PROGRAM Viruses
What they infect: Program file viruses attach to executable files such as
.COM, .EXE, and .DLL files by inserting instructions
into the execution
sequence. When the infected file runs, the inserted instructions execute the
virus code. After the code
finishes executing, the file continues with its
normal execution sequence. This happens so quickly that you're not aware
that
the virus executed.
How they infect: There are three sub classifications of program file viruses:
- Memory resident: Stay in memory as
terminate-stay-resident (TSR) programs and typically infect all executed files.
- Direct action: Execute, infect other
files, and unload.
- Companion: Associates itself with an
executable file without modifying it. For example, the virus might create a
companion
file, WORD.COM, to the WORD.EXE file. When the Word program opens, the
infected WORD.COM file executes, performs the
virus activities, and then
executes the WORD.EXE file.
Damage: The damage caused by program file viruses varies from irritating, such
as displaying screen messages, to data destruction.
Examples: (to come)
(back)