Results 1 to 8 of 8

Thread: Virus Types

  1. #1
    Senior Member
    Join Date
    Oct 2001
    Posts
    484

    Virus Types

    While most computer-literate people know computer viruses, they may not be aware of all the types. And this is especially true of some newbies. So here goes.


    From the Hackers.com FAQ. Compiled by Liquid Ch@os.

    Kinds of Viruses

    Viruses
    A virus is a program that infects a computers files and copies
    itself to them. Thus damaging the file. Most common viruses
    infect .COM or .EXE file extensions and corrupts them, rendering
    the program useless and/or infecting other files when run. Viruses
    are commonly recieved thru email and downloaded programs.
    Email viruses (depending on what you use for your mail) can access
    your address book and forward itself on to the people on the
    list, without the users knowledge.

    Trojans
    Trojans are programs that do something which the writer means
    it to do that the user does not know about. These programs can
    be attached to another program so when the original program (that
    which may be any common good program people will use) is run
    the trojan virus will be installed. These range in the way of invisible keyloggers to the common trojans like NetBus, Sub7,
    and Back Orfice. There are amny kinds of trojans out there.
    Some can damage your computer, some will allow others access
    to your files, and some are there but dont do to much. But at
    any rate these can be malicious and are in many cases can be
    as bad as a virus that can destroy your computer. The common
    names for these viruses unattached from another program is "patch"
    and "server" alltho they may have other names as well
    depending on what it has been changed to.

    Worms
    Worms are programs that replicate over and over using up system
    resources and/or clowing down the computer. These include "resource
    hoggers" and "HDD fillers" (hard drive fillers).
    These programs may produce thousands of smaller files in a folder
    deep in the hard drive and keep making them until the hard drive
    is full. As well as using up resources of the computer. These
    little programs are hard to find. Due to having to find the
    original virus to stop the damage being done. There are other
    kinds of worms as well. Different ones depending on the writers
    needs.

    How Viruses Work

    Stealth Viruses
    A stealth virus is one which hides the modifications it has made
    in the file or boot record, usually by monitoring the system
    functions used by programs to read files or physical blocks from
    storage media, and forging the results of such system functions
    so that programs which try to read these areas see the original
    uninfected form of the file instead of the actual infected form.
    Thus the viral modifications go undetected by anti-viral programs.
    However, in order to do this, the virus must be resident in
    memory when the anti-viral program is executed.

    Polymorphic Viruses
    A polymorphic virus is one which produces varied (yet fully operational)
    copies of itself, in the hope that virus scanners will not be
    able to detect all instances of the virus.These viruses are hard
    to detect because of their constant change. Most viruses scanners
    will detect the original but not the newer versions of the virus
    all the time.

    Slow Infector
    A slow infector is a virus that which runs in the memory and
    infects programs that are modified or created. This is to fool
    many programs that check for modifications in programs for the
    virus hides what it has done.

    Fast Infector
    A fast infector is a virus which, when it is active in memory,
    infects not only programs which are executed, but even those
    which are merely opened. The result is that if such a virus
    is in memory, running a scanner can result in all (or at least
    many) programs becoming infected all at once.

    Sparse Infector
    A sparse infector virus will only infect a file occasionaly.
    These will count however many programs it was designed to count
    then infect and so on. Making it harder to track down the orginal
    source of the virus. These are hard to find due to the originaly
    has to be found thru many infected files that could be the original.

    Boot Sector Infector
    A BSI is a virus that attacks the computer on boot. Sometimes
    halting the boot procedure alltogether and/or damaging boot files
    making the system either unstable and crash on startup or not
    able to start at all. These are some of the worst viruses to
    get because once infected you are unable to run system virus scans thru the OS.

    Companion Virus
    A companion virus modifies a file so that when it is run
    it runs a seperate program as well. (Many trojans work as this
    kind of virus) When the original file is run the virus is run
    instead of the original program. Once the virus is done, which
    is commonly fast enough to go unnoticed, the original program
    will start. The user will normaly have no clue as to anything
    was happening they did not know about.

    Armored Virus
    An armored virus will use different things to stop the user from
    deleting, editing, tracing, and more. These can sometimes be
    deleted by virus scanners but not always.

    Virus Security

    Virus Scanners
    Virus scanners are the number one way to keep viruses off
    your system. There are hundreds of different scanners available.
    There are a few companies who keep up with them. (we all know
    who they are) So here is what you should do to keep them updated
    and working properly.
    Always watch their website, they often have info on the latest
    bad viruses out and updates for your scanner. Also keep up monthly/weekly
    with your updates of your scanner. This will drastically reduce
    your vulnerability towards most the common viruses out. Another
    tip is when you hear of another big virus out, manualy update your scanner. Most the good scanners available have auto and
    manual update programs on your computer.

    Firewalls
    Firewalls are very good protection for personal computers. Some
    of them will block against viruses and most will, or have the
    ability, to block trojan viruses. As with scanners there are
    many to choose from. It is the users personal preference on
    what they want to use. Firewalls provide good protection towards
    more than viruses/trojans as well. They will protect your whole
    computer from many kinds of other "cracking" attacks.
    They watch over your computer and watch open ports on your system
    for incoming data and either let it pass or block it depending
    on what the user wants. They work as nets, allowing what the
    user wants to go thru and blocking what the user does not want
    to go thru.
    Why am I still here?

