Common Types of Viruses Essay

âž ¢ Trojan Horses – A Trojan Horse are computer viruses that hide inside non-executable files such as compressed or document files and executable files and try to avoid detection by anti-virus programs such as Norton or McAfee. Trojan Horses usually appear to be useful computer files/programs such as computer game or data library. Famous Trojan Horse Programs o Back Orifice Latest Trojan Horses News o Trojan.Pgpcoder – unique new kind of threat – Install itself on vulnerable computer after user visit a certain website. âž ¢ Polymorphic Viruses A polymorphic virus is an encrypted virus that hides itself from anti-virus trough encrypted (scrambled) data and then decrypted itself to be able to spread trough the computer. The thing that makes it hard for anti-virus software to detect polymorphic viruses is that the virus generates an entirely new decryption routine each time it infects a new executable file making the virus signature different in each signature. âž ¢ Stealth Viruses A stealth virus hides the modifications made to file and boot records by modifying and forging the result of calls to function, therefore programs believe they are reading the original file and not the modified file. A good anti-virus software will probably detect stealth virus due to the fact that a stealth virus attempts to hide itself in memory when anti-virus software is launched. âž ¢ Slow Viruses A Slow virus is a difficult virus to detect due to the fact it only modifies and infects files when they are been modified and copied. Therefore the original file will not be infected by the actual copied file. A good way to protect yourself against slow viruses is by using an integrity checker or shell. âž ¢ Retro Viruses A Retro virus attacks the anti-virus software designed to delete it. The retro virus usually attempts to attack the anti-virus data files such as the virus signature store which disable the ability of the anti-virus software to detect and delete viruses. Otherwise the retro virus attempts to alter the operation of the anti-virus software. âž ¢ Multipartite Viruses A multipartite virus attempts to attack and infect both the boot sector and executable files at the same time. âž ¢ Armored Viruses An Armored virus attempts to protect itself from anti-virus software by trying to make anti-virus software believe it is located somewhere else. Therefore the Armored virus has made itself more difficult to0 trace, disassemble and understand. âž ¢ Companion Viruses A Companion virus creates a companion file for each executable file the virus infects. Therefore a companion virus may save itself as scandisk.com and every time a user executes scandisk.exe, the computer will load scandisk.com and therefore infects the system. âž ¢ Phage Viruses A Phage virus is a very destructive virus that re-writes an executable program with it’s own code, rather than just attaching itself to a file. Therefore a Page virus will usually attempt to delete or destroy every program it infects. âž ¢ Revisiting Viruses A Revisiting virus is a worm virus and attempts to copy itself within the computers memory and then copy itself to another linked computer using TCP/IP protocols. The Morris worm virus in the late 1980’s was the first major virus threat to hit the Internet.