Name: Uzair Ahmad

Registration No:
FA22_BCS-052

December,2 2022
ICT (Info & Communication
Tech)
 Assignment No: 3
⸙ Computer viruses with its types:
Introduction:

  A computer virus is a simple malicious code that hackers design to fetch data
from the user. A computer virus self-replicates by doubling itself into another program,
spreading itself into the document, and taking control of that document and sensitive data of
computer.
The general method to spread computer virus as executable files is by email. If the
user opens the email and clicks on the file, the virus enters the system and affects its
performance. A computer virus is also spread using USB drives, storage disks, and removable
hard disks. It is a serious issue that has to be taken action by installing the antivirus program.
Types of computer viruses:
Boot Sector
Polymorphic
File Infector
Macro
Direct action

⸙ Let us briefly describe these viruses:

1.Boot Sector Virus:
A boot sector virus is a type of malware that infects a system’s boot
partition or the Master Boot Record (MBR) of a hard disk. During start-up and before
security software can be executed, the virus executes malicious code. Once a computer is
infected, a boot sector virus will try to infect every disk that is accessed on the infected
system. In many cases, a user may not know they are infected with a boot sector virus until
they run an antivirus solution or malware scan.
A user’s computer gets infected by a boot sector virus when starting up a machine
from an infected floppy disk or USB drive. Email attachments can also contain a boot sector
virus and these can also infect other computers on the network.
A few other possible symptoms
that make this virus unique is that the computer won’t boot, it will boot to a blue screen, or
the OS will not start, and the user only sees text on a black screen with an error message that
the boot device cannot be found. This happens when the virus deletes or modifies the
necessary boot files. 

1
 Figure 1 Boot sector virus

2.Polymorphic Virus:
‘Poly’ refers to many and ‘morphic’ refers to forms. Therefore, as
the name suggests polymorphic virus is a complicated computer virus that changes its form as
it propagates to avoid detection by antivirus. It is a self-encrypting virus that pairs a mutation
engine along with a self-propagating program code.

⸙ A Polymorphic Virus Consists of:

A decryption routine.
An encrypted virus body.
A mutation engine that generates randomized decryption routines.
Whenever a virus is detected by antivirus software, it gets blacklisted and any other virus
with similar characteristics gets automatically blocked. In the case of the polymorphic virus,
with each mutation, the basic function performed by the virus remains the same even though
the signature or decryption routine changes.
Polymorphic viruses can easily fool the
conventional antivirus software using signature-based detection. However, these viruses can
be detected by new security technologies which use machine learning and behavior detection
to identify any anomalous behavior in the system.

⸙Working:
Mutation Engine

Produce random
decryption

Decryption New
Decryption
Routines
Encrypted Routines
Decrypted Encrypted
Virus
Virus
Virus
Body
Body
Body
2
3.File Infector Virus:
A file infector virus is a virus that works as an infection for the
computer. Especially when a person is downloading and opening a file, they could be able to
get the virus to their device. This infector virus spreads in a device faster, and it is enough to
destroy the whole device’s workability. This virus is malware that infects an executable file
for the first time and then spreads itself to other executable files and programs.
It causes permanent damage to the device, and you will not be able to use them again. With
the help of the overwriting of a code, the virus inserts infected code into the executable file,
and it can be seen mostly in Unix, Macintosh, Windows, and much more. This virus can also
be known as a file injector. This virus is enough to destroy the workability of a device
because this virus infects a single file.
 It is self-executable
 It can make more copies
 It can spread faster

4.Macro Virus:
A macro virus infects a software program and causes a series of actions to
begin automatically when the program is opened. It operates like a normal macro and often
installs itself in the place of an existing macro.

 A macro virus is a type of computer exploit or malware that automatically triggers a

series of software functions, often with deleterious effect.
 In addition to wreaking havoc on a system, these macro viruses are also programmed
to replicate and spread themselves in order to infect other systems.
 Macro viruses most often spread online via phony web links or as e-mail
attachments.
 Antivirus software is typically good at detecting and removing macro viruses before
they can do harm.

A macro is a series of commands that automatically triggers a specific function within a

software program. Macros can be installed in programs such as Microsoft Word in order to
perform complex tasks that the program would otherwise be unable to do automatically. For
example, a company can use a macro to automatically insert designed letterhead or pre-
designed tables into Microsoft Word page templates

3
5.Direct Action Virus:
A direct-action computer virus is a class of self-replicating
malware that’s attached to an executable file. They are typically embedded in otherwise
legitimate programs that require execution to run. After downloading and executing an
infected program, the direct-action computer virus will spread.

How it Works:
The defining characteristic of direct-action computer viruses is their
attachment to an executable file. Executable files are those in programs. When you open or
run an executable file, your computer will respond by carrying out the file’s included
instructions.
While most executable files are harmless, others may contain malware, including direct
action computer viruses. Direct action computer viruses are those found within executable
files. Hackers add them to executable files in hopes of victims downloading and executing
them.
Conclusion:
A virus is known as “direct action” if it’s attached to an executable file that
requires opening or running in order to spread. Running the executable file is a direct action.
When you run the executable file containing a direct action virus, it will spread while
simultaneously carrying out its malicious activities.

(B)
Different ways through which viruses spread into your computer:

⸙ Email attachments.
⸙ External Devices
⸙ Online Ads
⸙ Freeware
⸙Rough Websites
4
1.Email Attachment:
Email viruses are mostly spread by causing the malicious message
or attachment to be sent to everyone in the victim's address book. These viruses can be
packaged and presented in different ways. Some of them can easily be spotted. Recipients can
also find it difficult to identify specific email messages containing malware since these
messages reflect a huge amount of effort taken by the malicious actor in order to make the
email message appear as if it has been sent from a known and trusted sender.
Email viruses are mostly linked with phishing attacks in which hackers send
out malicious email messages that appear as if they have been sent from authorized sources,
including internet search sites, social media
2.External Devices:
Many of us carelessly connect external devices that are borrowed on
purpose from a friend or a relative. These devices tend to carry the infections that can harm
your computer. It could be a USB, external hard drive or your own smartphone.
In all the cases, a good virus program will detect the hidden malicious files and help to
eliminate it. Remember to run the scan on the device when you connect.

3.Online Ads:
People tend to get deceived looking at the ads but clicking on it may lead to
infecting and harming your computer. Hackers place ads on trusted websites and insert
malicious codes to gain prominence and reliability.
Never click on online ads randomly.
Simply hover your mouse over the ad to find out where the ad is redirecting. Antivirus
software helps to identify such false ads, if you have one in place, then remember to make
use of it in the time of need.

4.Freeware:
Think twice before you download a freeware, sometimes you end up infecting
our computer systems. Gaming websites, videos, and songs websites purposely plant virus in
their media files.
Always download freeware from a trusted source, installing the right
antivirus software can detect dangers upfront.

5.Rough Websites:
Many websites in the online space, such as the gaming, adult, dating
websites, and entertainment, install adware on their own and other viruses onto a computer.
A lot of the internet users have come across situations where opening a website leads to a
series of popups that appear on the screen. Make use of a robust antivirus program and
optimize it for the web access settings.

5
6
1. Email attachments.

7
8