Protecting against File Infectors
By merely surfing the
internet, you are exposing yourself to a wide range of security threats. Some of the most common dangers are computer
viruses. Many types of viruses may
attempt to slither into your computer and spread an infection throughout the
system. And while several are similar in
function, most have notable distinctions that set them apart.
Categories of File Infectors
According to Symantec, one the leading developers of anti-virus software, all viruses fall under five major categories:
- MBR (Master Boot Record) viruses
- Macro viruses
- Multi-part viruses
- Boot sector viruses
- File infector viruses
As the name indicates, the role of a file infector is to infect the files of a computer. This is one of the most frequently deployed viruses and has been known to inflict considerable damage. Upon running a program that has been corrupted by a file infector, the virus duplicates the malicious code and applies it to other executable applications on the computer. Files that are the most vulnerable to this type of infection bare the extensions of EXE. ( execute) and .COM (command), though any file capable of execution can be infected.
A popular example of the file infector is the Cascade virus, an infection that has basically become obsolete. The original variation of this virus was designed to deliver a payload from October 1st through December 31st in 1988. Upon execution, the characters on the victim's monitor descend and find themselves piled at the bottom of the screen. The Cascade virus has spawned a number of variants over the years, most of which have displayed the same basic function.
A more recent example of a file infector is the Cleevix virus, which is reported as being first discovered in January of 2006. When executed, it seeks out the current directory, the system directory and the Windows directory. It then infects all portable executable files within them. Because the infection typically displays a message upon execution, it is fairly easy to detect. Other than being equipped with a few encryption features, Cleevix as a rather simple virus that can be removed with ease.
Characteristics of File Infectors
Although there are many different kinds of file infector viruses, most of them operate the same and take the following course of actions.
- Once a user executes an infected file, the virus copies the file and places into an area where it can be executed. In most cases, this would be the RAM.
- The malicious code runs first while the infected file remains quiescent
- The virus then copies itself in a location separate from where the infection occurred, allowing it to continuously infect files as the user functions other programs
- When the initial process is set in to place, the virus grants control back to the infected file
- When a user opens another application, the dormant virus proceeds to run again. It then inserts a copy of itself into files that were previously uninfected which enables the cycle to repeat consistently
File infectors can be both a nuisance, as well as a tremendous threat to your computer. For this reason, it is recommended to protect your system with anti-virus software that receives free updates for the latest virus definitions.