Types of virus:

Virus can be classified as: 

a)   Computer System / Boot Record Viruses: These computer viruses attack the parts of your computer that are used to run programs and perform certain functions (such as start up and shut down). These parts (called executables) are those that are used when you first start your computer.

b)   Computer File Viruses: These computer viruses cling to various program files (such as .COM, .EXE, .SYS, and so on). The virus might "hide" in your memory at first (called a resident virus... sounds kind of cute, huh? Like a relative coming to visit). Or the virus might simply attack a specific program (like Microsoft Word). When a program requests the use of any these modules, the virus begins to do its damage.

c)   Master Boot Record Infectors: The first physical sector of every hard disk (Side Ø, Track Ø, Sector 1) contains the disk's Master Boot Record and Partition Table. The Master Boot Record has a small program within it called the Master Boot Program, which looks up the values in the partition table for the starting location of the bootable partition, and then tells the system to go there and execute any code it finds. Assuming your disk is set up properly, what it finds in that location (Side 1, Track Ø, Sector 1) is a valid boot sector. On floppy disks, these same viruses infect the boot sectors. You get a Master Boot Record virus in exactly the same manner you get a boot sector virus -- by leaving an infected diskette in a drive and rebooting the machine. When the boot sector program is read and executed, the virus goes into memory and infects the MBR of your hard drive. Again, because every disk has a boot sector, it is possible (and common) to infect a machine from a data disk. Multi-partite Viruses Multi-partite viruses are a combination of the viruses listed above. They will infect both files and MBRs or both files and boot sectors. These types of viruses are currently rare, but the number of cases is growing steadily.

d)   Macro Virus: - Pure data files cannot propagate viruses, but with extensive macro languages in some programs the line between a "data" file and executable file can easily become blurred to the average user. While text E-mail messages can't contain viruses they may have attachments that do and some E-mail programs will automatically load and run these. Don't let them. Finally, be careful of programs that use other programs for reading E-mail. This is the most common type of virus because it can be so easily created. Macros themselves can be very useful and save time and increase productivity. How ever as with most things they can also be used for bad as well. They are created in most software applications and can be programmed to do very harmful damage as well as the annoying types of damage. They are commonly sent via email and as a result cannot infect your machine until the email and its attachment are opened. Once opened the virus infects all documents created on that machine. They are also probably the most easily proliferated (spread) because so many people use the type of software in which these viruses are kept e.g. MS Word, Excel etc.

e)   Companion virus : - Companion viruses make use of a DOS quirk that runs COM files before EXE files. The companion virus infects your files by locating all files with names ending in EXE. The virus then creates a matching file name ending in COM that contains the viral code. Companion viruses were never particularly common and under Windows where specific files are associated with icons you likely won't see them. 

f)    Cluster Virus: - Cluster viruses change the directory so that when you try to run a program you first run the virus. This virus infects your files not by changing the file or planting extra files but by changing the DOS directory information so that directory entries point to the virus code instead of the actual program. When you run a program, DOS first load and execute the virus code, the virus then locates the actual program and executes it. The interesting thing about this type of virus is that even though every program on the disk may be "infected," because only the directory pointers are changed there is only one copy of the virus on the disk. 

g)   Batch File Virus: - Batch files can be used to transmit binary executable code and either is or drop viruses. These files are not often found, but it is possible to write a batch file that contains a virus. In most cases the batch file is used to drop a memory or disk virus, which then takes over when the computer is next, started. These don't always work, but it is interesting to briefly go over the design so you can possibly recognize this type of virus if you happen to see one. There are several batch file viruses, but each works in a manner similar to that described above. The labels and batch file instructions may differ; but the method of operation is similar. 

h)   Source code Virus: - Source code found on your system can be infected; usually by adding Trojan code to it. It is also possible to infect actual programming source code found on your computer. Source code comes in many forms because of the many different types of compilers and languages available. This is one reason why source code viruses are not particularly common. The other is that so few people actually write programs it becomes difficult for a source code-only virus to find victims to infect.

I)   Visual Basic Virus: - Visual Basic Script files can be used for malicious purposes particularly in the role of virus. 

Copyright © 2001 Selfonline-Education. All rights reserved.