compiled & designed by : presentation point idea by: saad(ceo future it) © 2011 presentation...

Compiled & Designed by : Presentation Point Idea by: SAAD(CEO Future IT) © 2011

Compiled By & Designed : Presentation Point

(www.presentationpoint.yola.com)

Idea & Support by:

Future IT(www.futureit.yola.com) ,SAAD (CEO Future IT)

(c) February, 2011

http://www.futureit.yola.com/

What is a Virus ?A virus is just a computer program. Like any other program, it contains instructions that tell your computer what to do. But unlike an application, a virus usually tells your computer to do something you don't want it to do, and it can usually spread itself to other files on your computer -- and other people's computers.


In some cases, a virus will execute only a gentle "personality quirk," such as causing your computer to make seemingly random bleeps.

But a virus can be very destructive; it could format your hard drive, overwrite your hard drive boot sector, or delete files and render your machine inoperable.


General virus types While there are thousands of variations of viruses, most fall into one of the following general categories, each of which works slightly differently.


Boot Sector Virus:

Replaces or implants itself in

the boot sector. This kind of virus can prevent you from being able to boot your hard disk.


Macro Virus: Written using a simplified macro programming language, these viruses affect Microsoft Office applications,

such as Word and Excel. A document infected with a macro virus generally modifies a pre-existing, commonly used command (such as Save) to trigger its payload upon execution of that command.


Multipartite Virus

Infects both files and the boot sector-- a double whammy that can reinfect your system dozens of times before it's caught.


Polymorphic Virus:

Changes code whenever it

passes to another machine.


Stealth Virus:

hides its presence by making an infected file

not appear infected


E-mail viruses:An e-mail virus moves around in e-mail messages, and usually replicates itself by automatically mailing itself to dozens of people in the victim's e-mail address book.


Worms: A worm is a computer program that has the ability to copy itself from machine to machine. Worms normally move around and infect other machines through computer networks. Worms eat up storage space and slows down the computer. But worms don't alter or delete files.


Trojan horses : A Trojan horse is simply a computer program that claims to do one thing (it may claim to be a game) but instead does damage when you run it (it may erase your hard disk).


When loaded onto your machine, a Trojan horse can capture information from your system -- such as user names and passwords or could allow a malicious hacker to remotely control your computer.

Trojan horses have no way to replicate automatically.


Origins of Viruses : People create viruses. A person has to write the code, test it to make sure it spreads properly and then release the virus. A person also designs the virus's attack phase, whether it's a silly message or destruction of a hard disk.

In most of the cases people create viruses just for the thrill or fun.


How They Spread ?Early viruses were pieces of code attached to a common program like a popular game or a popular word processor. A person might download an infected game from the internet or copy it from a floppy disk and run it. A virus like this is a small piece of code embedded in a larger, legitimate program. Any virus is designed to run first when the legitimate program gets executed.


The virus loads itself into memory and looks around to see if it can find any other programs on the disk. If it can find one, it modifies it to add the virus's code to the unsuspecting program. Then the virus launches the "real program." The user really has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programs are infected. The next time either of those programs gets executed, they infect other programs, and the cycle continues.


If one of the infected programs is given to another person on a floppy disk, or if it is uploaded to internet, then other programs get infected.

This is how the virus spreads.


The spreading part is the infection phase of the virus.

Viruses wouldn't been so violently disliked if all they did was replicate themselves. Unfortunately, most viruses also have some sort of destructive attack phase where they do some damage. Some sort of trigger will activate the attack phase, and the virus will then "do something" -- anything from printing a silly message on the screen to erasing all of your data. The trigger might be a specific date, or the number of times the virus has been replicated, or something similar.


SOME TRICKS THE VIRUSES PLAY :

One important trick is the ability to load viruses into memory so that they can keep running in the background as long as the computer remains on. This gives viruses a much more effective way to replicate themselves.


Another trick is the ability to infect the boot sector on floppy disks and hard disks. The boot sector is a small program that is the first part of the operating system that the computer loads and tells the computer how to load the rest of the operating system.

By putting its code in the boot sector, a virus can guarantee that it gets executed. It can load itself into memory immediately, and it is able to run whenever the computer is on. Boot sector viruses can infect the boot sector of any floppy disk inserted in the machine, and on campuses where lots of people share machines they spread like wildfire.


In general, both executable and boot sector viruses are not very threatening any more.

The first reason for the decline has been the huge size of today's programs. The programs are so big that the only easy way to move them around is in CDs. People certainly can't carry applications around on a floppy disk like they did in the early days. Compact discs cannot be modified, and that makes viral infection of a CD impossible.

Boot sector viruses have also declined because operating systems now protect the boot sector.

Both boot sector viruses and executable viruses are still possible, but they are a lot harder now and they don't spread nearly as quickly as they once could.


Run a secure operating system like UNIX or Windows NT.

Install virus protection software.

Avoid programs from unknown sources.

Disable floppy disk booting

Macro Virus Protection is enabled in all Microsoft applications.

Never double-click on an attachment that contains an executable that arrives as an e-mail attachment.

Prevention is the best cure :


How antivirus software works :Scanning software looks for a virus in one of two ways. If it's a known virus (one that has already been detected in the wild and has an antidote written for it) the software will look for the virus's signature -- a unique string of bytes that identifies the virus like a fingerprint -- and will zap it from your system. Most scanning software will catch not only an initial virus but many of its variants as well, since the signature code usually remains intact.


In the case of new viruses for which no antidote has been created, scanning software uses methods that look for unusual virus like activity on your system. If the program sees any funny business, it quarantines the questionable program and broadcasts a warning to you about what the program may be trying to do (such as modify your Windows Registry). If you and the software think the program may be a virus, you can send the quarantined file to the antivirus vendor, where researchers examine it, determine its signature, name and catalog it, and release its antidote. It's now a known virus.


If the virus never appears again -- which often happens when the virus is too poorly written to spread -- then vendors categorize the virus as dormant. But viruses are like earthquakes: The initial outbreak is usually followed by aftershocks. Variants (copycat viruses that emerge in droves after the initial outbreak) make up the bulk of known viruses.


Practice safe computingThe best way to protect yourself from viruses is to avoid opening unexpected e-mail attachments and downloads from unreliable sources. Resist the urge to double-click everything in your mailbox. If you get a file attachment and you aren't expecting one, e-mail the person who sent it to you before you open the attachment. Ask them if they meant to send you the file, what it is, and what it should do.


For added safety, you need to install reliable antivirus scanning software and download updates regularly. Major antivirus software vendors, including Symantec, Network Associates, Computer Associates, and Trend Micro, provide regular updates. (Computer Associates' InoculateIT is also free.) Some of the vendors also offer a service that will automatically retrieve updates for you from the company's Web site.


Regular updates are essential. Researchers at Computer Economics estimate that 30 percent of small businesses are vulnerable to viruses either because they don't keep their virus-scanning software updated or because they don't install it correctly.


compiled & designed by : presentation point idea by: saad(ceo future it) © 2011 presentation...

Documents

saadceo future

presentation point idea

macro virus

boot sector virus

polymorphic virus

stealth virus

multipartite virus

kind of virus