Beware of the Overwriting Virus

Computer viruses come in numerous forms with many different functions.  Some are rather simplistic and can be detected by the average user while others are complex and go unseen for sometime.  The most common viruses fall under the classification of file infectors, which operate by infecting executable files.  They achieve this by inserting their malicious code into an area of the original file, allowing it to be executed whenever the file is accessed.  Some of them are able to completely overwrite a file, rendering an entire program useless. 

Considering their destructive nature, overwriting viruses have been identified as the most dangerous of them all.  They have been known to exploit a wide range of operating systems including Linux, Macintosh, Windows and DOS platforms.  Once a victim file has been infected, it is then overwritten with a malicious code from the virus.  If a user does not spot the infection in time, an overwriting virus can inflict irreversible damage to numerous files.  A system that has been compromised by this type of infection can easily become unstable and eventually inoperable.  Files that have been corrupted by the overwriting virus cannot be disinfected.  Instead they must be completely deleted and restored from a backup source. 

Well-Known Overwriting Viruses   

Grog.377 - Known as a non-memory resident virus, it interprets a random sector of a hard disk in search of special instructions.  If instructions exist, it overwrites that part of the sector with a malicious code.  When launched, the infection can inflict considerable damage on system BIOS and prevent a computer from booting up. 

Grog.202/456 - Two of the most dangerous overwriting viruses.  They seek out COM. files in the current directory, quickly deleting and replacing the content with malicious code.  If no COM. files are found in that particular directory, the GROG virus dials a random phone number over the user's modem in search of interconnected network computers.  Both of these infections are also considered to be non-memory overwriting viruses. 

Loveletter - Perhaps the most complex overwriting virus.  Like other variants, it's main intend is to seek out files and overwrite them with malicious code.  What makes this virus different is that it acts as file infector, an email worm and a  Trojan horse capable of downloading other types of malware.  

Overwriting viruses were initially deployed because of their effectiveness; a way for the infection to infuse itself with an innocent file.  This corrupts the original file in such a way that it can't be disinfected.  Many of them are able to escape the scanner of an anti-virus program, making no alterations to the victim file so changes aren't detected. 

While they were very effective, most malicious codes do not write this type of virus anymore.  Many tend to focus on tempting users with genuine Trojan horses and distributing malware via email.  At the same time, you must keep your computer protected from all probable threats at all times.  Your best bet would be installing a quality anti-virus program and conducting frequent scans for suspicious activity. 

Log in or sign up to comment.

Post a comment

Log in or sign up to comment.
Identity theft comes in many forms.

A person\92s identity can be 'borrowed' for the purpose of creating fictional credit cards or a person\92s entire identity can be usurped to the point where they can have difficulty proving that they really are who they claim to be.

Up to 18% of identity theft victims take as long as four years to realize that their identity has been stolen.

There are many ways to protect your personal identity and many steps you can take to prevent your identity from being stolen:

*Never give out unnecessary personal information
*Never provide bank details or social security numbers over the Internet
*Always remain aware of who is standing behind you when you type in your personal credit codes at ATM machines and at supermarket checkout swipe machines.