidential information
and spread malicious messages.

Computer viruses come in many different forms, and they can have
different effects on a system. Some of the most common types of
computer viruses are boot sector viruses, file infectors, macro viruses, and
worms.

The primary advantage of using computer anti-virus software is that it can

help protect your computer from malicious software, viruses, and other
threats.

One of the main disadvantages of computer anti-virus software is that it

can be expensive. The cost of the software can be a barrier for some
people who cannot afford it.

To prevent computer viruses, it is important to install and use antivirus

software, which can detect and remove malicious software before it can
cause damage to your system. It is also important to be aware of phishing
scams and other malicious emails, which can be used to spread viruses.
Computer anti-virus software is designed to protect your computer from
malicious software, viruses, and other threats.

Computer viruses can have a devastating impact on individuals and

businesses alike.Viruses can cause systems to become slow and
unreliable.

1.2 What is a Computer Virus?

A computer virus is a malicious software program that is designed to
replicate itself and spread to other computers. It can cause damage to data,
software, and hardware, and can be used to steal confidential information
and spread malicious messages.

1
 Computer viruses are usually spread through email attachments,
downloads, or by visiting infected websites. They can also be spread
through removable storage media such as USB drives or disks, which is
why it is important to be careful when downloading files from unknown
sources.

Computer virus also define as a type of computer program that when

executed, replicates itself by modifying other computer programs and
inserting its own code into those programs. If this replication succeeds,
the affected areas are then said to be “infected” with a computer virus, a
metaphor derived from biological viruses.

1.3 Types of Computer Viruses

Computer viruses come in many different forms, such as boot sector
viruses, file infectors, macro viruses, and more.

Boot sector viruses infect the master boot record of a computer, while file
infectors infect executable files. Macro viruses, on the other hand, are
written in macro languages and can infect documents and spreadsheets.

Some types of computer viruses are:

I. File-infecting Virus: A virus that attached itself to an executable

program. It is also called a parasitic virus which typically infects
files with .exe or .com extensions. Some file infectors can overwrite
host files and others can damage your hard drive’s formatting.
II. Macro Virus: This type of virus is commonly found in programs
such as Microsoft Word or Excel. These viruses are usually stored
as part of a document and can spread when the files are transmitted
to other computers, often through email attachments.
III. Browser Hijacker: This virus targets and alters your browser
setting. It is often called a browser redirect virus because it redirects
your browser to other malicious websites that you don’t have any
intention of visiting. This virus can pose other threats such as
changing the default home page of your browser.
IV. Web Scripting Virus: A very sneaky virus that targets popular
websites. What this virus does is overwrite code on a website and
2
 insert links that can install malicious software on your device. Web
scripting viruses can steal your cookies and use the information to
post on your behalf on the infected website.
V. Boot Sector Virus: These viruses are once common back when
computers are booted from floppy disks. Today, these viruses are
found distributed in forms of physical media such as external hard
drives or USB. If the computer is infected with a boot sector virus,
it automatically loads into the memory enabling control of your
computer.
VI. Polymorphic Virus: This virus has the capability to evade anti-
virus programs since it can change codes every time an infected file
is performed.
VII. Resident Virus: A resident virus stores itself on your computer’s
memory which allows it to infect files on your computer. This virus
can interfere with your operating system leading to file and program
corruption.
VIII. Multipartite Virus: A type of virus that is very infectious and can
easily spread on your computer system. It can infect multiple parts
of a system including memory, files, and boot sector which makes
it difficult to contain.

1.4 15 Worst Computer Viruses

Computer virus is like cancer for computers. Different viruses cause
different damages, some of them force you to delete your precious data,
while some change the data without letting you know, hang the network
and even destroy the hardware.

1.4.1 My Doom
MyDoom became the fastest spreading email worm in January 2004. It
could create a backdoor in the computer operating system letting
unauthorized users access your system. It could also spoof emails so that
it becomes very difficult to track the source.

Like other viruses, MyDoom searches for email contact in the address
book, plus it also sends the request to all search engines and uses email
addresses found in search engines. In 2004, the most popular search
3
engine, Google starts receiving millions of search requests from corrupted
systems which slowed down the search engine service and even caused
some servers to crash. According to the MessageLabs, at that time, every
12th email carried this virus.

The worm was created by a Russian programmer, however, the actual

author is still unknown. It contains a text message “andy; I’m just doing
my job, nothing personal, sorry,”. In fact, on 27th January 2004, SCO
group offered $250,000 reward for giving information about the worm’s
creator. It estimated damage costs (till now) is $38 Billion.

