Computer Virus
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Computer
Virus
A computer virus is a computer programe that can copy itself and infect a computer.
A program or piece of code that is loaded onto your computer without your knowledge
and runs against your wishes.
The term "virus" is also commonly but used to refer to other types of malware, adware
and spyware programs that do not have the reproductive ability.
Signs of a Computer Infection
Some signs that may indicate that your computer is infected include:
• Computer functions slower than normal • Computer responds slowly and freezes often • Computer restarts itself
• Uncommon error messages, distorted menus, and dialog boxes.
• Applications on your computer fail to workcorrectly.
• Fail to print correctly.
What They Infect
Viruses can infect a number of different system, portions, OS and file system. These include:
– System Sectors– Files – Macros – Companion Files – Directories (Cluster)– Batch Files– Source Code– Programe Language Files – Screen Savers & Themes
Nature of Viruses
Viruses can be divided into two types based on their behavior when they are executed.
3. Non Resident Viruses Nonresident viruses immediately search for other hosts that can be infected.
2. Resident Viruses Resident viruses do not search for hosts when they are
started. resident virus loads itself into memory on execution.
The virus stays active in the background and infects new hosts when those files are accessed by other programs or the operating system.
Types of Viruses Viruses are categorized by their nature of infect.
• Boot Viruses• Programme Viruses • Multipartite Viruses • Stealth Viruses • Polymorphic Viruses • Macro Viruses• Activex & Java Controls Viruses• Tunneling Viruses• Camouflage Viruses• Metamorphic Viruses• Network Viruses• Malware
Types of viruses
Boot viruses: These viruses infect floppy disk boot records or master boot records in hard disks. They replace the boot record program (which is responsible for loading the operating system in memory) copying it elsewhere on the disk or overwriting it.
Program viruses: This type of viruses infect executable program files, such as .BIN, .COM, .EXE, .DRV and
.SYS. These programs are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk.
Types of Viruses
Multipartite viruses:
This type of viruses are a combination of Boot and Program viruses. They infect program files when the infected program is executed, then viruses infect the boot record.
Stealth viruses:
These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may misguide the infected file’ssize and other information.
Types of Viruses
Polymorphic viruses: A virus that can encrypt its code in different ways so that it appears differently in each infection.
These viruses are more difficult to detect.
Macro Viruses: A macro virus is a new type of computer virus that infects the macros (series of program
commands or instructions ) within a document or template. When you open a word processing or spreadsheet document.
Types of Viruses
Active X and Java Control Viruses: Some users do not know how to manage and
control their web browser to allow or prohibit certain functions to work, such as enabling or disabling sound, pop ups, and so on. Leaving your computer in danger of being targeted by unwanted software or adware floating in cyberspace.
Tunneling Viruses
Tunneling viruses try to make tunnel under
anti-virus software while infecting.
This type virus attempts to bypass activity of
anti-virus programs and interrupt the function of OS or BIOS.
Camouflage Viruses
Camouflage viruses attempt to work with change in existence or appearance,
This type of virus itself look like something different and escape the scanning process of any Antivirus.
These viruses are very difficult to locate or capture.
Metamorphic Viruses
A metamorphic virus can change itself in many ways in order to avoid detection or infect multiple hosts.
These viruses rewrite code completely by themselves each time they infect.
This type of viruses work as translating its own code into a temporary representation, infect the files, OS or other media then edit the temporary representation of itself, and then write itself back to normal code again.Viruses of this type are also very difficult to
remove.
Types of VirusesNetwork Viruses: Network viruses rapidly spreads through a Local Network Area (LAN), and sometimes
throughout the internet.
Generally, network viruses multiply through shared resources, i.e., shared drives and folders. When the virus infects a computer,
it searches through the network to attack its new host, when the virus finishes infecting that
computer, it moves on to the next and the cycle repeats itself.
Malware Malware is a generic term for bad software.
The word malware comes from the words MALicious and softWARE.
Types of Malware include:
• Viruses • Worms • Trojan Horses • Logic bombs• Spyware • Adware • Spam • Popups
VirusAll computer viruses are manmade,
A simple virus can be dangerous because it will quickly use all available memory and bring the system to a halt.
