Virus and antivirus by Ali Ahmed


Published on

This is a presentation created by Ali Ahmed and I am uploading this so that some one can use this in a good way and hoping that the information included in this presentation is good for everyone.

Published in: Education, Technology
No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Virus and antivirus by Ali Ahmed

  1. 1. COMPUTER VIRUS <br />& <br />ANTIVIRUS<br />
  2. 2. COMPUTER VIRUS<br /><ul><li>A computer virus is a small program written to alter the way a computer operates, without the permission or knowledge of the user.
  3. 3. With an ability to replicate itself, thus continuing to spread. Also, known as Malicious Software, a program that can cause damage to a computer.</li></li></ul><li>CONT...<br /><ul><li>The computer viruses can damage or corrupt data, modify existing data, or degrade the performance of the system by utilizing resources such as memory or disk space.
  4. 4. It may spread over a network (internet), carried it on a removable medium such as a Floppy disk, CD/DVD Drive, USB Drive.</li></li></ul><li>CLASSIFICATION OF COMPUTER VIRUS<br /><ul><li>Boot sector virus
  5. 5. Master Boot Record (MBR) virus
  6. 6. File infector virus
  7. 7. Multipartite virus
  8. 8. Macro virus</li></li></ul><li>BOOT SECTOR VIRUS:<br /><ul><li>Boot sector viruses generally hide in</li></ul> the boot sector, either in the<br />bootable disk or the hard drive.<br /><ul><li>It attaches itself to the primary active partition of the hard disk that is read by the computer upon boot up.</li></li></ul><li>MASTER BOOT RECORD VIRUS:<br /><ul><li>MBR viruses are memory-resident viruses that infect disks in the same manner as boot sector viruses.
  9. 9. However it, infects the MBR of the system, gets activated when the BIOS activates the Master boot code.
  10. 10. MBR infectors normally save a legitimate copy of the master boot record in an different location.</li></li></ul><li>FILE INFECTOR VIRUS:<br /><ul><li>File Infector viruses infect program files. Normally infect executable code, such as .COM, .SYS, .BAT and .EXE files.
  11. 11. They can infect other files when an infected program is run from floppy, hard drive, or from the network.</li></li></ul><li>CONT...<br /><ul><li>Many of these viruses are memory resident. After memory becomes infected, any uninfected executable file that runs becomes infected.</li></li></ul><li>MULTIPARTILE VIRUS:<br /><ul><li>A multipartite virus is a computer virus that infects and spreads in multiple ways.
  12. 12. The term was coined to describe the first viruses that included DOS executable files and PC BIOS boot sector virus code, where both parts are viral themselves.
  13. 13. For a complete cleanup, all parts of the virus must be removed. </li></li></ul><li>CONT...<br /><ul><li>The term was coined, as prior to the discovery of the first of these, viruses were categorized as either file infectors or boot infectors.
  14. 14. Because of the multiple vectors for the spread of infection, these viruses could spread faster than a boot or file infector alone.</li></li></ul><li>MACRO VIRUS:<br /><ul><li>Macro are mini-programs which make it possible to automate series of operations so that they are performed as a single action, thereby saving the user from having to carry them out one by one.
  15. 15. Macro viruses infect files that are created using certain applications or programs that contain macros.</li></li></ul><li>CONT...<br /><ul><li>They are platform-independent since the virus itself are written in language of the application and not the operating system.
  16. 16. They infect documents created from Microsoft Office Word, Excel, PowerPoint and Access files.</li></li></ul><li>CONT...<br /><ul><li>E.g.W97M.Melissa,Bablas,WM.NiceDay,W97M.Groov.</li></li></ul><li>We Are The Angels Of Your Computer System. We Protect Your System Round The Clock<br />
  17. 17. Your Time Is Up, My Time Is Now....<br />
  18. 18. ANTIVIRUS<br /><ul><li>An antivirus software is a computer program that identify and remove computer viruses, and other malicious software like Worms and Trojans from an infected computer.
  19. 19. Not only this, an antivirus software also protects the computer from further virus attacks.</li></li></ul><li>CONT...<br /><ul><li>We should regularly run an antivirus program to scan and remove any possible virus attacks from a computer</li></li></ul><li>ANTI-SPYWARE<br /><ul><li>They can provide real time protection against the installation of spywares on the computer.
  20. 20. This type of spyware protection works the same way as that of anti-virus protection.
  21. 21. It scans and blocks all incoming network threats as it comes across.</li></li></ul><li>CONT...<br /><ul><li> It can be used solely for detection and removal of spyware that has already been installed into the computer.
  22. 22. Anti-spyware scans the contents of the windows registry, operating system files, and installed programs on the computer and will provide a list of any threats found.</li></li></ul><li>HOW AN ANTIVIRUS WORKS?<br />Using dictionary Approach:<br /><ul><li>The antivirus software examines each and every file in a computer and examines its content with the virus definitions stored in its virus dictionary.
  23. 23. A virus dictionary is an inbuilt file belonging to an antivirus software that contains code identified as a virus by the antivirus authors.</li></li></ul><li>CONT...<br />USING SUSPICIOUS BEHAVIOR APPROACH:<br /><ul><li>Antivirus software will constantly monitors the activity of all the programs.
  24. 24. If any program tries to write data on an executable file, the antivirus software will flag the program having a suspicious behavior, means the suspected program will be marked as a virus.</li></li></ul><li>CONT...<br /><ul><li>The advantage of this approach is that it can safeguard the computer against unknown viruses also.
  25. 25. The disadvantage is that it may create several false alerts too.</li></li></ul><li>VIRUS UPDATES<br /><ul><li>Providing regular updates for the virus dictionary.
  26. 26. An antivirus program should provide free virus updates on a periodic basis.
  27. 27. With the current outburst in macro and script-based viruses, virus updates that address the latest threats are essential.
  28. 28. Most commercial antivirus software in today’s scenario provide virus updates on daily basis.</li></li></ul><li>
  29. 29. WHAT TO DO IN SUSPECTING <br />VIRUS ATTACK?<br /><ul><li>Disconnect the suspected computer system from the Internet as well as from the Local Network.
  30. 30. Start the system in Safe Mode or from the Windows boot disk, if it displays any problem in starting.
  31. 31. Take backup of all crucial data to an external drive.</li></li></ul><li>CONT...<br /><ul><li>Install antivirus software if you do not have it installed.
  32. 32. Now, download the latest virus definitions updates from the internet.
  33. 33. Perform a full system scan.</li></li></ul><li>POPULAR ANTIVIRUS & <br />ANTI-SPYWARE SOFTWARES<br />
  35. 35. Reference<br /><br /><br /><br /><br /><br /> --- 9/27/11<br /><br /><br /><br />
  36. 36. Reference<br /><br /><br /><br /><br /><br /><br /><br /><br />