1.4.2 Sobig
Sobig was a Trojan horse that infected millions of internet-connected
Microsoft Windows computers in August 2003. It had a total of 6 variants
named Sobig.A, B, C, D, E and F. The last one i.e. Sobig.F was the most
widespread worm among all variants.

The recipients get this virus through email with a sender

address [email protected], usually with subjects like Re: Movie, Re: Sample,
Re: documents, Re: my details, Thank you, etc.

4
All these emails consist of attachment files of extension .pif. After
downloading, it copies itself to the Windows folder as Winmgm32.exe
which allows your operating system to be used as a backdoor for
spammers.

The creator of the worm is unknown. Also, Microsoft announced that they
will pay $250,000 for information leading to capture the worm’s creator.
It estimated damage costs (till now) is $37 Billion.

1.4.3 Klez

Klez is a computer worm which first appeared in October 2001. It travels

through email and infects Microsoft Windows computer, exploiting the
vulnerability in IE Trident layout engine. It can even disable the antivirus
program and impersonate as a virus removal tool.

Just like other viruses, it makes copies of itself and distributes it to your
contacts. It can also modify the sender’s field, which is known as spoofing

5
where the email appears to come from an authorized source, but in reality,
it is coming from an anonymous sender.

It can infect the computer just by previewing the infected mail i.e. without
even downloading or executing the attachment. It has 3 variants; Klez.D,
Klez.E, Klez.H. The virus is not completely dead yet, that’s why it is
highly recommended to be careful what you are downloading from the
internet and not to use old browser version and expired antivirus software.
It estimated damage costs (till now) is $19 Billion.

1.4.4 ILOVEYOU

Back in 2000, millions of people made a huge mistake by opening a cute

and innocent looking mail “I Love You”. Yeah, I know any desperate
human would like to open it. However, it was not just a simple email, it
was a threat in the form of a worm. It could replicate itself and steal your
password and send it to hacker’s email address. Within 10 days, more than
50 million infections had been reported.

Initially, it traveled through email just like Melissa. The ILOVEYOU

worm was packed with LOVE-LETTER-FOR-YOU.TXT.vbs, a Visual
basic script. It copied itself numerous times and hid the copies in different
folders present in hard drive. It added a new file in registry keys,

6
overwrote image files and send the copies to all email address specified
in Windows address book.

The ILOVEYOU worm was created by a college dropout, Onel de

Guzman in the Philippines. He was not charged because of lack of
evidence and at that time, there were no hard laws regarding malware.
This whole activity led the enhancement in eCommerce and computer
malware related laws. It estimated costs is $15 Billion.

1.4.5 Conficker
Also known as Kido, Downup, and Downadup, Conficker is a computer
worm first appeared on November 2008. It targeted Microsoft Windows
bug while forming a botnet. Conficker was using many advanced malware
techniques which is why it was difficult to track and destroy these
programs. It changed its propagation and updated methods from version
to version.

There are a total of 5 variants i.e Conficker A, B, C, D, and E which

exploit a vulnerability in server service on Windows systems. The
infected computer sends special RPC request to force buffer overflow and
execute shellcode on the target system. It also runs an HTTP server on a
port ranging from 1024 to 10000, to download a copy of the virus in DLL
format which then later attaches to svchost.exe.

Conficker infected millions of Government, business, organization and

home computers as well as servers in over 200 countries. Till 2009, 15
million systems got affected. It estimated damage costs is $9 Billion.

1.4.6/7 Code Red/ Code Red II

Code Red was the computer worm appeared on 15th July 2001. Just after
2 weeks, Code Red II appeared on the Internet.

Both were discovered by two eEye Digital Security employees Ryan

Permeh and Marc Maiffret. At the time of discovery, both employees were
drinking Code Red Mountain Dew, hence they named it Code Red.

7
This worm exploited the vulnerability of Windows 2000 and Windows
NT system. It was a buffer overflow problem i.e. when the operating
system gets more data than its buffers can handle, it simply starts
overwriting adjacent memory. All computers affected by Code Red tried
to contact White House web servers at the same time, overloading the
servers. As a result, it successfully brought down the
Whitehouse.gov along with other government agencies websites.

Moreover, the systems affected by Code Red II were no longer obeying

the owners because the worm created a backdoor in the operating system.
It was allowing the remote access from an unauthorized user, which is a
complete System Level Compromise. Unauthorized users could
access/edit/change all your files and could do illegal activities on your
behalf.

