File-infecting Virus
File-infecting Virus definition
A file-infecting virus is a type of malicious software (malware) that attaches itself to legitimate executable files on a system. When the infected file is executed, the virus is activated and runs alongside the intended program, spreading to other executable files and carrying out its malicious activities.
See also: computer virus, email virus
Key characteristics and behavior:
Propagation: File-infecting viruses spread by attaching themselves to executable files (files with extensions like .exe or .dll). When the infected file is run, the virus also executes and looks for more files to infect.
Payload Delivery: Once activated, the virus might deliver a payload—a specific set of malicious actions. This can range from showing unwanted ads, stealing data, to deleting files or even corrupting the operating system.
Residency: Some file-infecting viruses are memory-resident, meaning they load into system memory when the infected file is executed. From there, they can infect other files even without the original host file being executed again.
Camouflage: These viruses often employ techniques to hide their presence. They might overwrite the file’s original code or insert themselves in spaces within the file where they won’t disrupt its normal operation.
Mutation: To avoid detection by antivirus software, many file-infecting viruses are polymorphic or metamorphic, meaning they can change their code or appearance each time they infect a new file.
In essence, a file-infecting virus is like a parasite that latches onto legitimate software, spreading and causing harm as those programs are run. It’s crucial to have up-to-date antivirus software to detect and remove such threats.