Common Types Of PC viruses

Posted on: May 11, 2011

There are two main classes of viruses.

  • The first class consists of the FILE INFECTORS which attach themselves to ordinary program files. These usually infect arbitrary COM and/or EXE programs, though some can infect any program for which execution or interpretation is requested, such as SYS, OVL, OBJ, PRG, MNU and BAT files.
  • There is also at least one PC virus that “infects” source code files by inserting code into C language source files that replicates the virus’s function in any executable that is produced from the infected source code files.
  • File infectors can be either DIRECT-ACTION or RESIDENT.
  • A direct-action virus or non-resident selects one or more programs to infect each time a program infected by it is executed. e.g vienna virus
  •  A resident virus installs itself somewhere in memory (RAM) the first time an infected program is executed, and thereafter infects other programs when *they* are executed.

The second main category of viruses is SYSTEM or BOOT-RECORD


These viruses infect executable code found in certain system areas on a disk. On PCs there are ordinary boot-sector viruses, which infect only the DOS boot sector, and MBR viruses which infect the Master Boot Record on fixed disks and the DOS boot sector on diskettes. Examples include Brain, Stoned, Empire, Azusa and
Michelangelo. All common boot sector and MBR viruses are memory resident. These are often called “MULTIPARTITE” and another name is “BOOT-AND-FILE” virus.

Distinct classes of virus:

  • FILE SYSTEM or CLUSTER viruses (e.g. Dir-II) are those that modify directory table entries so that the virus is loaded and executed before the desired program is. The program itself is not physically altered, only the directory entry of the program file is.
  • LINK virus is another term occasionally used for these viruses, though it should be avoided, as “link virus” is commonly used in the Amiga world to mean “file infecting virus.”
  • KERNEL viruses target specific features of the programs that contain the “core”(or “kernel”) of an operating system

