Jump to content

Comparison of computer viruses: Difference between revisions

From Wikipedia, the free encyclopedia
Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
make first sentence the second sentence, put title of article in bold in new first sentence
Tag: section blanking
Line 5: Line 5:
== Scope ==
== Scope ==
In terms of scope, there are two major variants: the list of "in-the-wild" viruses, which list viruses in active circulation, and lists of all known viruses, which also contain viruses believed not be in active circulation (also called "zoo viruses"). The sizes are vastly different, in-the-wild lists contain a hundred viruses but full lists contain tens of q.
In terms of scope, there are two major variants: the list of "in-the-wild" viruses, which list viruses in active circulation, and lists of all known viruses, which also contain viruses believed not be in active circulation (also called "zoo viruses"). The sizes are vastly different, in-the-wild lists contain a hundred viruses but full lists contain tens of q.

== List of viruses and related programs ==

{|style="border: 1px #aaaaaa solid; background-color:#f7f8ff"
|align=center bgcolor="#CCCCCC"|Name
|align=center bgcolor="#CCCCCC"|Alias(es)
|align=center bgcolor="#CCCCCC"|types
|align=center bgcolor="#CCCCCC"|Subtype
|align=center bgcolor="#CCCCCC"|Isolation Date
|align=center bgcolor="#CCCCCC"|Isolation
|align=center bgcolor="#CCCCCC"|Origin
|align=ceter bgcolor="#CCCCCC"|Author
|align=center bgcolor="#CCCCCC"|Notes
|-
|[[1260 (computer virus)|1260]]
|V2Px
|[[MS-DOS]]
|[[polymorphic code|Polymorphic]]
|1990
|
|
||
|First virus to use [[polymorphic code|polymorphic encryption]]
|-
|[[4K (computer virus)|4K]]
|4096
|[[MS-DOS]]
|
|1990-01
|
|
|
|The first virus to use stealth
|-
|[[5lo]]
|
|[[MS-DOS]]
|
|1992-10
|
|
|
|Infects .EXE files only
|-
|[[A and A (computer virus)|A and A]]
|
|[[MS-DOS]]<br>[[Windows|Windows 95/98]]
|
|
|
|
|
|
|-
|[[Abraxas (computer virus)|Abraxas]]
|Abraxas5
|[[MS-DOS]]<br>[[Windows|Windows 95/98]]
|
|1993-04
|Europe
|
|ARCV group
|Infects [[COM file]]. Disk directory listing will be set to the system date and time when infection occurred.
|-
|[[Acid (computer virus)|Acid]]
|Acid.670, Acid.670a, Avatar.Acid.670, Keeper.Acid.670
|[[MS-DOS]]<br>[[Windows|Windows 95/98]]
|
|1992
|
|
|Corp-$MZU
|Infects [[COM file]]. Disk directory listing will not be altered.
|-
|[[Acme (computer virus)|Acme]]
|
|DOS ([[Windows 95]] [[MS-DOS]])
|
|
|
|
|
|Upon executing infected [[EXE]], this infects another EXE in current directory by making a hidden [[COM file]] with same base name.
|-
|[[ABC (computer virus)|ABC]]
|ABC-2378, ABC.2378, ABC.2905
|[[MS-DOS]]
|
|1992-10
|
|
|
|ABC causes keystrokes on the compromised machine to be repeated.
|-
|[[Actifed (computer virus)|Actifed]]
|
|[[MS-DOS]]
|
|
|
|
|
|
|-
|[[Ada (computer virus)|Ada]]
|
|[[MS-DOS]]
|
|1991-10
|
|Argentina
|
|The Ada virus mainly targets .COM files, specifically COMMAND.COM.
|-
|[[Agena (computer virus)|Agena]]
|Agena.723
|[[MS-DOS]]
|
|1992-09
|Spain
|
|
|Infected programs will have a file length increase of 723 to 738 bytes
|-
|[[AGI-Plan (computer virus)|AGI-Plan]]
|Month 4-6
|[[MS-DOS]]
|
|
|Mülheim an der Ruhr, Germany
|
|
|AGI-Plan is notable for reappearing in South Africa in what appeared to be an intentional re-release.
|-
|[[Ah (computer virus)|Ah]]
|David-1173, Tuesday
|[[MS-DOS]]
|
|1991-05
|Italy
|
|
|Systems infected with Ah will experience frequent system hangs.
|-
|[[AI (computer virus)|AI]]
|
|[[MS-DOS]]
|
|
|
|
|
|
|-
|[[AIDS (computer virus)|AIDS]]
|AIDSB, Hahaha, Taunt
|[[MS-DOS]]
|
|1990
|
|
|Dr. Joseph Popp
|AIDS is the first virus known to exploit the MS-DOS "corresponding file" vulnerability.
|-
|[[AIDS II (computer virus)|AIDS II]]
|
|
|
|
|
