Beware of the Overwriting Virus

Computer viruses come in numerous forms with many different functions.  Some are rather simplistic and can be detected by the average user while others are complex and go unseen for sometime.  The most common viruses fall under the classification of file infectors, which operate by infecting executable files.  They achieve this by inserting their malicious code into an area of the original file, allowing it to be executed whenever the file is accessed.  Some of them are able to completely overwrite a file, rendering an entire program useless. 

Considering their destructive nature, overwriting viruses have been identified as the most dangerous of them all.  They have been known to exploit a wide range of operating systems including Linux, Macintosh, Windows and DOS platforms.  Once a victim file has been infected, it is then overwritten with a malicious code from the virus.  If a user does not spot the infection in time, an overwriting virus can inflict irreversible damage to numerous files.  A system that has been compromised by this type of infection can easily become unstable and eventually inoperable.  Files that have been corrupted by the overwriting virus cannot be disinfected.  Instead they must be completely deleted and restored from a backup source. 

Well-Known Overwriting Viruses   

Grog.377 - Known as a non-memory resident virus, it interprets a random sector of a hard disk in search of special instructions.  If instructions exist, it overwrites that part of the sector with a malicious code.  When launched, the infection can inflict considerable damage on system BIOS and prevent a computer from booting up. 

Grog.202/456 - Two of the most dangerous overwriting viruses.  They seek out COM. files in the current directory, quickly deleting and replacing the content with malicious code.  If no COM. files are found in that particular directory, the GROG virus dials a random phone number over the user's modem in search of interconnected network computers.  Both of these infections are also considered to be non-memory overwriting viruses. 

Loveletter - Perhaps the most complex overwriting virus.  Like other variants, it's main intend is to seek out files and overwrite them with malicious code.  What makes this virus different is that it acts as file infector, an email worm and a  Trojan horse capable of downloading other types of malware.  

Overwriting viruses were initially deployed because of their effectiveness; a way for the infection to infuse itself with an innocent file.  This corrupts the original file in such a way that it can't be disinfected.  Many of them are able to escape the scanner of an anti-virus program, making no alterations to the victim file so changes aren't detected. 

While they were very effective, most malicious codes do not write this type of virus anymore.  Many tend to focus on tempting users with genuine Trojan horses and distributing malware via email.  At the same time, you must keep your computer protected from all probable threats at all times.  Your best bet would be installing a quality anti-virus program and conducting frequent scans for suspicious activity. 

(0 Comments)
Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

With the advent of wireless Internet, more and more computer users are entering the world of cyber space.

Yet, while these users are well aware of the importance of the protection of their computer when hooked up to regular internet providers, they are often oblivious to the fact that the same cyber dangers, and in fact even more, exist in the world of WiFi.

What you may not know is that same Internet connection that makes it possible to check your email from the comfort of your bed also makes it easier for hackers to access your personal information.

It is for this reason, the sharing of the wireless Internet connection, that protecting your computer when wireless is even more important than ever before.