Студопедия

КАТЕГОРИИ:

АвтомобилиАстрономияБиологияГеографияДом и садДругие языкиДругоеИнформатикаИсторияКультураЛитератураЛогикаМатематикаМедицинаМеталлургияМеханикаОбразованиеОхрана трудаПедагогикаПолитикаПравоПсихологияРелигияРиторикаСоциологияСпортСтроительствоТехнологияТуризмФизикаФилософияФинансыХимияЧерчениеЭкологияЭкономикаЭлектроника



The anatomy of a virus




Читайте также:
  1. Malware: viruses, worms, trojans and spyware
  2. Вирус ветряной оспы и опоясывающего лишая (Род Poikilovirus)
  3. Герпесвирусы 1 и 2 типа (ВПГ 1, 2) (Род Simplex virus)

A biological virus is a very small, simple organism that infects living cells, known as the host, by attaching itself to them and using them to reproduce itself. This often causes harm to the host cells.

Similarly, a computer virus is a very small program routine that infects a computer system and uses its resources to reproduce itself. It often does this by patching (attaching and integrating into) the operating system to enable it to detect program files, such as COM (command) or EXE (executable) files. It then copies itself into those files. This sometimes causes harm to the host computer system.

When the user runs an infected program, it is loaded into memory carrying the virus. The virus uses a common programming technique to stay resident in memory. It can then use a reproduction routine to infect other programs. This process continues until the computer is switched off.

The virus may also contain a payload that remains dormant until a trigger event activates it, such as the user pressing a particular key. The payload can have a variety of forms. It might do something relatively harmless such as displaying a message on the monitor screen or it might do something more

destructive such as deleting files on the hard disk.

When it infects a file, the virus replaces the first instruction in the host program with a command that changes the normal execution sequence. This type of command is known as a JUMP command and causes the virus instructions to be executed before the host program. The virus then returns control to the host program which then continues with its normal sequence of instructions and is executed in the normal way. Crackers don't always use the same segment of an operating system's initializing sequence, which makes detection tricky for the average user.

To be a virus, a program only needs to have a reproduction routine that enables it to infect other programs. Viruses can, however, have four main parts. A misdirection routine that enables it to hide itself; a reproduction routine that allows it to copy itself to other programs; a trigger that causes the payload to be activated at a particular time or when a particular event takes place; and a payload that may be a fairly harmless joke or may be very destructive. A program that has a payload but does not have a reproduction routine is known as a Trojan. Each virus is given a name e.g. Love Bug and can be classified as a particular type of virus. Virus types include: logic bombs that destroy data when triggered; boot sector viruses that store themselves in the boot sector of a disk (the part of a disk containing the programs used to start up a computer); file viruses that attach themselves to COM files; macro viruses that are small macro programs that attach themselves to word processor files and use the macro programming facilities provided in some word processor programs.




Дата добавления: 2014-11-13; просмотров: 17; Нарушение авторских прав







lektsii.com - Лекции.Ком - 2014-2021 год. (0.005 сек.) Все материалы представленные на сайте исключительно с целью ознакомления читателями и не преследуют коммерческих целей или нарушение авторских прав
Главная страница Случайная страница Контакты