republican-creole
Search:  

 
theme to white backgroundlet page decide theme
HomeFind ServiceReviewsISP NewsFAQsForumsToolsDatabaseAbout 
 
   All FAQsSite FAQDSL FAQCable TechAbout DSLDistanceCLECSDSL Hurdles»»






how-to block ads



Search for: in all FAQs

All FAQs » Trojan horse, and Virus FAQ » 1.1 Viruses » 14149

What is a Nonresident virus? (#14149)

Nonresident viruses can be thought of as consisting of a finder module and a replication module. The finder module is responsible for finding new files to infect. For each new executable file the finder module encounters, it calls the replication module to infect that file.



For simple viruses, the replicator task is to:



    Open the new file
    Check if the executable file has already been infected (if it is, return to the finder module)
    Append the virus code to the executable file
    Save the executable starting point
    Change the executable is starting point so that it points to the start location of the newly copied virus code
    Save the old start location to the virus in a way so that the virus branches to that location right after its execution.
    Save the changes to the executable file
    Close the infected file
    Return to the finder so that it can find new files for the replicator to infect.


feedback form

by uid1307457 See Profile
last modified: 2009-04-27 18:06:45


Saturday, 28-Nov 15:43:29 Terms of Use | Privacy Policy | Hosting by www.nac.net - DSL,Hosting & Co-lo | feedback | contact
over 10 years online! © 1999-2009 dslreports.com.