Question:
Help! What are the most common computer viruses?
Becca
2009-09-09 11:38:16 UTC
My homework is to find out what the basic computer viruses are and what damage they cause. By the way can I have the most general names for them? Thank you sooo much!
By the way I will give the best answer 10 points!!! x
Four answers:
' slimRazor '
2009-09-09 11:59:51 UTC
1). Macro virus - this type of virus usually comes as part of a document or spreadsheet, often in email. Microsoft provides a version of Visual BASIC in its Office product, (for example, in Word and Excel) to allow users to write custom routines. These routines are called macros. Many of the current macro viruses are written in this language and attached to Word documents. This capability is powerful, but allows viruses to be written and executed much more easily than by using other methods. Microsoft applications now have a feature called "Macro Virus Protection," enabled by default that asks the user before automatically executing macros. The Melissa and ILOVEYOU viruses are examples of macro viruses.



2). Boot sector virus - this type of virus overwrites the boot sector on your hard drive or floppy drive. The boot sector holds information necessary for your PC to boot up, so the virus effectively disables your PC. Although floppy disk usage is diminishing, they are still the most common means by which these viruses spread. Boot sector viruses can also infect drives formatted with the NTFS file system. Examples of boot sector viruses are F-Prot and AVP (Kaspersky). There are similar viruses called Master Boot Record (MBR) viruses, which infect the MBR. Examples of these viruses are NYB, AntiExe, and Unashamed.



3). File infector virus - this type of virus attaches itself to executables, for example .com and .exe files. The virus spreads when the program is run, loading itself into memory and/or attaching itself to other programs on your system. It usually spreads to other computers when infected programs are shared. Examples of known file infectors include the Jerusalem and Cascade viruses.



4.) Stealth virus - this type of virus tries to fool antivirus software by catching its requests to the operating system (asking to open a file, for example). In this way, the stealth virus can provide its own clean version of the file to the antivirus software. The best way to defeat this type of virus is to boot from a known clean disk. The FRODO or 4096 virus is an example of a stealth virus, hiding changes in the file size of infected files, to try and avoid detection.



5). Self-modifying virus - this type of virus was designed to avoid detection by antivirus software by changing itself internally. There are two types of self-modifying viruses:



Polymorphic virus - a polymorphic virus infects files with modified (usually encrypted) operational versions of itself, which it decrypts before executing. The virus and the decryption module are both modified on each execution, thus making it difficult to detect. The "Dark Avenger's Mutation Engine" (also known as MTE or DAME) has been released by virus writers to add this capability to any virus, but is now detectable by most antivirus tools.



Metamorphic virus - a metamorphic virus rewrites itself completely each time it infects a new executable. This strategy requires the virus to include a metamorphic engine, making it large and complex, but also very difficult to detect. An example of a metamorphic virus is Win95.Zmist.A.
Gabriel
2016-08-29 12:58:02 UTC
2
Indre
2009-09-09 11:46:22 UTC
Polymorphic Viruses

A polymorphic virus is an encrypted virus that hides itself from anti-virus through encrypted (scrambled) data and then decrypts itself to beable to spread through the computer. The thing that makes it hard for anti-virus software to detect polymorphic viruses is that the virus generates an entirely new decryption routine each time it infects a new executable file, making the virus signature different in each signature.

Stealth Viruses

A Stealth virus hides the modifications made to files and boot records by modifying and forging the results of calls to functions, therefore programs believe they are reading the original file and not the modified file. A good anti-virus software will probably detect a stealth virus due to the fact that a stealth virus attempts to hide itself in memory when a anti-virus software is launched.

Slow Viruses

A Slow virus is a difficult virus to detect due to the fact it only modifies and infects files when they have been modified or copied. Therefore the original file will not be infected by the actual copied file. A good way to protect yourself against slow viruses is by using an integrity checker or shell.

Retro Viruses

A Retro virus attacks the anti-virus software designed to delete it. The retro virus usually attempts to attack the anti-virus data files such as the virus signature store which disables the ability of the anti-virus software to detect and delete viruses. Otherwise the retro virus attempts to alter the operation of the anti-virus software.

Multipartite Viruses

A Multipartite virus attempts to attack and infect both the boot sector and execuatble files at the same time.

Armored Viruses

A Armored virus attempts to protect itself from anti-virus soaftware by trying to make anti-virus software believe it is located somewhere else. Therefore the Armored virus has made itself more difficult to trace, disassemble and understand.

Companion Viruses

A Companion virus creates a companion file for each execuable file the virus infects. Therefore a companion virus may save itself as scandisk.com and everytime a user executes scandisk.exe, the computer will load scandisk.com and therefore infect the system.

Phage Viruses

A Phage virus is a very destructive virus that re-writes a executable program with it's own code, rather than just attaching itself to a file. Therefore a Phage virus will usually attempt to delete or destroy every program it infects.

Revisiting Viruses

A Revisiting virus is a worm virus and attempts to copy itself within the computers memory and then copy itself to another linked computer using TCP/IP protocols. The Morris Worm virus in the late 1980's was the first major virus threat to hit the Internet.



;)
2009-09-09 11:46:53 UTC
You can see the current listings at websites such as http://vil.mcafee.com/topVirus.asp



http://www.sophos.com/security/analyses/viruses-and-spyware/



and others



The Microsoft Windows Malicious Software Removal Tool which is issued as part of the monthly Windows Updates addresses many of the most common ones, and you can find a list of them at http://www.microsoft.com/security/malwareremove/families.aspx



Regards http://crossloop.com/NigelBurton


This content was originally posted on Y! Answers, a Q&A website that shut down in 2021.
Loading...