36 Can a PC not running DOS be infected with a common DOS virus?
Description
This article is from the Computer Viruses FAQ, by Nick FitzGerald n.fitzgerald@csc.canterbury.ac.nz with numerous contributions by others.
36 Can a PC not running DOS be infected with a common DOS virus?
Yes! There are three distinct possibilities here.
One is Novell's NetWare (and possibly other network operating systems),
which boots from a DOS disk and loads a "standard" DOS executable that
takes complete control of the system from DOS. This executable--
SERVER.EXE--could easily be infected by a DOS file infector. For
example, a server's NetWare boot diskette may have to be taken from the
server to a DOS PC to edit some of the configuration and startup files
that have to be on that diskette. If the PC where the editing is done
is infected with a file infecting virus, SERVER.EXE may well be infected
when the new startup files are saved to the diskette. Such infections
are virtually guaranteed to render SERVER.EXE inoperative and the server
would fail at its next restart. No viruses are known to target the
NetWare kernel specifically.
Another possibility is the case of a 386 (or better) system running
NetWare or a self-loading OS, such as Unix, NeXTStep486, Windows NT or
OS/2, since this system is still vulnerable to infection by MBR
infectors (such as Stoned or Michelangelo), as these are operating
system independent. Note that an infection on such a system may result
in the disabling of non-DOS disk partitions (possibly beyond easy
recovery) because the tricks and system conventions these viruses employ
may not apply to operating systems other than DOS. The issue here is
that MBR infectors are not really "DOS viruses" so much as "PC-BIOS
viruses"--they can infect any machine with a PC-compatible BIOS.
Third, *any* OS that offers a "DOS box" or "DOS emulator" to run DOS
programs can, potentially, run a virus-infected DOS program. Such
activation of a virus should allow the virus to spread to any "targets"
available to it under that DOS emulator. For example, a DOS program
infected with a multipartite virus, when run under OS/2 would probably
be able to infect other DOS executables, but not the MBR/DBS, as OS/2
only allows programs to read these critical areas of the hard drive (see
E12 for more details on DOS viruses running under OS/2). With the
increasing sophistication and power of computing environments, DOS
emulators running on non-PC computers are increasingly available and
able to run DOS viruses.
Continue to:
My Books