A true virus bypassing security systems and spread from one computer to another (in form of executable code) over a network, Internet, removable medium such
as a floppy disk, CD, DVD or USB drive and.
Worm
A computer worm is a program which copies itself across a network.
Computer worm differs from a computer virus, because computer worm can run itself.
A virus needs a host program to run, and the virus code runs as part of the host program.
A computer worm can spread without a host program, although some modern computer worms also use files to hide inside.
Trojan horse
This is a type of virus that attempts to make the user think that it is a beneficial application.
A Trojan Horse virus works by hiding within a set of seemingly useful software programs. Once executed or installed it will start infecting other files in the computer.
A Trojan Horse Virus is also usually capable of stealing important information from the user's computer then send this information to Internet servers designated by the developer of the
virus.
The best way to be save from Trojan Horse Virus, never open email attachments or files that have been sent by unknown senders.
Logic Bombs
The logic bomb virus is a piece of code that reside into a software programe and when a certain and specific condition is meet, such as clicking on an Internet browser or opening a particular file, the logic bomb virus start their work.
Many programmers set the logic bombs virus with reference to certain day or date such as April Fools Day or Friday the 13th.
Spyware
Spyware are programs, cookies, or registry entries that track your activity and send your data to someone who collects this data for their own purposes.
Spyware is usually installed quietly, or even secretly, when you install shareware applications.
spyware programs can slow down your Internet connection by filling their traffic information.
They can also slow down your computer by using up available RAM and CPU
cycles.
Adware
Adware is a close relative of spyware. Adware is software that is installed on your computer to show you
advertisements.
Adware can also slow your Internet Connection by using bandwidth to
retrieve advertisements.
It can waste huge amounts of your time by popping unwanted ads onto your screen.
Spam
Spam is unsolicited e-mail which is sent in massive quantities to Internet email users.Most spam tries to sell products and
services such as mortgage, Financing, memberships and drugs.
A more dangerous category of spam tries to convince the recipient to share their bank account numbers, credit card
numbers, or logins & passwords to their online banking systems in shap of eBay and PayPal services.
Spam is almost impossible to stop completely, but it can be reduced to a less level through spam filters.
E-mail administrators typically install spam filtering software on mail servers and reduce the number of spam.
Popups Virus
This type of viruses are basically a program that is permanently
resident in memory and “pops up” onto the screen at the touch
of a key.
The number of such viruses increased when computer dependent on GUI, where any program can be made to “pop up”.
Popup viruses are the pop up ads,, casino ads, drugs ads, antivirus solution ads that influence user to install a programe on your system.
Anti Virus
Antivirus software is used detects, repairs, cleans, or removes virus-infected files from computer to prevent and remove computer viruses, including worms and trojan horses.
It also identify & remove viruses, but make computer healthy from other types of
harmful computer softwares.
Virus DetectionThere are two common methods that an anti-virus software application uses to detect viruses.
The first, virus detection is using a list of virus signature definitions.
This works by examining the content of the computer's memory, boot sectors, removable drives, hard drives, and comparing those files against a database of known virus signatures.
The second method is Heuristic Algorithm, it is used to find viruses common behaviors.
Recovery methods
System Restore:
One possibility on method is to used System Restore, feature of OS which restores the registry and critical system files to a previous
checkpoint.
Some viruses, however, disable system restore and other important tools such as Task Manager and Command Prompt.
Recovery methods
Operating system reinstallation
Reinstalling the operating system is another approach to virus removal. It involves simply reformatting the OS partition and installing the OS from its original media, or image the partition with a clean backup image using Ghost.
Recovery methods
Virus Cards:
This method was used in the early 1990s by DOS users and involves the installation of an ISA interface card which takes over the DOS interrupt and monitors the WRITE operation.
Recovery methodsRouters and Firewalls:
A Router acts as the best kind of firewall, a hardware firewall. It protects you from all kinds of viruses and keeps your information safe.
Hackers who want to gain access to your computer who may try to port scan your computer. High end routers may be able to completely block these scans or at least slow the hacker down.
Anti virus Softwares
• Symantec Norton antivirus • AVG antivirus • McAfee Scan • Microsoft Antivirus• NOD32, • Kaspersky• Bull Guard etc…
The antivirus software should be updated regularly for effective control.
Related Documents