A few weeks later, Microsoft released software set to fill the voids present
in Windows 2000 and NT. However, they were unable to remove the virus
from infected systems. Affected users (more than 2 million) had to format
the hard drive and start fresh. It estimate damage is $2.7 Billion.

1.4.8 Melissa
In 1999, a man named David L. Smith developed a virus called Melissa
for Windows platform based on Microsoft Word macro. The program
8
automatically spreads itself through an email attachment. Once the
attachment (named list.doc) is open in MS Word or Outlook, it resends
itself to first 50 contacts present in address book along with the message
“Here is the document you asked for.. don’t show it to anyone else”.

It didn’t destroy any personal files or data present in hard drive but was
strong enough to hang the entire network. The virus spread quickly and it
forced Microsoft corporation to shut down incoming email service. Intel
and other companies were affected too. For creating Melissa,
David received 20 months jail sentence and $5000 fine. It estimated
damage costs is $1 Billion.

1.4.9 Sircam

Sircam is a computer worm that propagates through email targeting

Microsoft Windows. It was notable during its outbreak because of the way
of its propagating method. Files were selected at random (usually .doc and
XLs) on an infected computer, replaced with the virus code and emailed
out to the addresses present on the host’s address book.

It also propagated via open share network. It simply scanned the network
with share drives and copied itself to the machine with non-password
protected/opened drive. Fortunately, the virus was limited as many people

9
upgraded their internet security. But still, Sircam did the damage for what
it was designed to. It estimated damage costs is $1 Billion.

1.4.10 SQL Slammer

SQL Sapphire arrived on 25th January 2003. It slowed down the whole
internet traffic and caused denial of service on some internal hosts. It
brought down the several crucial servers that affected The Bank of
America’s ATM, 911 service in Seattle and a few Continental airlines

The virus spread quickly and affected more than 75,000 users within 10
minutes. It was not written in the SQL language. It exploited the buffer
overflow problem in Microsoft SQL Server and Desktop Engine Database
products.

Overall, it affected around 200,000 computers worldwide. The total

damage could have been a lot more if the SQL Slammer was introduced
in weekdays instead of Saturday. It estimated costs is $800 Million.

1.4.11/12 Sasser/ Netsky

Both Programs were created by an 18-year-old computer science student,
Sven Jaschan from Germany. Both worms acted in a different way, but
the similarities in code structure led the expertise to believe that both were
created by the same person. For unleashing these programs onto the
internet, Sven Jaschan received a sentence of 1 year 9 month of probation.

The Sasser exploited the Microsoft Windows XP and 2000 vulnerability.

It took advantage of buffer overflow bug Local Security Authority
Subsystem Service (LSASS). Unlike other worms, it didn’t spread
through email. Once the computer gets infected, the virus searches for
another vulnerable system based on random IP addresses.It estimated
damage costs is $700 Million.

1.4.13 Nimda

10
Nimda is the file infector and computer worm which was released on 18th
September 2001. The name comes from the reverse spelling of “admin”.
It utilized numerous types of propagation technique including email,
network share, and web browsing. That is why it became the most
widespread virus on the internet within 22 minutes after its release.

It affected both workstations and servers running on Windows NT, 95, 98,
2000, XP, Me. The worm created a backdoor in the operating system
which allowed the attacker to access all functions of logged-in users. That
means, if you are logged in as admin and your computer has been affected
by Nimda, attackers could perform all admin tasks. It estimated damage
costs is $630 Million.

1.4.14 Blaster
Also known as MSBlast and Lovesan, Blaster is a computer worm first
detected on 11th August 2003. It was targeting Microsoft Windows XP
and Windows 2000 operating system. Blaster was taking advantage of
buffer overflow bug and spreading through spamming itself to a large
number of IP addresses. Once a giant network was infected, it spread
quickly because the firewalls did not prevent internal machines from
using a specific port.

It created distributed denial of service attacks (DDoS) against Microsoft’s

website, which forced them to take down Windowsupdate.com. The
11
 Worm’s executable file contained the message referring to the co-founder
of Microsoft.Inc, Bill Gates i.e. “Billy Gates why do you make this
possible? Stop making money and fix your software”. There was one
more message “Just want to say Love you San” which gave worn, an
alternative name Lovesan. It estimated damage costs is $300 Million.

