What Is Malware?● Malware is a software designed to harm or secretly access a computer system without the owners informed consent.● Malware, short for malicious software,also known as pestware.● In general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.
Lets Introduce The Common Ones... VIRUS:A computer virus is a small program written to alter theway a computer operates, without the permission orknowledge of the user. With an ability to replicate itself,thus continuing to spread. Also, known as MaliciousSoftware, a program that can cause damage to a computer.The computer viruses can damage or corrupt data, modifyexisting data, or degrade the performance of the system byutilizing resources such as memory or disk space. It mayspread over a network (internet), carried it on a removablemedium such as a Floppy disk, CD/DVD Drive, USB Drive.
Classification of Computer viruses:•Boot sector virus•Master Boot Record (MBR) virus•File infector virus•Multipartite virus•Macro virus
BOOT SECTOR VIRUS:Boot sector viruses generally hide in the boot sector,either in the bootable disk or the hard drive.It attaches itself to the primary active partition of the harddisk that is read by the computer upon boot up.MASTER BOOT RECORD VIRUS:MBR viruses are memory-resident viruses that infect disksin the same manner as boot sector viruses. However it,infects the MBR of the system, gets activated when theBIOS activates the Master boot code. MBR infectorsnormally save a legitimate copy of the master boot recordin an different location.
File Infector Virus:File Infector viruses infect program files. Normally infectexecutable code, such as .COM, .SYS, .BAT and .EXE files.They can infect other files when an infected program is runfrom floppy, hard drive, or from the network. Many of theseviruses are memory resident. After memory becomesinfected, any uninfected executable file that runs becomesinfected.E.g. Snow.A, Jerusalem, Cascade.
Macro Virus:Macro are mini-programs which make it possible toautomate series of operations so that they areperformed as a single action, thereby saving the userfrom having to carry them out one by one.Macro viruses infect files that are created using certainapplications or programs that contain macros.They are platform-independent since the virus itself arewritten in language of the application and not theoperating system.They infect documents created from Microsoft OfficeWord, Excel, PowerPoint and Access files.E.g.W97M.Melissa,Bablas,WM.NiceDay,W97M.Groov.
Trojan HorseTrojan horses are impostors that claim to be somethingdesirable but, in fact, are malicious. Trojan horse programsdo not replicate themselves. Trojan horses containmalicious code that when triggered cause loss, or eventheft, of data.E.g. Trojan.VundoRetrieving user’s critical information. i.e. name, password.Erasing or overwriting data on a computer.Spying on a user to gather his information like browsinghabits, sites visited etc.
WORMSWorms are programs that replicate themselves fromsystem to system without the use of a host file. The wormsare spread through networks like LAN, WAN and alsothrough Internet. There are various ways by which a wormspreads, through Internet like E-mails, Messaging andChats.Worms almost always cause harm to the network, likeconsuming network bandwidth.E.g.W32.Mydoom.AX@mm
SPYWARE:It is a type of malware that can be installed on computers, andwhich collects small pieces of information about users withouttheir knowledge. The presence of spyware is typically hiddenfrom the user, and can be difficult to detect. Typically, spywareis secretly installed on the users personal computer.ADWARE:It is any software package which automatically plays, displays,or downloads advertisements to a computer. It is a type ofmalware which steals information. Example Bonzi Buddy, anapplication marketed as an "Intelligent Software Agent",corrupted many of the users system files, forcing the display ofmany obscene advertisements.
We Are The Angels Of Your Computer System. We Protect Your System Round The Clock
ANTIVIRUSAn antivirus software is a computer program that identifyand remove computer viruses, and other malicioussoftware like Worms and Trojans from an infectedcomputer. Not only this, an antivirus software also protectsthe computer from further virus attacks.We should regularly run an antivirus program to scanand remove any possible virus attacks from a computer.
Anti-spyware They can provide real time protection against theinstallation of spywares on the computer. This type ofspyware protection works the same way as that of anti-virus protection. It scans and blocks all incoming networkthreats as it comes across. It can be used solely for detection and removal ofspyware that has already been installed into thecomputer. Anti-spyware scans the contents of thewindows registry, operating system files, and installedprograms on the computer and will provide a list of anythreats found.
How An Antivirus Works... Using dictionary Approach:• The antivirus software examines each and every file in a computer and examines its content with the virus definitions stored in its virus dictionary.• A virus dictionary is an inbuilt file belonging to an antivirus software that contains code identified as a virus by the antivirus authors.
Using Suspicious Behavior Approach:•Antivirus software will constantly monitors the activity ofall the programs.•If any program tries to write data on an executable file, theantivirus software will flag the program having a suspiciousbehavior, means the suspected program will be marked asa virus.•The advantage of this approach is that it can safeguardthe computer against unknown viruses also.•The disadvantage is that it may create several false alertstoo.
Virus UpdatesProviding regular updates for the virus dictionary.An antivirus program should provide free virus updates ona periodic basis.With the current outburst in macro and script-basedviruses, virus updates that address the latest threats areessential.Most commercial antivirus software in today’s scenarioprovide virus updates on daily basis.
What to do on Suspecting Virus attack?•Disconnect the suspected computer system from theInternet as well as from the Local Network.•Start the system in Safe Mode or from the Windows bootdisk, if it displays any problem in starting.•Take backup of all crucial data to an external drive.•Install antivirus software if you do not have it installed.•Now, download the latest virus definitions updates fromthe internet.•Perform a full system scan.