A virus is a fragment of code embedded in a legitimate program. Virus are self-replicating and are designed to infect other programs. They can wreak havoc in a system by modifying or destroying files causing system crashes and program malfunctions. On reaching the target machine a virus dropper(usually trojan horse) inserts the virus into the system.
For more details, refer this.
Various types of virus :
- File Virus : This type of virus infects the system by appending itself to the end of a file. It changes the start of a program so that the control jumps to its code. After the execution of its code, the control returns back to the main program. Its execution is not even noticed. It is also called Parasitic virus because it leaves no file intact but also leaves the host functional.
- Boot sector Virus : It infects the boot sector of the system, executing every time system is booted and before operating system is loaded. It infects other bootable media like floppy disks. These are also known as memory virus as they do not infect file system.
- Macro Virus : Unlike most virus which are written in low-level language(like C or assembly language), these are written in high-level language like Visual Basic. These viruses are triggered when a program capable of executing a macro is run. For example, macro virus can be contained in spreadsheet files.
- Source code Virus : It looks for source code and modifies it to include virus and to help spread it.
- Polymorphic Virus : A virus signature is a pattern that can identify a virus(a series of bytes that make up virus code). So in order to avoid detection by antivirus a polymorphic virus changes each time it is installed. The functionality of virus remains same but its signature is changed.
- Encrypted Virus : In order to avoid detection by antivirus, this type of virus exists in encrypted form. It carries a decryption algorithm along with it. So the virus first decrypts and then executes.
- Stealth Virus : It is a very tricky virus as it changes the code that can be used to detect it. Hence, the detection of virus becomes very difficult. For example, it can change the read system call such that whenever user asks to read a code modified by virus, the original form of code is shown rather than infected code.
- Tunneling Virus : This virus attempts to bypass detection by antivirus scanner by installing itself in the interrupt handler chain. Interception programs, which remain in the background of an operating system and catch viruses, become disabled during the course of a tunneling virus. Similar viruses install themselves in device drivers.
- Multipartite Virus : This type of virus is able to infect multiple parts of a system including boot sector,memory and files. This makes it difficult to detect and contain.
- Armored Virus : An armored virus is coded to make it difficult for antivirus to unravel and understand. It uses a variety of techniques to do so like fooling antivirus to believe that it lies somewhere else than its real location or using compression to complicate its code.
GeeksforGeeks has prepared a complete interview preparation course with premium videos, theory, practice problems, TA support and many more features. Please refer Placement 100 for details
- Viruses - From Newbie to pro
- Worms, Viruses and beyond !!
- Types of SEO
- Malware and its types
- Types of VPN Tunelling
- Diversity and its Types
- Cryptography and its Types
- Types of Routing
- Types of Web Hosting
- Types of Hackers
- Types of Cloud
- Types of Email Attacks
- Types and Uses of Backbone Networks
- Types Of Information System
- Fiber Optics and Types