1.4.15 Storm Worm

Storm Worm is a Trojan horse that affects Windows-based system, first
appeared on 17th January 2007 when users start getting emails with a
subject “230 dead as storm batters Europe”. Few versions of Storm Worm
can turn computers into Zombie. Once the system is affected, it becomes
easy to access it remotely without the owner’s permission.

Few of its versions fool the users to download the program through fake
links to news and videos. The attackers often change the subject to current
events so that it looks legitimate. Once you click on the innocent looking
link, a small software containing worm will start downloading
automatically. This was the worst worm of 2007 which infected around 10
million PCs.

1.5 Symptoms
Computers can get a virus in many ways. The most common ones are:

 Opening links or attachements in spam emails or on social media.

 Downloading programs from unreliable sites.
 Clicking on malicious ads or pop-ups.
 Sharing files with unknown users.

And other ways, then the computer (PC) may have a virus, look for these
the following telltale signs or symptoms:

o Over a few days or a week, the speed of the computer or web

browser can significantly be decreased.
o Regular crashing or freezing.
o Modified or removed files

12
 o Unremembered installation/creation of new desktop icons or apps
o Applications running without your permission
o Programs that end without your permission
o Modifications to your security settings
o Unusual emails or social media posts made to a big audience without
your consent.
o Without your intervention, your default search engine was modified.
o Browser links lead to the wrong web page.
o Slow performance.
o Unfamiliar programs or browser extensions.
o Your browser sending you to unwanted sites or search engines.
o Frequent crashes.
o Recurring error messages.
o Excessive pop-ups.
o Problems with computer security programs
o Missing files
o Spam messages being sent from your email or social media accounts
o Increased number of pop-ups on seemingly normal websites

1.6 Advantages of Virus

1. To make money and become more well-known, many programmers
have devoted their careers to creating viruses and their
countermeasures.
2. If the system is significantly infected, you might also have to pay
the PC professional to reformat it.
3. Many financial and educational institutions use viruses to prevent
online hackers and scanners.

1.7 Disadvantages of Virus

13
 1. Slower Operating Speed

2. Loss of Software Functionality

 A virus may change your computer's system after it infects it,

allowing you to access features you previously couldn't. Even if you
now have antivirus software installed, it's entirely possible that you
won't be able to do so in the future.
 The virus will probably make it impossible for any program to find
and eliminate the problem it has brought on. The virus's designers
do not want you to be able to remove it.
 Corruption of softwares and drivers.
 It causes computer stress.

1.8 How to prevent a Computer Virus

Keep viruses away from Computer (PC):

1. Use strong passwords and change them regularly.

2. Don’t use more than one antivirus program at a time.
3. Keep your computer and antivirus software updated.
4. Only install programs and apps from reputable websites.
5. Don’t open emails or download attachments from unknown senders.
6. Avoid using open, unencrypted Wi-Fi networks, like at an airport or
coffee shop.
7. Don’t click on pop-up windows-closed them immediately.
8. Use a malware scanner.

1.9 Anti-Virus
An anti-virus is software that is designed to identify, prevent, and remove
malicious software, also known as malware. It is one of the most
important tools to protect your computer from malicious attacks.

Anti-virus software is designed to scan your computer and detect any

malicious software that might be present. It can then take steps to prevent
these programs from executing and infecting your system.
14
 Computer anti-virus programs can be installed on computers to detect and
remove viruses, Trojans, worms, and other malicious software. They also
help to protect against phishing, spyware, and other unwanted software.
Anti-virus programs are a critical component of any computer security
system.

1.10 Types of Anti-Virus

There are several types of anti-virus software available, including free and
paid versions.

Free anti-virus software is usually limited in features, but can provide

basic protection against common threats.

Paid anti-virus software usually provides more comprehensive protection,

including real-time scanning, automatic updates, and more advanced
features. It is important to choose the right anti-virus software for your
needs.

1.11 Anti-Virus Programs

Anti-virus programs are designed to detect, prevent, and remove
malicious software, and they offer different levels of protection depending
on the user's needs.

1.11.1 Kaspersky Anti-Virus

Kaspersky Anti-Virus is a comprehensive suite of anti-virus solutions that
offers real-time protection against viruses and malware. It also includes a
firewall and anti-spam protection.

Kaspersky provides automatic scans, real-time protection, and the latest

virus definitions to ensure your computer is protected from the latest
threats.

