TYPES of PC Viruses |
|
1. |
File Infector |
|
This is a virus which attaches itself to program files. It infects any
program for which execution or interpretation is required.
File infectors can be either 'Direct
Action/Non-Resident' or 'Resident'. The former virus selects one or more programs to
infect each time a program infected by it are executed. The resident virus installs itself
somewhere in memory (RAM) the first time an infected program is executed, and thereafter
infects other programs when they are executed or when other conditions are fulfilled. Most
viruses are resident.
|
2. |
System or Boot-Record Infector |
|
This virus infects the executable code found in certain system areas on a
disk. On PCs, boot-sectors infected could be the DOS boot sector, the Master Boot Record
on fixed disks and the DOS boot sector on diskettes.
|
3. |
Multi-Partite Virus or Boot and File Virus |
|
This virus infects both the files and boot sectors.
|
4. |
File System or Cluster Virus or Link Virus |
|
This virus modifies directory table entries so that the virus is loaded and
executed before the desired program is. The program itself is physically intact, only the
directory entry of the program file is infected.
|
5. |
Kernel Virus |
|
This virus targets specific features of the programs that contain the core or
kernel of an operating system.
|
6. |
Stealth Virus |
|
This virus hides the modifications it has made to files or boot records, when
activated. As a result programs that try to read infected files or sectors view the
original, uninfected form instead of the actual, infected form, leading them to go
undetected.
|
7. |
Polymorphic Virus |
|
This virus produces varied but operational copies of itself with the aim of
avoiding detection under scanners.
|
8. |
Fast Infector |
|
This virus copies itself to memory when a program infected by it is executed,
and then infects other programs, not only ones being executed but also those that are
merely opened. In which case, running a scanner can result in all or many programs
becoming infected.
|
9. |
Slow Infector |
|
This virus only infects files as they are modified or as they are being
created.
|
10. |
Sparse Infector |
|
This virus infects less often, only occasionally or only files whose lengths
fall within a narrow range, etc. It thus minimises the probability of being discovered.
|
11. |
Companion Virus |
|
This virus creates a new program, which unknown to the user, is executed
instead of the intended program.
|
12. |
Armored Virus |
|
This virus uses special tricks to make tracing, disassembling and
understanding of its code difficult.
|
13. |
Cavity Virus |
|
This virus overwrites a part of the host file that is filled with a constant,
without increasing the length of the file, but preserving its functionality.
|
|
There are countless
viruses under each category. New viruses are created literally everyday. Also, different
antivirus researchers use different criteria to decide whether two viruses are different
or one and the same. |
Click here to go back Home |