What is an infected virus?

The infected virus runs and joins itself in other programs or dynamic library files (one of the DLLs) to perform the function of synchronizing with the infected program, thereby destroying and propagating the infected computer.

Characteristics

Infection virus because of its own characteristics, need to attach to other host programs to run, and in order to avoid the killing of anti-virus software, usually infected virus will itself partition, deformation or encryption, and then part of their own or all attached to the host program. Once a virus file is executed, it is very likely that most of the program files in the system will be added to the virus code, and then transmitted to other computers.

Harm

Infected virus gradually adopted the Trojan program to write means and functions, more adept at the latent and completion of a predetermined function. In the feature will be integrated more backdoor and Trojan features, such as download operation, advertising procedures, steal privacy, remote control, and so on, the mutual integration of the virus has an unprecedented infection of the machine's control ability and concealment.

For example, backdoor functions, such as the current active Virut variant virus, contains a small backdoor client to obtain user operating system information, system performance and download run specified application functions. In the machine infected with this virus, the operator of the virus can remotely connect to the user's computer, first obtain the user's computer configuration information, and then specify a network path according to the configuration, requiring the client to automatically download an attack program to run attacks on some important target host, At the same time, the operator of the virus can also monitor the operation of the client, in the appropriate circumstances, and then download the program to remove the traces, so that investigators could not start. In addition to the Virut virus in the design process to take into account the compatibility of different operating systems, it also contains two sets of functional equivalent code, respectively, for the Win98 series of systems and Winnt kernel series of systems, this design makes the application of the virus wider, regardless of the old and new computers will be affected.

Development history and purpose

The purpose of an infected virus is not only to spread itself to a wider range, but also to be written for some purpose. From the history of the virus, from the initial to show off the programmer's ability to reach some kind of political goal, to the recent emergence of attacks on Iranian nuclear power plants of the national virus. The virus has always been for some purpose, and the infected virus with its own transmission characteristics, can be a specific function of the virus into the various corners of the system, and wait for the time to launch action.

Development trend

Infected virus is compiled from the traditional all directly from low-level assembly language writing, gradually converted to mergers using low-level and high-level language mixed writing method. As the main part of the high-level language writing can be more easily added to achieve more functionality, the simplified assembly part of the function is more simple, so with the difficulty of writing a significant reduction in the future, there will be more new types of more powerful infection-type virus was born.