1.11.2 Norton AntiVirus Plus

15
Norton AntiVirus Plus provides comprehensive protection against viruses
and malware. It includes a firewall and anti-spam protection, as well as
automatic scans, real-time protection, and the latest virus definitions.

Norton AntiVirus Plus also offers cloud backup, allowing you to store
your data securely in the cloud and access it from any device.

1.11.3 Bitdefender Antivirus Plus

Bitdefender Antivirus Plus is a comprehensive suite of anti-virus solutions
that offers real-time protection against viruses and malware. It includes a
firewall and anti-spam protection, as well as automatic scans, real-time
protection, and the latest virus definitions.

Bitdefender Antivirus Plus also offers cloud backup, allowing you to store
your data securely in the cloud and access it from any device.

1.11.4 AVG AntiVirus Free

AVG AntiVirus Free is a basic anti-virus solution that offers real-time
protection against viruses and malware. It includes a firewall and anti-
spam protection, as well as automatic scans, real-time protection, and the
latest virus definitions.

AVG AntiVirus Free also offers cloud backup, allowing you to store your
data securely in the cloud and access it from any device.

1.11.5 Avast Free Antivirus

Avast Free Antivirus is a basic anti-virus solution that offers real-time
protection against viruses and malware. It includes a firewall and anti-
spam protection, as well as automatic scans, real-time protection, and the
latest virus definitions.

Avast Free Antivirus also offers cloud backup, allowing you to store your
data securely in the cloud and access it from any device.

1.11.6 McAfee AntiVirus Plus

16
 McAfee AntiVirus Plus is a comprehensive suite of anti-virus solutions
that offers real-time protection against viruses and malware. It includes a
firewall and anti-spam protection, as well as automatic scans, real-time
protection, and the latest virus definitions.

McAfee AntiVirus Plus also offers cloud backup, allowing you to store
your data securely in the cloud and access it from any device.

1.12 Advantages of Anti-Virus

 Cost Effective
 Protects Data
 Virus Protection
 Spyware Protection
 Protection From Hackers and Data thieves
 Web Protection
 Spam Protection
 Parental Controls
1.13 Disadvantages of Anti-Virus
 No Guaranteed Protection
 System Slowdown
 Limited Virus Detection Techniques
 Needs Regular Updates
 Security Threats
 Slow Scans
 Data Share

1.14 Conclusion
Computer viruses are malicious codes or software that can cause damage
to your computer's data, applications, or operating system. It is important
to take steps to protect your computer from infection, such as installing
and regularly updating antivirus software, being mindful when
downloading files or opening emails from unknown sources, and keeping
your operating system and applications up to date.

17
Computer viruses can be divided into several different types, including
boot sector viruses, file infectors, macro viruses, and polymorphic viruses.
Boot sector viruses infect the boot sector of a computer's hard drive, while
file infectors infect executable files. Macro viruses infect documents that
contain macros, while polymorphic viruses are able to change their code
in order to evade detection.

Each type of virus has its own unique characteristics, and can cause
different levels of damage. It is important to be aware of the different
types of viruses, and to take the necessary steps to protect your computer
from infection.

There are several signs that may indicate that your computer has been
infected with a virus. These include unexpected pop-up windows, slow
computer performance, and changes to your computer's settings or files.
Your computer may also crash unexpectedly, or start running programs
without your permission.

If you notice any of these signs, it is important to take action as soon as

possible. You should run a scan with your antivirus software and remove
any malicious code or software that is detected. Additionally, you should
update your operating system and applications, as these updates often
contain security patches.

The best way to prevent computer viruses is to be proactive. This includes

using strong passwords, avoiding suspicious websites, and regularly
updating your antivirus software. Additionally, it is important to be
mindful when downloading files or opening emails from unknown
sources. Be sure to scan any files you download with your antivirus
software before opening them.

It is also important to be aware of the different types of computer viruses

and the damage they can cause. Being informed can help you take the
necessary steps to protect your computer from infection, and minimize the
risk of data loss or disruption.

18
Reference
 https://en.wikipedia.org/wiki/Computer_virus
 https://uniserveit.com/blog/what-are-the-different-types-
of-computer-viruses
 https://www.rankred.com/worst-computer-viruses/
 https://www.asurion.com/connect/tech-tips/how-to-
remove-a-virus-from-your-mac-or-pc/
 https://www.javatpoint.com/advantages-and-
disadvantages-of-virus
 https://www.chtips.com/computer-
fundamentals/advantages-and-disadvantages-of-antivirus-
software/

19