The Research and Implementation of PE Documentary Virus base on Win32 Platform
Abstract
Nowadays, computer virus technology is growing rapidly as fast as development speed of anti-virus technology.Computer virus technology is becoming complex and changing rapidly. It brings enormous challenges to anti-virus technology. This paper analyzes the most common PE virus mechanism base on Win32 platform that is explained by the way of code realization. The article also demonstrates the basic mechanism of virus from the perspective of the virus creator and gives the suggestion to achieve a better anti-virus result. At the beginning, the article introduces the basic knowledge of Windows virus and classification. This part highlights the basic tenets of PE virus and basic mechanism. The second part compiles the code realization according to the principles. It can infect an EXE program (e.g. WinRAR.exe) and spread by u disk. The third part shows the result of passing the test (white box testing) and makes the summary and forecast. The last part summarizes the Windows PE anti-virus technology through the research on this topic with mainstream anti-virus technology.
Key Words:Windows virus; PE virus; anti-virus technology; PE format; implementation of virus program
