Memory Resident virus
These viruses fix themselves in the computer memory and get activated whenever the OS runs and infects all the files that are then opened.
This type of virus hides in the RAM and stays there even after the malicious code is executed. It gets control over the system memory and allocate memory blocks through which it runs its own code, and executes the code when any function is executed. It can corrupt files and programs that are opened, closed, copied, renamed, etc.
Direct Action Viruses
The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that are specified in the AUTOEXEC.BAT file path. This batch file is always located in the root directory of the hard disk and carries out certain operations when the computer is booted.
FindFirst/FindNext technique is used where the code selects a few files as its victims. It also infects the external devices like pen drives or hard disks by copying itself on them.
Overwrite Viruses
A virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected. The virus replaces the file content. However, it does not change the file size.
Boot Sector Virus
This type of virus affects the boot sector of a hard disk. This is a crucial part of the disk, in which information of the disk itself is stored along with a program that makes it possible to boot (start) the computer from the disk. This type of virus is also called Master Boot Sector Virus or Master Boot Record Virus.
It hides in the memory until DOS accesses the floppy disk, and whichever boot data is accessed, the virus infects it.
Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros, like .doc, .xls, .pps, .mdb, etc. These mini-programs make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one. These viruses automatically infect the file that contains macros, and also infects the templates and documents that the file contains. It is referred to as a type of e-mail virus. These hide in documents that are shared via e-mail or networks.
Directory Virus
Directory viruses (also called Cluster Virus/File System Virus) infect the directory of your computer by changing the path that indicates the location of a file. When you execute a program file with an extension .EXE or .COM that has been infected by a virus, you are unknowingly running the virus program, while the original file and program is previously moved by the virus. Once infected, it becomes impossible to locate the original files.
It is usually located in only one location of the disk, but infects the entire program in the directory.
Polymorphic Virus
Polymorphic viruses encrypt or encode themselves in a different way (using different algorithms and encryption keys) every time they infect a system. This makes it impossible for antivirus software to find them using string or signature searches (because they are different in each encryption). The virus then goes on to create a large number of copies.
Companion Viruses
Companion viruses can be considered as a type of file infector virus, like resident or direct action types. They are known as companion viruses because once they get into the system they 'accompany' the other files that already exist. In other words, to carry out their infection routines, companion viruses can wait in memory until a program is run (resident virus), or act immediately by making copies of themselves (direct action virus).
These generally use the same filename and create a different extension of it. For example: If there is a file "Me.exe", the virus creates another file named "Me.com" and hides in the new file. When the system calls the filename "Me", the ".com" file gets executed (as ".com" has higher priority than ".exe"), thus infecting the system.
FAT Virus
The file allocation table (FAT) is the part of a disk used to store all the information about the location of files, available space, unusable space, etc.
FAT virus attacks the FAT section and may damage crucial information. It can be especially dangerous as it prevents access to certain sections of the disk where important files are stored. Damage caused can result in loss of information from individual files or even entire directories.
Multipartite Virus
These viruses spread in multiple ways possible. It may vary in its action depending upon the operating system installed and the presence of certain files. In the initial phase, these viruses tend to hide in the memory as the resident viruses do; then they infect the hard disk.
.
Web Scripting Virus
Many web pages include complex codes in order to create an interesting and interactive content. This code is often exploited to bring about certain undesirable actions. The main sources of web scripting viruses are the web browsers or infected web pages.
File Deleting Viruses:
A File Deleting Virus is designed to delete critical files which are the part of Operating System or data files.
Mass Mailer Viruses:
Mass Mailer Viruses search e-mail programs like MS outlook for e-mail addresses which are stored in the address book and replicate by e-mailing themselves to the addresses stored in the address book of the e-mail program.
Armored Viruses:
Armored Viruses are type of viruses that are designed and written to make itself difficult to detect or analyze. An Armored Virus may also have the ability to protect itself from antivirus programs, making it more difficult to disinfect.
Stealth viruses:
Stealth viruses have the capability to hide from operating system or anti-virus software by making changes to file sizes or directory structure. Stealth viruses are anti-heuristic nature which helps them to hide from heuristic detection.
Retrovirus
Retrovirus is another type virus which tries to attack and disable the anti-virus application running on the computer. A retrovirus can be considered anti-antivirus. Some Retroviruses attack the anti-virus application and stop it from running or some other destroys the virus definition database.Multiplt characteristic viruses
Multiple Characteristic viruses have different characteristic and different capapilities..