|
|
|
|-
|[[AirCop (computer virus)|AirCop]]
|Air cop-B, Red State
|[[MS-DOS]]
|
|1990-01
|
|
|
|Infects the boot sector of floppy disks.
|-
|[[Alabama (computer virus)|Alabama]]
|Alabama.B
|[[MS-DOS]]
|
|1989-10
|
|[[Hebrew University]], Jerusalem
|
|Files infected by Alabama increase in size by 1,560 bytes.
|-
|[[Alcon (computer virus)|Alcon]]
|RSY, Kendesm, Ken&Desmond, Ether
|[[MS-DOS]]
|
|1997-12
|
|
|
|Overwrites random information on disk causing damage over time.
|-
|[[Ambulance (computer virus)|Ambulance]]
|
|
|
|
|
|
|
|
|-
|[[Anna Kournikova (computer virus)|Anna Kournikova]]
|
|Email<br/>[[VBScript]]
|
|2001-02-11
|
|Sneek, Netherlands
|Jan de Wit
|A Dutch court stated that US$166,000 in damages was caused by the worm.
|-
|[[AntiCMOS (computer virus)|AntiCMOS]]
|
|
|
|
|
|
|
|Due a bug in the virus code, the virus fails to erase [[CMOS]] information as intended.
|-
|[[ARCV-n (computer virus)|ARCV-n]]
|
|[[MS-DOS]]
|
|1992-10/1992-11
|
|England, United Kingdom
|ARCV Group
|ARCV-n is a term for a large family of viruses written by the ARCV group.
|-
|[[Bomber (computer virus)|Bomber]]
|CommanderBomber
|[[MS-DOS]]
|
|
|
|Bulgaria
|
|[[Polymorphic code|Polymorphic]] virus which infects systems by inserting fragments of its code randomly into executable files.
|-
|[[Brain (computer virus)|Brain]]
|[[Pakistani flu]]
|
|
|1986-01
|
|[[Lahore]], [[Pakistan]]
|[[Basit Farooq Alvi|Basit]] and [[Amjad Farooq Alvi]]
|Considered to be the first [[computer virus]] for the [[Personal computer|PC]]
|-
|[[Byte Bandit]]
|
|Amiga, Bootsector virus
|
|1988-01
|
|
|[[Swiss Cracking Association]]
|It was one of the most feared Amiga viruses until the infamous Lamer Exterminator.
|-
|[[Christmas Tree (computer virus)|Christmas Tree]]
|
|
|
|
|
|
|
|
|-
|[[Commwarrior (computer virus)|Commwarrior]]
|
|[[Symbian]] [[Bluetooth]] worm
|
|
|
|
|
|Famous for being the first worm to spread via MSS and Bluetooth.
|-
|[[Creeper (program)|Creeper]]
|
|TENEX operating system
|
|1971
|
|
|Bob Thomas
|An experimental self-replicating program which gained access via the ARPANET and copied itself to the remote system.
|-
|[[Eliza (computer virus)|Eliza]]
|
|[[MS-DOS]]
|
|1991-12
|
|
|
|
|-
|[[Elk Cloner (computer virus)|Elk Cloner]]
|
|[[Apple II]]
|
|1982
|Mt. Lebanon, Pennsylvania, United States
|Mt. Lebanon, Pennsylvania, United States
|Rich Skrenta
|The first virus observed "in the wild"
|-
|[[Graybird]]
|Graybird P
|
|
|
|
|
|
|
|-
|[[Hare (computer virus)|Hare]]
|
|[[MS-DOS]]<br>[[Windows 95]], [[Windows 98]]
|
|1996-08
|
|
|
|Famous for press coverage which blew its destructiveness out of proportion
|-
|[[ILOVEYOU (computer virus)|ILOVEYOU]]
|
|
|
|2000-05-05
|
|[[Manila]], [[Philippines]]
|Reomel Ramores, Onel de Guzman
|A computer worm that attacked tens of millions of [[Windows]] personal computers
|-
|[[INIT 1984 (computer virus)|INIT 1984]]
|
|Mac OS
|
|1992-03-13
|
|
|
|Malicious, triggered on Friday the 13th. Shows a message "fuck this PC."
|-
|[[Jeefo (computer virus)|Jeefo]]
|
|
|
|
|
|
|
|
|-
|[[Jerusalem (computer virus)|Jerusalem]]
|
|DOS
|
|1987-10
|
|
|
|Jerusalem was initially very common and spawned a large number of variants.
|-
|[[Kama Sutra (computer worm)|Kama Sutra]]
|Blackworm, Nyxem, and Blackmal
|
|
|2006-01-16
|
|
|
|Designed to destroy common files such as Microsoft Word, Excel, and PowerPoint documents.
|-
|[[KoKo (computer virus)|Koko]]
|
|[[DOS]]
|
|1991-03
|
|
|
|The payload of this virus activates on July 29 and February 15 and may erase data on the users hard drive
|-
|[[Lamer Exterminator (computer virus)|Lamer Exterminator]]
|
|Amiga, Boot sector virus
|
|1989-10
|
|[[Germany]]
|
|Random encryption, fills random sector with "LAMER"
|-
|[[MacMag (computer virus)|MacMag]]
|Drew, Bradow, Aldus, Peace
|
|
