Half Of Antiviruses Struggle To Detect Threats: Implement social Engineering Tricks To Spread Their Creations. On the contrary, very little user interaction was required beyond accidentally leaving an infected floppy disk in the drive.
At the time, floppy disks were the main means of transferring data from computer to computer and from user to user. So it was almost inevitable that, sooner or later, the user would pass on an infected floppy disk to a friend, colleague, or customer and spread the virus.
In the years that followed the appearance of the brain, boot sector viruses were further refined and developed. Whereas Brain infected only floppy disks, most of its successors were also designed to infect hard disks.
In most cases, this meant writing code to the MBR (Master Boot Record). Some, however (notably Form), infected the hard disk’s boot sector. And a small number (e.g., Purcyst) infected both the MBR and the boot sector.
|Topic||Half Of Antiviruses Struggle To Detect Threats|
DOS file viruses
Until 1995, boot sector viruses represented around 70% of all infections found in the field. However, they weren’t the only type of virus. Viruses designed to infect DOS executable files, first COM files and then EXE files, also appeared during this time period.
These viruses modified the host file so that the virus code ran when the virus ran the program. The virus used many different methods to infect files. One typical method was to add the virus code to the end of the host file and modify the header so that it first loads the virus code and then the original program instructions.
There were several variations on a theme, however. Some viruses inserted their code at the start of the file. A few inserted their code in several locations within the file.
And some, called overwriting viruses, replaced the original code entirely: of course, the host program failed to run, so antivirus did not commonly find such viruses in the field; their presence was too obvious for them to survive for long. A few viruses chose an alternative infection method.
Companion viruses stored their code in a separate ‘companion’ file. For example, the virus might rename the standard RUNME.EXE file to RUNME.IDX and create a new RUNME.EXE containing the virus code.
When the user executed the program, the virus loaded first and then passed control to the original program so the user wouldn’t see anything suspicious. Another alternative was the ‘link virus,’ which spread by manipulating how the virus accessed files under the FAT file system used by DOS.
The user would receive an infected file (on a floppy disk, for example) and run it. The virus loaded into memory created a (typically hidden) file on the disk containing the virus code.
The virus would then modify the FAT to cross-link other files to the virus code’s disk sector. As a result, whenever the antivirus ran the infected file, the system would jump first to the virus code and run it.
What Is the Explanation of Half Of Antiviruses Struggle To Detect Threats?
It is a type of virus that kills all dangerous viruses.
What is the issue behind this?
The developers are facing issues in launching the antivirus.