Please enable JavaScript.
Coggle requires JavaScript to display documents.
COMPUTER VIRUS (Types or Sources (Macro virus (virus that is written in a…
COMPUTER VIRUS
Types or Sources
Macro virus
- virus that is written in a macro language: a programming language which is embedded inside a software application (e.g., word processors and spreadsheet applications)
- it propagates by exploiting the macro language‘s properties in order to transfer itself from the infected file containing the macro script to another file
- The most widespread macro viruses are for Microsoft Office applications (Word, Excel, Power Point, Access).
- Because they are written in the code of application software, macro viruses are platform independent and can spread between Mac, Windows, Linux, and any other system running the targeted application.
Boot sector virus
- infects the boot sector or the master boot record or displaces the active boot sector of a hard drive.
- Once the hard drive is booted up, boot sector viruses load themselves into the computer‘s memory
- Many boot sector viruses, once executed, prevent the OS from booting
Email Virus
- can be used to transmit any of the above types of virus by copying and emailing itself to every address in the victim‘s email address book, usually within an email attachment.
- Each time a recipient opens the infected attachment, the virus harvests that victim‘s email address book and repeats its propagation process.
- Email virus refers to the delivery mechanism rather than the infection target or behavior.
File Virus
- known as script virus, written in one of a variety of script languages like Visual Basic Script, JavaScript, PHP, etc
- uses the file system of a given OS (or more than one) to propagate.
- include:
- viruses that infect executable files,
- companion viruses that create duplicates of files,
- viruses that copy themselves into various directories,
- link viruses that exploit file system features.
- it is used to:
- infect other scripts,
- forms a part of a multicomponent virus.
- able to infect other file formats, such as (HTML), if that file format allows the execution of scripts.
Multi-variant virus
- The same core virus but implemented with slight variations, so that an anti-virus scanner that can detect one variant will not be able to detect the other variants.
Polymorphic Virus
- virus which changes their characteristic after each infection.
- techniques to achieve polymorphism:
- self-modification of code and hence infected files are infected with different variants.
- the virus encrypts itself with different key for different file.
Metamorphic Virus
- virus that is rewritten with each iteration so that each succeeding version of the code is different from the preceding one.
Classification
Non-Resident Viruses
- This kind of virus will execute along with its host, perform the needful action of finding and infecting the other possible files and eventually transfers the control back to the main program (host).
- The operation of the virus will terminate along with that of its host
Resident Viruses
- whenever the infected program is run by the user, the virus get activated, loads its replication module into the memory and then transfer the control back to the main program
- In this case, the virus still remains active in the memory waiting for an opportunity to find and infect other files even after the main program (host) has been terminated.
How Viruses Work
- attaching themselves to an already existing file or program and replicates itself to spread from one computer to another.
- tend to infect executable files that are parts of legitimate programs
- So, whenever the infected file is executed on a new computer, the virus gets activated and begins:
- operate by further replication
- causing the intended damage to the system.
- virus cannot perform its task of harming and replication unless it is allowed to execute.
- This is the reason why viruses often choose an executable file as its host and get attached to them.
General Info
- virus is a parasitic program written intentionally to enter a computer without the users’ permission or knowledge.
- The word parasite is used because a virus attaches to files or boot sectors and replicates itself, thus continuing to spread.
- A virus should never be assumed harmless and left on a system.
- common types of virus distributed over the internet are as follows:
- Macro virus 2. Boot sector viruses 3. File infector viruses 4. Stealth viruses 5. Self-modifying virus