While most computer-literate people know computer viruses, they may not be aware of all the types. And this is especially true of some newbies. So here goes.


From the Hackers.com FAQ. Compiled by Liquid Ch@os.

Kinds of Viruses

Viruses
A virus is a program that infects a computers files and copies
itself to them. Thus damaging the file. Most common viruses
infect .COM or .EXE file extensions and corrupts them, rendering
the program useless and/or infecting other files when run. Viruses
are commonly recieved thru email and downloaded programs.
Email viruses (depending on what you use for your mail) can access
your address book and forward itself on to the people on the
list, without the users knowledge.

Trojans
Trojans are programs that do something which the writer means
it to do that the user does not know about. These programs can
be attached to another program so when the original program (that
which may be any common good program people will use) is run
the trojan virus will be installed. These range in the way of invisible keyloggers to the common trojans like NetBus, Sub7,
and Back Orfice. There are amny kinds of trojans out there.
Some can damage your computer, some will allow others access
to your files, and some are there but dont do to much. But at
any rate these can be malicious and are in many cases can be
as bad as a virus that can destroy your computer. The common
names for these viruses unattached from another program is "patch"
and "server" alltho they may have other names as well
depending on what it has been changed to.

Worms
Worms are programs that replicate over and over using up system
resources and/or clowing down the computer. These include "resource
hoggers" and "HDD fillers" (hard drive fillers).
These programs may produce thousands of smaller files in a folder
deep in the hard drive and keep making them until the hard drive
is full. As well as using up resources of the computer. These
little programs are hard to find. Due to having to find the
original virus to stop the damage being done. There are other
kinds of worms as well. Different ones depending on the writers
needs.

How Viruses Work

Stealth Viruses
A stealth virus is one which hides the modifications it has made
in the file or boot record, usually by monitoring the system
functions used by programs to read files or physical blocks from
storage media, and forging the results of such system functions
so that programs which try to read these areas see the original
uninfected form of the file instead of the actual infected form.
Thus the viral modifications go undetected by anti-viral programs.
However, in order to do this, the virus must be resident in
memory when the anti-viral program is executed.

Polymorphic Viruses
A polymorphic virus is one which produces varied (yet fully operational)
copies of itself, in the hope that virus scanners will not be
able to detect all instances of the virus.These viruses are hard
to detect because of their constant change. Most viruses scanners
will detect the original but not the newer versions of the virus
all the time.

Slow Infector
A slow infector is a virus that which runs in the memory and
infects programs that are modified or created. This is to fool
many programs that check for modifications in programs for the
virus hides what it has done.

Fast Infector
A fast infector is a virus which, when it is active in memory,
infects not only programs which are executed, but even those
which are merely opened. The result is that if such a virus
is in memory, running a scanner can result in all (or at least
many) programs becoming infected all at once.

Sparse Infector
A sparse infector virus will only infect a file occasionaly.
These will count however many programs it was designed to count
then infect and so on. Making it harder to track down the orginal
source of the virus. These are hard to find due to the originaly
has to be found thru many infected files that could be the original.

Boot Sector Infector
A BSI is a virus that attacks the computer on boot. Sometimes
halting the boot procedure alltogether and/or damaging boot files
making the system either unstable and crash on startup or not
able to start at all. These are some of the worst viruses to
get because once infected you are unable to run system virus scans thru the OS.

Companion Virus
A companion virus modifies a file so that when it is run
it runs a seperate program as well. (Many trojans work as this
kind of virus) When the original file is run the virus is run
instead of the original program. Once the virus is done, which
is commonly fast enough to go unnoticed, the original program
will start. The user will normaly have no clue as to anything
was happening they did not know about.

Armored Virus
An armored virus will use different things to stop the user from
deleting, editing, tracing, and more. These can sometimes be
deleted by virus scanners but not always.

Virus Security

Virus Scanners
Virus scanners are the number one way to keep viruses off
your system. There are hundreds of different scanners available.
There are a few companies who keep up with them. (we all know
who they are) So here is what you should do to keep them updated
and working properly.
Always watch their website, they often have info on the latest
bad viruses out and updates for your scanner. Also keep up monthly/weekly
with your updates of your scanner. This will drastically reduce
your vulnerability towards most the common viruses out. Another
tip is when you hear of another big virus out, manualy update your scanner. Most the good scanners available have auto and
manual update programs on your computer.

Firewalls
Firewalls are very good protection for personal computers. Some
of them will block against viruses and most will, or have the
ability, to block trojan viruses. As with scanners there are
many to choose from. It is the users personal preference on
what they want to use. Firewalls provide good protection towards
more than viruses/trojans as well. They will protect your whole
computer from many kinds of other "cracking" attacks.
They watch over your computer and watch open ports on your system
for incoming data and either let it pass or block it depending
on what the user wants. They work as nets, allowing what the
user wants to go thru and blocking what the user does not want
to go thru.