27
Jan

Norman Virus Control (NVC) antivirus

   Posted by: admin   in Virus Programs

Norman Virus Control antivirus (NVC)

A virus definition

From the definition of data virus follows that you are not infected even if you have a file with a virus on you hard disk. You are not infected until you open the file/document and the virus propagates.

A virus is defined by these criteria:

* Its ability to replicate. The replication can be different, depending on the kind of virus. The different types of virus are described later.
* A virus needs a host to propagate. Such a host can be a file on a server/workstation/diskette, a document, a Master Boot Record or a System Boot Record. (Master Boot Record and System Boot Record are described later in this document.)
* Some kind of action must result, an action which the user did not intend to invoke. This could be a message, deletion of files, changing of stored data or only replication. The latter uses resources like disk space, CPU time or network resources.

A simple definition of a virus may result from this: it replicates, it includes itself in program code without permission, and it may damage the infected computer.

Virus infections do not happen often. However when they occur, they have to be treated correctly and quickly. More damage is done by erroneous attempts to remove viruses which might - or might not - exist on a computer.

A virus may propagate from program to program, and from system to system, without the user’s knowledge. I.e. one does not have to do something consciously to transfer the virus, one only has to supply a host to the virus. The propagation is handled by the virus itself.

Most users do not know that they are infected by a virus. The discovery happens by coincidence, by noticing that some files are missing, or that the computer’s behavior suddenly is “strange”. In the time between infection and discovery, other computers may have been infected, by use of the same diskettes or by sharing files/documents. Most virus attacks are not visible by the time of the attack.

Education is the key!

The earlier the infection is discovered, the earlier further propagation can be stopped. It is important to remember that once source may consist of various viruses which infect in different ways.

Part of fighting viruses is identifying possible sources for viruses. Such sources can be perfectly legal, like shrink-wrapped programs from a distributor, or illegal, like copying applications which are licensed to others .

The risk of being infected by legally bought programs - licensed or shareware - is minor.
2. Different types of virus
2.1 File virus

A file virus is attached to a program file, normally an *.EXE or a *.COM file. It uses different techniques to infect other program files. File virus may also infect *.SYS, *.DRV, *.BIN, *.OVL and *.OVY-filer.

Most file viruses are resident, which enables the virus to supervise all activity, and infect other program files. Other file viruses infect by “direct action”, which means that they infect one or several program files when the user opens/runs the file.

This kind of virus man be transferred to/from all kinds of storage media (only from CD-ROM) and propagate in a network.

Three main techniques are used to infect files which can be run: overwriting, inserting at the beginning, and appending.

1. A overwriting virus is placed at the beginning over program, over the original program code, which results in destroying this. When you try to run the program nothing expected happens, but the virus infects another file or other files, or terminates and stays resident.resident.
2. Viruses which insert themselves at the beginning of a program, leaves the original program intact after the virus. When you run a program infected by such a virus, the virus program is run, and then the original program is started.
3. Appending viruses inserts themselves at the end of the file. In addition a jump instruction which points to the virus is set at the beginning of the file. The program will then run as usual, the user does not notice the virus being run.

2.2 System virus

System viruses or boot viruses are often present on diskettes without the users’ knowledge. When a user starts or restarts the computer the system virus will infect Master Boot Sector (MBR) and System Boot Sector (SBS) if the infected diskette is in the diskette drive. You can only be infected by a system virus from a diskette.

MBS: Master Boot Sector is a small area on the hard disk which has information about how the hard disk is organized. All physical hard disks have a MBS. The MBS includes a program which read the partition table, as well as the partition table itself. The program reads the partition table, and interprets the information to find the System Boot Sector. Most system viruses infects MBS.

SBS: System Boot Sector is an area on the hard disk which has several kinds of data, including a program which finds and runs the operating system.

The reading of these system areas is part of the startup process on all IBM compatible computers. Thus system viruses are not dependent on the operating system, which makes the propagation easier but only by diskettes, not networks.
2.2.1 The Startup process

Download

Share and Enjoy: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Digg
  • Sphinn
  • del.icio.us
  • Facebook
  • Mixx
  • Google
Tags:
            
This entry was posted on Saturday, January 27th, 2007 at 12:31 am and is filed under Virus Programs. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed at this time.

Free Web Directory Add to Technorati Favorites TOP 100 WEBLOGS Blog Directory adavare Program indir Transfer Head diabetus
Dost Siteler: Vücut Geliştirme Oyun indir Bedava Program Yükle Türkçe Proğram İndir vucut geliştirme Proğram indir