A computer virus is the same as flu that spreads from one to another. A set of program or piece of code inserts itself into a computer and then perform some actions known as a computer virus. These actions are mostly not favorable. However, action can be the destruction of information, denial of services through the network interface, lockouts at the operating system, nuisance messages and pop-ups on windows, and many more.
Now, I will talk about some important parts of a computer virus. They perform different things and collectively it becomes massive. Above all, the use of a virus is not always to do something illegal. Sometimes, used in some legal situations for different purposes.
Parts are :
- Signature byte
This is the main part of the code whose duty is to seek out the new target and from necessary attachments proliferate the existence of the virus.
Its name can suggest the task of that part. Its job is to hide a virus code from anti-virus. It’s a kind of mutation engine.
It can be anything. Most importantly it is a component of the attack that causes harm to the victim.
Its task is to start the delayed actions of payloads that are sent with viruses.
Its use is to mark the host file. In addition, it helps the virus to know the affected file.
Types of computer viruses
- Boot sector infector
- Executable infector
- Multipartite viruses
- TSR infector (Terminate and Stay Resident)
- Stealth infector
- Encrypted infector
- Polymorphic infector
- Macro infector
Boot sector infector
This type of virus infects the boot sector of the computer or partition of the disk. The boot is a special area of storage to store files that are required to start the operating system and other bootable programs. Usually, a computer is affected by this virus when a PC is started with an infected floppy disc.
Once a computer is infected it starts to infect every disc that is accessible in the infected system. But this virus can be removed successfully.
An executable virus is a non-resident virus that stores itself in the executable files. This virus starts infection whenever that file is in use. In addition, it infects executable programs and most of the time virus spreads in this way.
This type of virus uses multiple methods to infect the computer. It remains in memory to infect the hard drive and then infects more drives by changing the application’s content.
TSR infector (Terminate and Stay Resident)
This type of virus is loaded and remained in memory and starts infection when the user uses a specific combination of the keyboard.
Its name can tell about the work of that virus. A computer virus that uses multiple techniques to avoid detection by anti-virus. It hides into legitimate files, partitions, or boot sectors.
It encrypts the documents and files on the computer. And these files can be accessed using a key that was used in that encryption.
The virus can create modified versions of itself to avoid detection by anti-virus. But still, its routine work remains the same after every infection. To change its physical file makeup during infection, it encrypts its codes and uses the different encryption keys.
Polymorphic virus depends on mutation engine which helps to use different encryption key every time.
A type of virus that has the same macro language as target software. It usually, infects software rather than the system.
- Using an external device to transfer data
- E-mail or its attachment
- Internet downloads
- Unknown webpages
- Installing unknown software release
- Downloading free games or any software