How virus infect

Viruses are sometimes also categorized by how they infect.

* Polymorphic Viruses
* Stealth Viruses
* Armored Viruses
* Multipartite Viruses
* NTFS ADS Viruses
* Mutated viruses
* Macro viruses



Polymorphic Viruses:-
To confound virus scanning programs, virus writers created polymorphic viruses. These viruses are more difficult to detect by scanning because each copy of the virus looks different than the other copies. Polymorphic viruses change with each infection. They do this in an attempt to defeat scanners.

Stealth Viruses:-

A stealth virus hides the modifications it makes. It does this by taking over the system functions which read files or system sectors and, when some other program requests information from portions of the disk the virus has changed, the virus reports back the correct (unchanged) information instead of what's really there (the virus). Of course, the virus must be resident in memory and active to do this. A stealth virus takes over portions of the system to effectively hide the virus from examination.

Armored Viruses:-

Armored is a class that overlaps other classes of viruses; maybe multiple times.Basically, an armored virus uses special "tricks" designed to foil anti-virus researchers.An armored virus attempts to make disassembly difficult

Multipartite Virus:-

Some viruses can be all things to all machines. Depending on what needs to be infected, they can infect system sectors or they can infect files. These rather universal viruses are termed multipartite (multi-part).Sometimes the multipartite virus drops a system sector infector; other times a system sector infector might also infect files. Multipartite viruses have dual capabilities and typically infect both system sectors and files


NTFS ADS Viruses:-
The NT File System (NTFS) contains within it a system called Alternate Data Streams (ADS). This subsystem allows additional data to be linked to a file. The additional data, however, is not always apparent to the user. Windows Explorer and the DIRectory command do not show you the ADS; other file tools (e.g., COPY and MOVE) will recognize and process the attached ADS file
The ADS file is effectively hidden from view. The NT File System allows alternate data streams to exist attached to files but invisible to some normal file-handling utilities.
Viruses can exploit the NTFS ADS system in a variety of ways.

Mutated viruses:-
In reality, most viruses are clones, or more precisely "mutated viruses" — viruses which have been rewritten by other users in order to change their behavior or signature.

The fact that multiple versions of the same virus (called variants) exist makes dection all the more difficult, as antivirus software publishers then have to add these new signatures to their databases. 


Macro viruses:-
With the increase in programs which use macros, Microsoft has developed a shared script language which can be inserted into most types of documents which can contain macros. It's called VBScript, a subset of Visual Basic. These viruses are currently able to infect macros in Microsoft Office documents, meaning that such a virus can be placed within an ordinary Word or Excel document and run a portion of code when the file is opened, so that the virus can both spread into files and access the operating system (generally Windows) :The frequent appearance of Visual Basic scripts sent by email as attachments (marked by their extension .VBS) with an email subject encouraging the recipient to open the poisoned gift.
Once opened by a Microsoft email client, this "gift" can access the entire address book and self-propagate over the network. This kind of virus is called a worm. 








Other Threats:-
Viruses and worms get a lot of publicity, but they aren't the only threats to your computer's health. Malware is just another name for software that has an evil intent. Here are some common types of malware and what they might do to your infected computer:


malware:-
Most personal computers are now connected to the Internet and to local area networks, facilitating the spread of malicious code. Today's viruses may also take advantage of network services such as the World Wide Web, e-mail, Instant Messaging and file sharing systems to spread, blurring the line between viruses and worms. Furthermore, some sources use an alternative terminology in which a virus is any form of self-replicating malware.
Malicious programs can be divided into the following groups: worms, viruses, Trojans, hacker utilities and other malware. All of these are designed to damage the infected machine or other networked machines.

Adware : They puts ads up on your screen.

Spyware :They collects personal information about you, like your passwords or other information you type into your computer.

Hijackers : They turn your machine into a zombie computer.

Dialers : They force your computer to make phone calls. For example, one might call toll 900-numbers and run up your phone bill.
Reply With Quote