Stealth Viruses and Rootkits

A virus, by its nature, has to modify something in order to become active. This might be a file, the boot sector, or partition sector (Master Boot … [Read more...]

Fast and Slow Infectors

The term fast or slow when dealing with viruses pertains to how often and under what circumstances they spread the infection. Typically, a virus … [Read more...]

Sparse Infectors

In order to spread widely, a virus must attempt to avoid detection. To minimize the probability of its being discovered a virus could use any number … [Read more...]

Armored Viruses

Armored is a class that overlaps other classes of viruses; maybe multiple times. Basically, an armored virus uses special "tricks" designed to foil … [Read more...]

Multipartite Viruses

Some viruses can be all things to all machines. Depending on what needs to be infected, they can infect system sectors or they can infect files. These … [Read more...]

Spacefiller (Cavity) Viruses

Many viruses take the easy way out when infecting files; they simply attach themselves to the end of the file and then change the start of the program … [Read more...]

Tunneling Viruses

One method of virus detection is an interception program which sits in the background looking for specific actions that might signify the presence of … [Read more...]

Camouflage Viruses

You don't hear much about this type of virus. Fortunately it is rare and, because of the way anti-virus programs have evolved, is unlikely to occur in … [Read more...]

Metamorphic Viruses

Some viruses rewrite themselves completely each time they infect. These viruses are said to be metamorphic. As you might expect, the programming … [Read more...]

NTFS ADS Viruses

The NT File System (NTFS) contains within it a system called Alternate Data Streams (ADS). This subsystem allows additional data to be linked to a … [Read more...]