Types of Infection
What are Viruses?
A computer virus is a computer program that can
copy itself and infect a computer without
permission or knowledge of the user.
Small piece of software that uses computer
networks and security holes to replicate itself.
Copy of the worm scans the network for another
machine that has a specific security hole.
Copy itself to the new machine using the security
hole and start replicating.
Example “CODE RED”, “Bubbleboy”.
Difference between Virus
The difference between a worm and a
virus is that a virus does not have a
propagation vector. i.e., it will only effect
one host and does not propagate to other
Worms propagate and infect other
computers. Majority of threats are actually
worms that propagate to other hosts.
Moves around in e-mail messages
Usually replicate itself by automatically
mailing itself to dozens of people in the
victim’s email address book.
Example “MELISSA VIRUS”
Example “I LOVE YOU VIRUS”
A simple computer
It claim to be a game
Erase your hard disk
No way to replicate itself.
Types of Viruses
File infector virus
Infect program files
Boot sector virus
Infect the system area of a disk
Master boot record virus
infect disks in the same manner as boot sector viruses. The difference between
these two virus types is where the viral code is located.
infect both boot records and program files
infect data files. Examples: Microsoft Office Word, Excel,
PowerPoint and Access files
Melissa Virus (March 1999)
Melissa virus spread in Microsoft Word
documents sent via e-mail.
How it works ?
Created the virus as word document
Uploaded to an internet newsgroup
Anyone who download the document and
opened it would trigger the virus.
Send friendly email messages to first 50
people in person’s address book.
Melissa Virus was the fastest spreading
virus ever seen.
Forced a number of large companies to
shut down their e-mail systems.
I Love You Virus
Contained a piece of code as an
Double Click on the attachment triggered
Sent copies of itself to everyone in the
victim’s address book
Started corrupting files on the victim’s
Code Red (Worm)
Code Red made huge headlines in 2001
It slowed down internet traffic when it
began to replicate itself.
Each copy of the worm scanned the
internet for Windows NT or Windows 2000
that don’t have security patch installed.
Each time it found an unsecured server,
the worm copied itself to that server.
Code Red Worm
Designed to do three things
Replicate itself for the first 20 days of
Replace web pages on infected servers
with a page that declares “Hacked by
Launch a concreted attack on the White
House Web server
How Bubbleboy works
Bubbleboy is embedded within an email message of
a VbScript while the user views a HTML page
a file named “Update.hta” is placed in the start up
upon reboot Bubbleboy executes
Symptoms of Virus Attack
Computer runs slower then usual
Computer no longer boots up
Screen sometimes flicker
PC speaker beeps periodically
System crashes for no reason
Files/directories sometimes disappear
Denial of Service (DoS)
Why do people do it ?
For some people creating viruses seems
to be thrill.
Thrill of watching things blow up.
To show how sophisticated and
interconnected human beings have
To show loopholes in system.
Always update your anti-virus software at
Back up your important files and ensure
that they can be restored.
Change the computer's boot sequence to
always start the PC from its hard drive
Don't share Drive C: without a password
and without read-only restrictions.
Empty floppy drives of diskettes before
turning on computers, especially laptops.
Forget opening unexpected e-mail
attachments, even if they're from friends
Get trained on your computer's anti-virus
software and use it.
Have multiple backups of important files.
This lowers the chance that all are
You know know more about virus and how:
viruses work through your system
to make a better virus
Have seen how viruses show us a loophole in
Most viruses show that they can cause great
damage due to loopholes in programming