Beware of the Overwriting Virus

Computer viruses come in numerous forms with many different functions.  Some are rather simplistic and can be detected by the average user while others are complex and go unseen for sometime.  The most common viruses fall under the classification of file infectors, which operate by infecting executable files.  They achieve this by inserting their malicious code into an area of the original file, allowing it to be executed whenever the file is accessed.  Some of them are able to completely overwrite a file, rendering an entire program useless. 

Considering their destructive nature, overwriting viruses have been identified as the most dangerous of them all.  They have been known to exploit a wide range of operating systems including Linux, Macintosh, Windows and DOS platforms.  Once a victim file has been infected, it is then overwritten with a malicious code from the virus.  If a user does not spot the infection in time, an overwriting virus can inflict irreversible damage to numerous files.  A system that has been compromised by this type of infection can easily become unstable and eventually inoperable.  Files that have been corrupted by the overwriting virus cannot be disinfected.  Instead they must be completely deleted and restored from a backup source. 

Well-Known Overwriting Viruses   

Grog.377 - Known as a non-memory resident virus, it interprets a random sector of a hard disk in search of special instructions.  If instructions exist, it overwrites that part of the sector with a malicious code.  When launched, the infection can inflict considerable damage on system BIOS and prevent a computer from booting up. 

Grog.202/456 - Two of the most dangerous overwriting viruses.  They seek out COM. files in the current directory, quickly deleting and replacing the content with malicious code.  If no COM. files are found in that particular directory, the GROG virus dials a random phone number over the user's modem in search of interconnected network computers.  Both of these infections are also considered to be non-memory overwriting viruses. 

Loveletter - Perhaps the most complex overwriting virus.  Like other variants, it's main intend is to seek out files and overwrite them with malicious code.  What makes this virus different is that it acts as file infector, an email worm and a  Trojan horse capable of downloading other types of malware.  

Overwriting viruses were initially deployed because of their effectiveness; a way for the infection to infuse itself with an innocent file.  This corrupts the original file in such a way that it can't be disinfected.  Many of them are able to escape the scanner of an anti-virus program, making no alterations to the victim file so changes aren't detected. 

While they were very effective, most malicious codes do not write this type of virus anymore.  Many tend to focus on tempting users with genuine Trojan horses and distributing malware via email.  At the same time, you must keep your computer protected from all probable threats at all times.  Your best bet would be installing a quality anti-virus program and conducting frequent scans for suspicious activity. 

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.

Many Internet users are unaware that most anti-virus programs quickly become out of date as new and more sophisticated viruses enter the world of cyber-space everyday.

Anti-virus software must be consistently updated in order to remain effective. In some cases it is necessary to buy an entirely new program to help keep your computer virus free.

Most anti-virus programs allow you to update the original program by downloading the newest and most recent updates to their virus protection system. These updates can then provide protection for your computer against new strands of viruses waiting to infect your computer.