Sections
ITS Home Button
Students Button
Faculty & Staff Button
Help & FAQ button
Merlin Button
Webmail Button
Online Course Resources Button
Policies & Procedures Button
NCC Homepage Button
About ITS Button
Comments Button

Google

 

  
Virus

Frequently Asked Questions

  1. What is a virus?
  2. How does DOS work?
  3. How does a virus work?

What is a virus?

A virus is a program written by someone who wants to play a prank or is a hacker. It is designed to do two things: replicate itself and perform a devious task. The replication takes place in the PC's memory. The program first loads into memory, then writes itself whenever it detects that the operating system is about to access a writeable media disk (usually a hard disk or diskette).

How does DOS work?

To better understand how viruses work, we need to look at how DOS accesses data. When the computer boots up, it goes to the boot sector of the disk to get information about the disk (physical characteristics, partitioning information for the disk) and the instructions on how to load the operating system. After it gets these instructions, the operating system takes over. The operating system then goes to the File Allocation Table (FAT) to find the "address" of files that it needs to do its job.

How does a virus work?

1. Someone attaches the virus to a program that will be a popular file, like a new game or utility or e-mail. A user downloads the game, utility or e-mail and gets the virus when the game, utility or e-mail is decompressed, executed or opened.

2. For many viruses, the first thing is to find a hiding place. There are three main places where viruses will hide:

Boot sector - DOS accesses the boot sector every time it reads a floppy disk to ensure the same disk is installed, and once on the hard disk when booted up.
Bad sector - some viruses will write themselves to a sector on the disk, then go to the FAT table and mark that sector as bad so DOS and most utilities will not try to read or write to that sector.
COMMAND.COM - is the main kernel for DOS. It has all of the basic commands that DOS uses to access a disk or manipulate files.

  • Some viruses are not so picky and will write themselves to any executable program. Viruses that hide in these places launch as soon as the computer boots from the hard drive. Thus, removing them involves booting from a diskette so that the virus program will not be launched.

3. Once the virus is launched, it lays dormant until a diskette is inserted so that it can write itself to the boot sector or attach to an executable program. Depending upon what the virus is programmed to do, it may even begin to generate annoying messages that appear on the screen or wipe the partition information on the hard drive.

|| Back to Top
 
ITS Home | Students | Faculty & Staff | Help & FAQ's | Merlin | Webmail | Course Resources | Policies & Standards| About ITS | NCC Homepage | Contact Us

Comments about this Web site should be sent to:
This file was last updated: Thursday, 31-Aug-2006 14:11:10 CDT