DEFINITIONA computer virus is a small software program that spreads from one computer to another computer and interferes with computer operation andcauses damage to data and files on systems.

MAIN CHARACTERISTICS ARE:It is able to replicate.It requires a host program as a carrier.It is activated by external action.

SOME WELL-KNOWN COMPUTER VIRUSESCreeper virusElk ClonerThe Morris wormNimda

ACTIVITY

Find the name of any two viruses

with their description

INTERESTING FACTS

Experts estimate that the mydoom worminfected approximately a quarter-million computers in a single day in January 2004.In January 2007, a worm called Storm appeared -- by October, experts believed up to 50 million computers were infected.A program named Rother J was the first computer virus to come into sight. Created in 1981 by Richard Skrenta, it attached itself to the Apple DOS 3.3 operating system and spread via floppy disk.

SYMPTOMS OF A COMPUTER VIRUSThe computer runs slower than usual.The computer stops responding, or it locks up frequently.The computer restarts on its own. Additionally, the computer does not run as usual.Applications on the computer do not work correctly.Disks or disk drives are inaccessible.You see distorted menus and dialog boxes.An antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.A program disappears from the computer even though you did not intentionally remove the program.

TYPES OF VIRUSES

ARMORED VIRUS: An ARMORED virus is one that uses special tricks to make tracing, disassembling and understanding of its code more difficult. Like a Whale virus.

CAVITY VIRUS: A Cavity virus is one which over writes a part of the host file that is filled with a constant (usually nulls), without increasing the length of the file, but preserving its functionality. The Lehigh virus was an early example of a cavity virus.

COMPANION VIRUS: On exit, the new program executes the original program so that things appear normal. On PCs this has usually been accomplished by creating an infected .COM file with the same name as an existing .EXE file. COMPANION VIRUS 2:48 AM 20 A companion virus is that virus which is not modifying the original file but execute new program.

TYPES OF VIRUSES

RESIDENT VIRUS: Resident Viruses This type of virus is settle in the RAM memory. From there it can overcome and interrupt all of the operations executed by the system: corrupting files and programs that are opened, closed, copied, renamed etc. Examples are: Randex, CMJ, Meve, and Mrklunky.

POLYMORPHIC VIRUS: A polymorphic virus is one that produces varied but operational copies of itself. This is so that virus scanners will not be able to detect all instances of the virus. FAT VIRUS: This type of virus attack on the individual files or on the directories resulting information losses because this virus wipeout the information from the infected files.

HOW TO PREVENT A VIRUS?Load only software from original disks or CD's. Pirated or copied software is always a risk for a virus.Execute only programs of which you are familiar as to their origin.Computer uploads and "system configuration" changes should always be performed by the person who is responsible for the computer.Password protection should be employed.Check all shareware and free programs downloaded from on-line services with a virus checking program.Purchase or download a anti-virus program that runs as you boot or work your computer. Up-date it frequently.

Other forms of computer attacksSPAMMING- Sending of bulk email by an unidentified source.WORM- A self replicating program that eats up the entire disk space or memory by creating its copies until all the memory is filled.SPYWARE- A software that is installed on the computer to spy on the activities and report this to people willing to pay for it.

ADWARE- The program that deliver unwanted ads to the computer(generally in pop-up forms) and consume the network bandwidth.TROJAN HORSE- A program that appears harmless but actually performs malicious functions such as deleting or damaging files.SWEEPER- A malicious program used by hackers to sweep or deletes all the data from the system.PHISHING- A process of attempting to acquire sensitive information such as user name, passwords, credit card information, account data etc.

HOW VIRUS SPREAD?

A virus runs first when a legitimate program is executed. The virus loads itself into memory and looks to see if it can find any other programs on the disk. If it can find one, it modifies it to add the virus's code to the new program. Then the virus launches the "real program.

The user has no way to know that the virus ever ran. Unfortunately, the virus has now reproduced itself, so two programs are infected. The next time either of those programs gets executed, they infect other programs, and the cycle cont

When the infected program is distributed by floppy diskuploaded to a bulletin boardzipped and delivered as an executablethen other programs get infectedThis is how viruses spreadHOW VIRUS SPREAD?

How to prevent virus?Run a secure operating system like UNIX or Windows NTsecurity features keep viruses awayBuy virus protection softwareAvoid programs from unknown sources (like the Internet)Stick with commercial software purchased on CDsWith E-mail virusesNever double-click on an attachment that contains an executable programAttachments that come in as Word files (.DOC), spreadsheets (.XLS), images (.GIF and .JPG), etc., are data files and they can do no damage

How viruses get into computers ?The four most common virus infections come from: File A virus type that infects existing files on the computer (~40%) Macro A virus that runs as a macro in a host application such as the MS Office applications (~20%) VBScript A virus that uses Windows Visual Basic Script functionality (~10%) Internet Worm A virus that is primarily characterized by its replication across the Internet (~20%)

The life cycle of a virus A virus enters the system passively, through an activity of the operator (inserting an infected disk, opening an infected mail attachment). A virus has to be compatible with the system to gain a foothold. A virus replicates at the cost of computer speed. Damage causes loss or inaccessibility of files, and sometimes loss of the complete hard disk.Transfer to the next computer can occur automatically when computers are interconnected, or requires human activity such as sharing of diskettes. Entry Foothold Replication & Damage Transfer to next hostThe life cycle of a virus :

ANTIVIRUSAntivirus software is a computer program that detects, prevents, and takes action to disarm or remove malicious software programs, such as viruses and worms.

TOP 5 ANTI VIRUS SOFTWARESMCAFEE VIRUS SCAN AVG ANTIVIRUS ACTIVE VIRUS SHIELD ESET NOD 32 AVIRA ANTI VIRUS

ACTIVITY

Find the name of any two antivirus softwares with their description.

HOW ANTIVIRUS WORKS?

There are several methods which antivirus software can use to identify malware:Signature based detection is the most common method. To identify viruses and other malware, antivirus software compares the contents of a file to a did of virus signatures. Because viruses can embed themselves in existing files, the entire file is searched, not just as a whole, but also in pieces.Heuristic-based detection, like malicious activity detection, can be used to identify unknown viruses.File emulation is another heuristic approach. File emulation involves executing a program in a virtual environment and logging what actions the program performs. Depending on the actions logged, the antivirus software can determine if the program is malicious or not and then carry out the appropriate disinfection actions