1 year, 3 months ago
via nortonantivirusquestions.com
Why are viruses that infect files without increasing their size or damaging them called captivity viruses?
What type of files does the CIH and Chernobyl virus infect? Is virus detection difficult with captivity viruses?
Separate topics with commas, or by pressing return. Use the delete or backspace key to edit or remove existing topics.
You can leave an optional "tip" with Mahalo's virtual currency, Mahalo Dollars. If you are asking a difficult question that might require some research, or if you'd like a wide variety of feedback, a higher tip often leads to more answers to your question.
M$1 Answer
Some viruses can infect files without increasing their size or damaging them. They can do this by overwriting the unused areas of an executable file. For example CIH virus. They overwrite unused areas because there are many empty areas and the virus which is only 1 KB in size, did not increase extra size of the file. In that way they did not damage the file.
CIH and CHERNOBYL viruses are the example of Captivity viruses. They usually infect portable executable files. Although they are not trying to damage it or increase its size, they use the unused areas of the portable executable files, and overwrite these areas.
Virus detection is more difficult with captivity viruses. Because they hide itself into the host file and not even try to damage the actual file or do not increase its size. The host file remains same, so it’s difficult for anti-virus programs to detect them.
CIH and CHERNOBYL viruses are the example of Captivity viruses. They usually infect portable executable files. Although they are not trying to damage it or increase its size, they use the unused areas of the portable executable files, and overwrite these areas.
Virus detection is more difficult with captivity viruses. Because they hide itself into the host file and not even try to damage the actual file or do not increase its size. The host file remains same, so it’s difficult for anti-virus programs to detect them.
You can leave an optional "tip" with Mahalo's virtual currency, Mahalo Dollars. If you are asking a difficult question that might require some research, or if you'd like a wide variety of feedback, a higher tip often leads to more answers to your question.
M$Report Abuse
