TYPES of PC Viruses

1. File Infector

This is a virus which attaches itself to program files. It infects any program for which execution or interpretation is required.

File infectors can be either 'Direct Action/Non-Resident' or 'Resident'. The former virus selects one or more programs to infect each time a program infected by it are executed. The resident virus installs itself somewhere in memory (RAM) the first time an infected program is executed, and thereafter infects other programs when they are executed or when other conditions are fulfilled. Most viruses are resident.


2. System or Boot-Record Infector

This virus infects the executable code found in certain system areas on a disk. On PCs, boot-sectors infected could be the DOS boot sector, the Master Boot Record on fixed disks and the DOS boot sector on diskettes.


3. Multi-Partite Virus or Boot and File Virus

This virus infects both the files and boot sectors.


4. File System or Cluster Virus or Link Virus

This virus modifies directory table entries so that the virus is loaded and executed before the desired program is. The program itself is physically intact, only the directory entry of the program file is infected.


5. Kernel Virus

This virus targets specific features of the programs that contain the core or kernel of an operating system.


6. Stealth Virus

This virus hides the modifications it has made to files or boot records, when activated. As a result programs that try to read infected files or sectors view the original, uninfected form instead of the actual, infected form, leading them to go undetected.


7. Polymorphic Virus

This virus produces varied but operational copies of itself with the aim of avoiding detection under scanners.


8. Fast Infector

This virus copies itself to memory when a program infected by it is executed, and then infects other programs, not only ones being executed but also those that are merely opened. In which case, running a scanner can result in all or many programs becoming infected.


9. Slow Infector

This virus only infects files as they are modified or as they are being created.


10. Sparse Infector

This virus infects less often, only occasionally or only files whose lengths fall within a narrow range, etc. It thus minimises the probability of being discovered.


11. Companion Virus

This virus creates a new program, which unknown to the user, is executed instead of the intended program.


12. Armored Virus

This virus uses special tricks to make tracing, disassembling and understanding of its code difficult.


13. Cavity Virus

This virus overwrites a part of the host file that is filled with a constant, without increasing the length of the file, but preserving its functionality.


There are countless viruses under each category. New viruses are created literally everyday. Also, different antivirus researchers use different criteria to decide whether two viruses are different or one and the same.
Click here to go back  Home