Dec 062012

C (Brain) Virus:

C (Brain) virus was created by Pakistani brothers Amjad and Basit Alvi in the year 1985 A.D. at Lahore. Originally, it was created and designed to prevent unauthorized use of software sold by ‘Alvis’ Brain computer shop at Lahore, Pakistan. It was put into programs like Lotus 123 and WordStar and sold at heavy discounts to foreign tourists. Once the host used the infected disk, it became the carrier of the virus and copied itself quickly to

uninfected computers and diskettes. The virus, hiding in the boot sector replicated quickly and within months it spread throughout the world of personal computers. Later, various strains of this computer virus appeared which were fatal and malicious.

The Stone: The Stone affects the boot sector computers. It affects the Master Boot Record containing partition table, in hard disks. This virus is written in two sections – the resident portion and the installation portion.

The Vienna-648 Virus: The Vienna-648 virus is probably the simplest file infector virus ever created. It is not very efficient and can be written in far less number of instructions. It infects COM files, increasing their size by 648 bytes by appending its code at the end of the file. It doesn’t infect files having size less than 10 bytes. It is also known as the 1-in-8 virus, since on every eighth infection, it creates an instruction for rebooting the computer. Due to this, the file becomes unexecutable and the computer reboots. In case this happens with COMMAND.COM, the computer never boots because every time COMMAND.COM gets recalled and tries to reboot the computer.

The 8290 (Print Screen) Virus: This virus is a boot sector infector. This virus checks for the word, ‘8290 hex’ at a certain place in the boot record. If the word is not present, it won’t be able to affect the computer and its data and instruction. Due to this reason, it is called the 8290 virus. It moves the original boot record to the 11th sector on the floppies and 114th sector on 20 MB hard disks and then transfers its own programs as the boot record.

The Joshi Virus: The Joshi virus is one of the intelligent types of viruses which use stealth techniques in order to baffle affected hackers. This virus affects the Master Boot Record which contains the partition table in hard disks. On 5th January of every year, the virus gets activated. Due to its activation, the whole computer system gets hanged and a message is displayed as “type Happy Birthday Joshi”. The computer can be saved from hanging and it can be used again if the use types the message “Happy Birthday Joshi” in his hanged computer.

The Bloody Virus: The Bloody Virus is also taken as the reincarnation of the Stone virus. This virus affects the Master Boot Record of hard disks which contains the partition table. It was modeled after the Stone virus.

The Ping-Pong Virus: The Ping-Pong virus affects the boot sector of hard disks. The virus gets activated in every 30 minutes and displays a bouncing dot on the monitor of the computer. The dot passes through any text that is displayed on the screen. This virus has no other major effect rather than the creation of 1 KB bad sector where it places the original boot sector.

The Dark Avenger: The Dark Avenger is one of the most dangerous and infectious viruses. Once it infects a disk, it becomes too much difficult to remove it from the disk. It affects the EXE and COM files by attaching itself to the end of the file and puts a JMP instruction at the start of the file. It is a memory resident virus and becomes a resident when an infected file is run. The message “Program too big to fit in memory” is displayed on the screen and the computer gets hanged. The size of the infected files are increased in size by 1800 bytes.

Dec 032012

As already mentioned in previous posts of this site, viruses are the major factors which help in the destruction and hacking of data and information which are stored in a computer’s memory. In this post, we have tried to make our visitors and readers well known about the types of viruses on the basis of their residential areas. So, we have enlisted and described the different types of viruses in the lines below:

  1. Boot sector infectors: These are the viruses which reside in the boot sector of the hard disk or partition table of hard disk of a computer. Some examples of such viruses are C-Brain, Stone/Marijuana, 8290 (Print screen), Joshi etc. The instructions for booting are stored in the boot sector (side 0, sector 1, track 0 of the bootable disk). The ROM BIOS program searches for bootstrap program in this location. The virus program puts the original boot sector containing the bootstrap program somewhere else on the disk. So, unwittingly, the ROM BIOS loads the infected boot sector into the RAM and passes control to the viral program. The virus first of all executes its own program, becomes memory-resident and takes control over the important system parameters of the computer. Then it loads the original boot sector and transfers the control to DOS. It keeps a watch on use of disks and infects any uninfected disks as soon as it is used.
  2. File infector viruses: File infector viruses are such kind of viruses which attach at the start or the end of executable COM or EXE files of computers. When the infected file is executed, the virus code gets executed first, takes control over the system parameters and resides in the RAM. After that, it remains in the RAM and keeps a constant vigil for executable files. Whenever such type of file is run, the virus infects it. These viruses are the most dangerous ones, as far as replication is concerned. In a heavy user environment, a large number of files are infected within a short period of time.
    File infector viruses can be further categorized into Direct Action File Infectors and Indirect Action File Infectors.
  3. DOS system infectors: These viruses affect the DOS (Disk Operating System) and its files like IO.SYS, MSDOS.SYS and COMMAND.COM. They enter the system in the guise of device drivers which are loaded into memory before any other program and remain in the memory till the time when the computer is shut down. Most of these viruses are written in Assembly language. A virus program should be as small as possible so that it can hide in a small place in the disk. The most efficient viruses should contain good replication capacity and a great destructive capability within minimum number of instruction.
  4. Message carrying viruses: Message carrying viruses are not specialized for the destruction and infection of data and information of a computer. They are just involved in annoying and disturbing the computer users during operations.