A companion virus is a complicated computer virus which, unlike traditional viruses, does not modify any files. Instead, it creates a copy of the file and places a different extension on it, usually .com. This unique quality makes a companion virus difficult to detect, as anti-virus software tends to use changes in files as clue.
The companion virus is an old type of virus that was more prominent during the MS-DOS era. It is propagated mostly through human intervention.
When the user executes a program with the command prompt, he or she usually types in the name of the program. Because MS-DOS does not need a specification of the file type, it automatically runs the first file name that matches what the user types. So, if a companion virus copies file.exe and renames it file.com, because file.com comes before file.exe, MS-DOS will run that first program, thus spreading the infection in the computer, unbeknownst to the user.
Companion viruses mostly need human intervention to further infect a computer and with the advent of Windows XP, which does not use the MS-DOS interface much anymore, there were fewer ways for this type of virus to propagate itself. However, it can still work if a user double clicks it unintentionally or is run by accident, especially if the “show file extensions” option is not activated.
The companion virus is an old type of virus that was more prominent during the MS-DOS era. It is propagated mostly through human intervention.
When the user executes a program with the command prompt, he or she usually types in the name of the program. Because MS-DOS does not need a specification of the file type, it automatically runs the first file name that matches what the user types. So, if a companion virus copies file.exe and renames it file.com, because file.com comes before file.exe, MS-DOS will run that first program, thus spreading the infection in the computer, unbeknownst to the user.
Companion viruses mostly need human intervention to further infect a computer and with the advent of Windows XP, which does not use the MS-DOS interface much anymore, there were fewer ways for this type of virus to propagate itself. However, it can still work if a user double clicks it unintentionally or is run by accident, especially if the “show file extensions” option is not activated.
0 Comments