|1987-12
|
|
|-
|[[MDEF (computer virus)|MDEF]]
|Garfield, Top Cat
|
|
|1990-05
|
|
|
|
|-
|[[Melissa (computer worm)|Melissa]]
|Mailissa, Simpsons, Kwyjibo, Kwejeebo
|[[Microsoft Word]] macro virus
|
|1999-03-26
|
|New Jersey, United States
|David L. Smith
|Part macro virus and part worm. Melissa, a MS Word-based macro that replicates itself through e-mail.
|-
|[[Michelangelo (computer virus)|Michelangelo]]
|
|[[MS-DOS]]
|
|1991-02-04
|[[Australia]]
|
|
|Ran March 6 ([[Michelangelo]]'s birthday)
|-
||[[Navidad virus|Navidad]]
|
|
|
|2000-12
|
|
|
|
|-
|[[Natas (computer virus)|Natas]]
|
|Multipartite, stealth, [[polymorphic code|Polymorphic]]
|
|1994
|
|
|"Priest"
|
|-
|[[nVIR (computer virus)|nVIR]]
|MODM, nCAM, nFLU, kOOL, SHIT, prod, Fuck, Hpat, Jude
|Mac OS
|
|1987
|
|
|
|nVIR has been known to 'hybridize' with different variants of nVIR on the same machine.
|-
|[[OneHalf (computer virus)|OneHalf]]
|Slovak Bomber, Freelove or Explosion-II
|[[MS-DOS]]
|
|1994
|
|Slovakia
|Vyvojar
|It is also known as one of the first viruses to implement a technique of "patchy infection"
|-
|[[Ontario.1024 ()|Ontario.1024]]
|
|
|
|
|
|
|
|
|-
|[[Ontario.2048 (computer virus)|Ontario.2048]]
|
|
|
|
|
|
|
|
|-
|[[Ontario (computer virus)|Ontario]]
|SBC
|[[MS-DOS]]
|
|1990-07
|
|Ontario, Canada
|
|Death Angel
|-
|[[Pikachu virus]]
|
|
|
|2000-06-28
|
|Asia
|
|The Pikachu virus is believed to be the first computer virus geared at children.
|-
|[[Ping-pong virus|Ping-pong]]
| Boot, Bouncing Ball, Bouncing Dot, Italian, Italian-A, VeraCruz
| Boot sector virus
|
|
|
|
|
| Harmless to most computers
|
|
|-
|[[RavMonE.exe]]
|RJump.A, Rajump, Jisx
|Worm
|
|2006-06-20
|
|
|
|Once distributed in [[iPod|Apple iPods]], but a Windows-only virus
|-
|[[SCA (computer virus)|SCA]]
|
|Amiga, Boot sector virus
|
|1987-11
|
|[[Switzerland]]
|[[Swiss Cracking Association]]
|Puts a message on screen. Harmless except it might destroy a legitimate non-standard boot block.
|-
|[[Scores (computer virus)|Scores]]
|Eric, Vult, NASA, San Jose Flu
|[[Mac OS]]
|
|1988 Spring
|
|
|
|Designed to attack two specific applications which were never released.
|-
|[[Scott's Valley (computer virus)|Scott's Valley]]
|
|[[MS-DOS]]
|
|1990-09
|Scotts Valley, California, United States
|
|
|Infected files will contain the seemingly meaningless hex string 5E8BDE909081C63200B912082E.
|-
|[[SevenDust (computer virus)|SevenDust]]
|666, MDEF, 9806, Graphics Accelerator, SevenD
|Mac OS
|
|1998
|
|
|
|
|-
|[[Shankar's Virus]]
|W97M{{Not a typo|.}}Marker{{Not a typo|.}}o
|[[Polymorphic code|Polymorphic]] Virus
|
|1999-06-03
|
|
|Sam Rogers
|Infects Word Documents
|-
|[[Shoerec (computer virus)|Shoerec]]
|
|Windows 32
|-
|[[Simile (computer virus)|Simile]]
|Etap, MetaPHOR
|[[Windows]]
|[[Polymorphic code|Polymorphic]]
|
|
|
|The Mental Driller
|The metamorphic code accounts for around 90% of the virus' code
|-
|[[Stoned (computer virus)|Stoned]]
|
|
|
|1987
|Wellington, New Zealand
|
|
|One of the earliest and most prevalent boot sector viruses
|-
|[[Sunday (computer virus)|Sunday]]
|
|[[MS-DOS]]
|Jerusalem.Sunday
|1989-11
|Seattle, Washington, United States
|
|
|Because of an error in coding, the virus fails to execute its payload.
|-
|[[TDL-4]]
|
|[[Botnet]]
|
|
|JD virus
|
|
|
|-
|[[Techno (computer virus)|Techno]]
|
|[[MS-DOS]]
|
|
|
|
|
|The virus plays a tune that was created by the author of the virus
|-
|[[Whale (computer virus)|Whale]]
|
|[[MS-DOS]]
|[[Polymorphic code|Polymorphic]]
|1990-07-01
|
|Hamburg, Germany
|R Homer
|At 9216 bytes, was for its time the largest virus ever discovered.
|-
|[[ZMist (computer virus)|ZMist]]
|ZMistfall, Zombie{{Not a typo|.}}Mistfall
|Zombie.Mistfall
|
|
|
|
|Z0mbie
|It was the first virus to use a technique known as "code integration".
|-
|}

=== Related lists ===
*[[List of computer worms]]
*[[Timeline of notable computer viruses and worms]]

==== Unusual subtypes ====
*[[Palm OS Viruses]]
*[[Linux malware]]

==== Notable instances ====
*[[Conficker]]
*[[Creeper virus]] - The first malware that ran on ARPANET
*[[ILOVEYOU]]
*[[Leap]] - Mac OS X Trojan horse
*[[Storm Worm]] - A [[Microsoft Windows|Windows]] trojan horse that forms the [[Storm botnet]]

==== Similar software ====
*[[Adware]]
*[[Malware]]
*[[Spam (electronic)|Spam viruses]]
*[[Spyware]]
*[[Computer worm|Computer Worms viruses]]
*[[Trojan horse (computing)|Trojan viruses]]

=== Security topics ===
*[[Antivirus software]]
*[[Computer insecurity]]
*[[Cryptovirology]]
*[[Security through obscurity]]

=== See also ===
*[[Computer worm]]
*[[Virus hoax]]
*[[Zombie computer]]


== External links ==
== External links ==

Revision as of 13:57, 19 April 2013

The compilation of a unified list of computer viruses is made difficult because of naming. To aid the fight against computer viruses and other types of malicious software, many security advisory organizations and developers of anti-virus software compile and publish lists of viruses. When a new virus appears, the rush begins to identify and understand it as well as develop appropriate counter-measures to stop its propagation. Along the way, a name is attached to the virus. As the developers of anti-virus software compete partly based on how quickly they react to the new threat, they usually study and name the viruses independently. By the time the virus is identified, many names denote the same virus.

Another source of ambiguity in names is that sometimes a virus initially identified as a completely new virus is found to be a variation of an earlier known virus, in which cases, it is often renamed. For example, the second variation of the Sobig worm was initially called "Palyh" but later renamed "Sobig.b". Again, depending on how quickly this happens, the old name may persist.

Scope

In terms of scope, there are two major variants: the list of "in-the-wild" viruses, which list viruses in active circulation, and lists of all known viruses, which also contain viruses believed not be in active circulation (also called "zoo viruses"). The sizes are vastly different, in-the-wild lists contain a hundred viruses but full lists contain tens of q.

Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=Comparison_of_computer_viruses&oldid=551135113"