
- •Archives
- •What is an Archive?
- •What is a Self-Extracting Zip File?
- •Archive formats:
- •The WinZip window
- •Opening Archive
- •Viewing Files
- •Extracting Files
- •Create a New Archive
- •Adding Files
- •Deleting Files from Archive
- •Other Characteristics
- •The WinRar window
- •Viruses and anti-virus programs Keywords
- •6. Levels of polymorphism (Уровни полиморфизма). Факультативно….
- •7. Virus strain (Вирусный штам).
- •There are some famous examples of the viruses.
- •Tipes of viruses
- •5. Network virus (Сетевой вирус).
- •6. Encrypted virus (Шифрованный вирус).
- •Virus constructor (Конструктор для вирусов).
- •Anti-virus program
- •1. Firmware sentry (Программно-аппаратный сторож)
- •2. Anti- virus sentry (Программный антивирусный сторож).
- •4. Resident vaccine (Резидентная вакцина).
- •5. Anti-virus scanner (Антивирусный сканер)
- •6. Anti-virus disk inspector (Антивирусный ревизор диска).
- •The anti-virus scanner DoctorWeb (DrWeb).
- •Graphic mode of the DrWeb.
- •Graphic mode of the avp Kaspersky Anti-Virus.
Virus constructor (Конструктор для вирусов).
A special development environment that facilitates creating computer viruses. Usually, a developer is given an opportunity to specify virus parameters, such as types and frequency of actions. There exist virus constructors practically for all types of computer viruses, including polymorphous and macro viruses.
Anti-virus program
A program intended to fight computer viruses. There are different types of anti-virus software: scanners, inspectors, sentries, vaccines, etc.
1. Firmware sentry (Программно-аппаратный сторож)
Hardware and software intended to protect data and disk system areas against any unauthorized modification. Usually, it’s a card installed on the computer bus. As an example of a firmware sentry, we can mention Sheriff.
2. Anti- virus sentry (Программный антивирусный сторож).
A memory-resident program that monitors operations performed by other program. In particular, a sentry controls the operations that are often misused by computer viruses, and alarms the user if any of such operations (for instance, modification of a boot sector) is about to be performed, asking to confirm or cancel it.
3. NON-RESIDENT VACCINE (Нерезидентная вакцина).
A program that modifies a file or boot sector in order to prevent or detect virus infection. Vaccination can be targeted against a particular virus (by changing, say, a file in such a manner that this virus thinks the file is already infected), or against any virus. In the latter case, the vaccine must be able to detect and report the modification of an vaccinated object. Sometimes, vaccines can even cure infected objects.
4. Resident vaccine (Резидентная вакцина).
A memory-resident program that imitates infection of your system and, by doing this, prevents a real contamination. Unlike non-resident vaccines, resident vaccines affect the operating environment rather than individual object.
5. Anti-virus scanner (Антивирусный сканер)
A program that detects and eradicates computer viruses. Usually, a scanner uses a special database containing information about viruses known to it. Besides, modern scanners are equipped with an heuristic analyzer that can detect unknown viruses. An example of a scanner is Doctor Web.
6. Anti-virus disk inspector (Антивирусный ревизор диска).
A program that maintains data integrity on hard disks. An inspector controls the integrity of files, boot sectors and system areas and reports any changes in them. If changed, some of these objects (for example, boot sectors) can be restored by the inspector itself, without any other anti-virus software. Besides, an inspector may be supplemented with a special cure module capable of restoring files of certain types. To check data integrity, an inspector makes use of special tables that contain the so called file checksums calculated by special algorithms. An example of a disk inspector is ADinf. This program meets all requirements to modern disk inspectors. In particular, it can directly read disk sectors, thus bypassing all masking tricks employed by many viruses. Besides, ADinf can control the integrity of files using different checksums, including a CRC based on a unique, highly reliable LAN64 algorithm. ADinf can be used together with its cure module, ADinf Cure Module.