ViRobot

Support

  • Customer Services
    • FAQ
  • Submit Samples
  • Product Guidelines
  • Free Download!!

FAQ

No. Category Title
3 Virus What is a "Virus" and how are they classified?
A computer virus is a program designed to replicate and spread on its own, preferably without a user's knowledge. Similar to biological viruses, computer viruses survive by infecting a host (i.e., other software) and then replicating. The degree to which a virus spreads is dependent on how it is written. Computer viruses can spread by attaching themselves to another program-such as word processing or spreadsheet programs-or to the boot sector of a diskette. When an infected file is executed or the computer is started from an infected disk, the virus itself is executed. Often, it stays in memory, waiting to infect the next program that is run or the next disk that is accessed. Many viruses perform trigger events; for example, they might display a message on a certain date or delete files after the infected program is run a certain number of times. Some of these trigger events are harmless; others can cost extensive and costly damages.

Typical Virus Classification File Viruses:
This type of viruses operates in memory and infects executable files. They attach themselves to or replace .COM and .EXE files, although in some cases they can infect files with the extensions .
SYS, .DRV, .BIN, and OVL. This type of virus generally infects uninfected programs when they are executed with the virus in memory. In other cases, they infect programs when they are opened-using the DOS DIR command, for example-or the virus simply infects all of the files in the directory it was run from-a so-called direct infector.

  • Boot Viruses:
    Until late 1995, boot-sector viruses were the most predominant type of virus infection. Such viruses spread between the master boot record (MBR) on an infected floppy disk, and the MBR on a user's hard drive. All logical drives-hard disk and floppy-contain a boot sector, including disks that are not bootable. The boot sector contains specific information relating to the formatting of the disk and the data stored there. It also contains a small program called the boot program that loads operating system files. Boot sector viruses infect the boot program of the hard drive when an infected diskette is left in a floppy drive and the system is rebooted. When the computer reads and executes the boot sector program, the boot sector virus goes into memory and infects the hard drive. Later, when the user boots from the hard drive, the virus again gains control and can then infect each and every diskette used on the computer.

  • Macro Viruses:
    Macro viruses also copy themselves from file to file. However, they are viruses written to infect macro or scripting language utilities that accompany personal productivity applications. Therefore, they travel between data files (which can store executable macros) and the application. The vast majority of macro viruses are written for Microsoft Office applications (i.e. Word, Excel?. When a file (i.e., a Word document) that contains the infected macros is used, at a certain time the virus copies onto the application where it is stored, and from then on will infect any other Word or Excel file used by the infected copy of the application. A macro virus can be written to spread at a variety of different points during the file's use (e.g., when it is opened, saved, closed, or deleted).

  • Polymorphic Viruses:
    Polymorphic viruses that can mutate to escape detection by anti-virus software.

  • Multi-Partite Viruses:
    Multi-partite viruses often infect multiple targets instead of just one type of file or disk.
    For example, they will infect both files and boot records on hard disks or both files and boot sectors on floppy disks.

  • Stealth Viruses:
    These viruses actively conceal themselves while they're running in memory. A straightforward example is to make infected files appear to be the size they would be if uninfected. More sophisticated viruses intercept operating-system-level interrupts, and, for example, may remove themselves from infected files as the file is run, only to re-infect upon file closure.

  • Retro viruses:
    These viruses are designed to actively attack anti-virus software.
    They'll try to delete anti-virus data files, corrupt anti-virus programs, and more. Hence, rendering the anti-virus software useless in detecting their presence.
  • List
    Copyright 2008 @ HAURI Inc. All rights reserved. SiteMap