  2. #2

    Basic definatons of Virus,Trojans,worms

    Viruses, Trojans, and Worms


    Just in case some of you are interested, here are the definitions for Viruses, Trojans, and Worms. These definitions were taken from the alt.2600 hack faq.

    Trojan:

    "Remember the Trojan Horse? Bad guys hid inside it until they could get into the city to do their evil deed. A Trojan computer program is similiar. It is a program which does an unauthorized function, hidden inside an authorized program. It does something other than it claims to do, usually something malicious (although not necessarily!), and it is intended by the author to do whatever it does. If it is not intentional, it is called a bug or, in some cases, a feature Some Virus scanning programs detect some Trojans. Some scanning programs don't detect any Trojans. No Virus scanners detect all Trojans."

    Virus:

    "A Virus is an independent program which reproduces itself. It may attach itself to other programs, it may create copies of itself (as in companion Viruses). It may damage or corrupt data, change data, or degrade the performance of your system by utilizing resources such as memory or disk space. Some Viruse scanners detect some Viruses. No Virus scanners detect all Viruses. No Virus scanner can protect against any and all Viruses, known and unknown, now and forevermore."

    Worm:

    "Made famous by Robert Morris, Jr., Worms are programs which reproduce by copying themselves over and over, system to system, using up resources and sometimes slowing down the system. They are self contained and use the networks to spread, in much the same way that Viruses use files to spread. Some people say the solution to Viruses and worms is to just not have any files or networks. They are probably correct. We could include computers."

  3. #3
    Senior Member
    Join Date
    Jan 2002
    Posts
    1,207
    Alcatraz... when you say

    Viruses...

    Email viruses (depending on what you use for your mail) can access
    your address book and forward itself on to the people on the
    list, without the users knowledge.

    Surely if they do that, it makes them into worms.

    I suppose there's nothing which says a virus can't also be a worm

    it's a fine line

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    734

    Re: Virus Types

    Polymorphic Viruses
    A polymorphic virus is one which produces varied (yet fully operational)
    copies of itself, in the hope that virus scanners will not be
    able to detect all instances of the virus.These viruses are hard
    to detect because of their constant change. Most viruses scanners
    will detect the original but not the newer versions of the virus
    all the time.
    I hate those biatches

  5. #5
    the line between worms are viruses seem very fine,(to me at least )and i have noticed some people seem to use the 2 interchangably...
    i dont know why i felt the need to say that ,but oh well its too late now..hahaha
    captain obvious awaaaay!!!
    *flys away to next post*

  6. #6
    Senior Member
    Join Date
    Apr 2002
    Posts
    366
    A good post for those that get confused.
    Polymorphic Viruses
    A polymorphic virus is one which produces varied (yet fully operational)
    copies of itself, in the hope that virus scanners will not be
    able to detect all instances of the virus.These viruses are hard
    to detect because of their constant change. Most viruses scanners
    will detect the original but not the newer versions of the virus
    all the time.

    I hate those biatches
    I agree with that

  7. #7
    Senior Member
    Join Date
    Jul 2002
    Location
    Texas
    Posts
    168
    Overwriting Viruses
    A virus that will write its code into the target program. This virus replaces existing code with its own code, leading to damaged or corrupted files. Other versions just replace NUL strings so as to not damage or corrupt the target.

    Multipartite Viruses
    A mulitpartite virus is a type of viral hybrid. They have the ability to infect more than one type of target (boot sectors and files), or can spread in two different ways (as a worm or file virus).

    Macro/Script Viruses
    These types of viruses carry their own source code and do not need to be compiled, because they are interpreted by an appropriate application. The difference between a macro virus and script virus lies in what file extension it is found in. If it's buried in a .doc or .xls file, it's a macro; if it comes as a .vbs attachment in a email, it's a script.
    <chsh> I've read more interesting technical discussion on the wall of a public bathroom than I have at AO at times

  8. #8

    Post Their Origin

    Viruses, Trojans, and Worms


    Their Origin

    Trojan:

    "Remember the Trojan Horse? Bad guys hid inside it until they could get into the city to do their evil deed. A Trojan computer program is similiar. It is a program which does an unauthorized function, hidden inside an authorized program. It does something other than it claims to do, usually something malicious (although not necessarily!), and it is intended by the author to do whatever it does. If it is not intentional, it is called a bug or, in some cases, a feature Some Virus scanning programs detect some Trojans. Some scanning programs don't detect any Trojans. No Virus scanners detect all Trojans."

    Virus:

    "A Virus is an independent program which reproduces itself. It may attach itself to other programs, it may create copies of itself (as in companion Viruses). It may damage or corrupt data, change data, or degrade the performance of your system by utilizing resources such as memory or disk space. Some Viruse scanners detect some Viruses. No Virus scanners detect all Viruses. No Virus scanner can protect against any and all Viruses, known and unknown, now and forevermore."

    Worm:

    "Made famous by Robert Morris, Jr., Worms are programs which reproduce by copying themselves over and over, system to system, using up resources and sometimes slowing down the system. They are self contained and use the networks to spread, in much the same way that Viruses use files to spread. Some people say the solution to Viruses and worms is to just not have any files or networks. They are probably correct. We could include computers."

    Bingo!!

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •