• Home Page
  • Tutorial
  • Blog
  • Privacy Policy
  • Contact Us
 

 

 

 

 

 

 

 

 

 

 

 

 


VIRUS AND ANTIVIRUS

Where Viruses Hide

 

A program is called a virus because it has an incubation period (does not do damage immediately), because it is contagious (can replicate itself), and because it is destructive. Viruses are often programmed to hide to avoid detection by antivirus software.

 

Boot Sector Viruses

 

A boot sector virus hides in a boot sector program. It can hide on a hard drive either in the program code of the master boot record or in the boot record program that loads the operating system on the active partition of the hard drive. On a floppy disk, a boot sector virus hides in the boot program of the boot sector. One of the most common ways a virus spreads is from a floppy disk used to boot a PC. When the boot program is loaded into memory, so is the virus, which can then spread to other programs.

However, a floppy disk does not have to be bootable to spread a virus. All floppy disks have a boot sector that contains a boot program. If a PC is configured to first boot from Drive A and then Drive C, and a floppy disk is in the drive when the PC is booted, BIOS executes the boot program on the disk. If the disk is not bootable, this program displays an error message, such as “Nonsystem disk or disk error.” If the user removes the disk and presses any key, the PC boots from the hard drive. However, if the boot program of the floppy disk contains a boot sector virus, the virus might already have been loaded into memory. When the system boots from the hard drive, the virus is then spread to the boot sector of the hard drive. To prevent this kind of infection, after unsuccessfully trying to boot from the floppy disk, don’t press a key that instructs the PC to turn to the hard drive to boot. Also, pressing [CTRL+ALT+DEL] might not be enough to prevent the problem because the loaded virus can still hide in memory and some viruses intercept a [CTRL+ALT+DEL] to take control of the PC. The best way to proceed is to use a cold boot—turn the PC off, remove the floppy disk, and turn the PC back on. The danger of virus infection from a floppy is a good reason to configure your computer to always boot from the hard drive first, and then, if the hard drive is not bootable, to boot from the floppy drive. This boot order normally prevents BIOS from reading a boot sector of a floppy disk that is inserted during boot. The order of booting from the A and C drives is determined in CMOS setup. In addition, many CMOS setups have an option that prevents writing to the boot sector of the hard drive, which can protect against some boot sector viruses. This feature must be turned off before installing Windows 9x, Windows NT, or Windows 2000, which must write to the boot sector during installation. Windows 9x does not tell you that you must turn the feature off and start the installation over until about halfway through the installation.

 

File Viruses

 

A file virus hides in an executable (EXE or COM) program or in a word-processing document that contains a macro. A macro is a small program contained in a document that can be automatically executed when the document is first loaded, or later by pressing a key combination. For example, a word-processing macro might automatically read the system date and copy it into a document when you open the document.

Viruses that hide in macros of document files are called macro viruses. Macro viruses are the most common viruses spread by e-mail, hiding in macros of attached document files.

 

<Previous>                                  <Home>                                     <Next>








MSN Block Checker
MSN Display Pictures
MSN Web Messenger
MSN Display Pics
 Myspace HTML Codes
Mobile Phones
Myspace Layouts
Articles 		Tutorials
Urdu Website
Topics
Computer Hardware Tutorial

© Copyright 2007 UrduSeo.Com