A brief presentation over computer viruses, which is presently ignored by most computer users.
Made by Utkarsh Srivastava for college 'routine task' purpose!
2. INTRODUCTION
DEFINITION:
A computer virus is a program or code that attaches itself to a
legitimate, executable piece of software, and then reproduces
itself when that program is run.
•In 1949, John von Neumann gave "self altering automata theory" which
is the result of mathematical research .
•In 1960, experts in BELL lab created a program that can reproduce itself
and can destroy the artificial opponent. Programs that are able to survive
and destroy all other programs, will be considered the winner. This game
ended up being a favourite game in each computer lab.
•In 1980, programs that eventually known as "virus" was successfully
spread beyond the laboratory environment, and began circulating in the
general population.
3. WHAT IS THE NEED?
Malware is not used just to annoy users, but to steal their
passwords, banking and credit card details, entangle
them in scams and fraud, etc., all things that can have
serious financial consequences.
“Kaspersky Labs” made a study and found that:
There were 5,903,377 registered notifications about
attempted malware infections aiming at stealing money
via online access to bank accounts.
4. How does the Virus spread?
Virus can infect your computer via emails and files
downloaded from the Internet or copied from USB drives or
other computers. Hackers can also take advantage of
software vulnerabilities to remotely install virus on your
computer without your awareness.
5. How to recognize the presence of virus?
• The computer system becomes slow.
• The size of available free memory reduces.
• The hard-disk runs out of space.
• The computer does not boot.
• Antivirus and firewall are disabled automatically.
• Unusual messages on screen!
6. • This type of virus infects the Master Boot
Record (MBR) of a hard drive, or the Floppy
Boot Record (FBR) of a floppy drive and virus
runs each time the system boots.
Boot Viruses
• A polymorphic virus creates an infection in a
computer that is known as a polymorphic
infection that creates copies of itself, with
each copy different to fool a virus detection
and users.
Polymorphic
Viruses
• A MAC or Macro virus is a computer virus
that spreads to other computers
through software programs that utilize
macros. For example, Microsoft
Word and Microsoft Excel.
Macro Viruses
7. BOOT VIRUS
A boot virus (also known as a boot infector or an MBR) targets and infects a
specific, physical section of a computer system that contains information
crucial to the proper operation of the computer's operating system (OS).
Boot viruses may differ based on whether they target the MBR or the FBR.
Infection Overview:
Step -1: Write original boot sector elsewhere on the disk.
Step-2:Write virus to the boot sector.
8. POLYMORPHIC VIRUS
• A polymorphic virus might have a virus decryption routine (VDR) and an
encrypted virus program body (EVB). When an infected application
launches, the VDR decrypts the encrypted virus body EVB back to its
original form so the virus can perform its intended function.
• Polymorphic viruses change their code each time as they duplicate
themselves.
• In this way each new copy is a variation of older copy!
9. MACRO VIRUS
• In computing terminology, a macro virus is a virus that is
written in a macro language : that is to say, a programming
language which is embedded inside a software application.
• Macros are sets of instructions that can be triggered by a
single command.
• Macro viruses are most commonly associated with Microsoft
Office programs (such as Word, Excel or Access) as these are
the most promptly used documents.
10. • The Melissa (created by David L. Smith) virus from March 1999 is a good
example of how viruses inflict damage. Melissa lurked inside an e-mail
Microsoft Word attachment. The e-mail's subject line appeared to be from
someone the recipient recognized.
• However, once the recipient clicked on the attachment, Melissa fused itself
to a Word object and began rifling through the victim's address book.
12. WORMS
• Stand Alone and
do not need a
software to hide
in.
• Use computer
networks to send
malicious
software to
other
computers,
spreading from
computer to
computer.
VIRUS
• A computer virus
inserts a copy of
itself into and
becoming part of
another program.
• They replicate
themselves, and
most come
attached to an
executable file,
which means a
person has to
actually run the
program for the
virus to become
active and spread.
TROJANS
• It is a harmful
piece of software
that looks
legitimate
• People are
tricked into using
such software.
• Trojan Horses do
not replicate
themselves the
way viruses and
worms do.
13. ANTI-VIRUS
• An antivirus software is a computer program that
identify and remove computer viruses, and other
malicious software like Worms and Trojans from
an infected computer. Not only this, an antivirus
software also protects the computer from further
virus attacks.
• There are two basic approaches used by Antivirus:
1. Dictionary Approach
2. Suspicious Behavior Approach
14. USING DICTIONARY APPROACH:
• The antivirus software examines each and every file in a
computer and examines its content with the virus definitions
stored in its virus dictionary.
• A virus dictionary is an inbuilt file belonging to an antivirus
software that contains code identified as a virus by the
antivirus authors.
15. Using Suspicious Behavior Approach:
•Antivirus software constantly monitors the activity of all
the programs.
•If any program tries to write data on an executable file, the
antivirus software will flag the program having a suspicious
behavior, means the suspected program will be marked as
a virus.
•The advantage of this approach is that it can safeguard
the computer against unknown viruses also.
•The disadvantage is that it may create several false alerts
too.
18. What one can do to be safe?
• Turn on your firewall.
• Use Windows Defender.
• Install and utilize anti-virus software, and be sure to update it as
necessary.
• Utilize an anti-malware program.
• Don’t click on anything you aren’t sure about. If something seems
suspicious, chances are it is.
• Back up your computer, and do it often! Protect yourself in case the
worst happens.
Editor's Notes
The word virus is often being used as a common term for all malicious programs, but technically
USB drive is the second common way to distribute virus. When you insert your USB drive to a computer you may have no idea that there are several viruses hiding in the computer to enter that USB memory stick which then become a vehicle for the virus to take shelter in your own computer.
http://userpages.umbc.edu/~dgorin1/432/viruses.htm
The MBR is the first sector of a hard drive and is usually located on track 0. It contains the initial loader and information about partition tables on a hard disk.
The DBR is usually located a few sectors (62 sectors after on a hard disk with 63 sectors per track) after the MBR, and contains the initial loader for an operating system and logical drive information.
The FBR is use for the same purposes as DBR on a hard drive, but it is located on the first track of a diskette.
Though boot viruses were once more common in the early 90s, they have since become less of a threat, as most computer motherboards now provide protection against such threats by denying access to the MBR without user permission. In recent years however, more sophisticated malware has been developed that have begin retargeting the MBR