This document discusses computer viruses, including their definition, types, causes and effects, and prevention and cure. It defines a computer virus as a self-replicating piece of code that can attach itself to files or applications and cause unintended behavior on a computer. Common types include resident, direct action, overwrite, boot sector, and macro viruses. Viruses can spread by infecting the boot sector or programs run in memory. While they don't necessarily damage data, macro viruses in particular can slow computers down or damage documents. The best prevention methods are using antivirus software to continuously scan for viruses and keep definitions up to date, while the best cure is recovering from a backup and reinstalling the operating system if a virus is
2. Computer virus concept
• Definition of Computer Virus
• Types of Computer Virus
• Causes & Effects of computer Virus
• Prevention &cure of Computer Virus
• Conclusion
2
3. Computer virus concept
What is Computer Virus?
• Definition -- Virus: A self-replicating piece of computer code that
can partially or fully attach itself to files or applications, and can
cause your computer to do something you don't want it to do.
• Similarities between biological virus (like " HIV " )
and computer virus:
• Need a host for residence.
• Capable of self-replicate
• Cause damage to the host.
• Difference: Computer viruses are created by human.
3
5. Computer virus concept
Virus Characteristics
• Memory Resident:
Loads in memory where it can easily replicate itself into programs of boot
sectors. Most common.
• Non-Resident:
Does not stay in memory after the host program is closed, thus can only
infect while the program is open. Not as common.
• Stealth:
The ability to hide from detection and repair in two ways.
- Virus redirects disk reads to avoid detection.
- Disk directory data is altered to hide the additional bytes of the virus.
5
6. Computer Virus Concept
Virus Characteristics
• Encrypting:
Technique of hiding by transformation. Virus code converts itself into
cryptic symbols. However, in order to launch (execute) and spread the
virus must decrypt and can then be detected.
• Polymorphic:
Ability to change code segments to look different from one infection to
another. This type of virus is a challenge for ant-virus detection
methods.
6
7. Computer virus concept
How does computer virus work?
• The Basic Rule: A virus is inactive until the infected program is run or boot
record is read. As the virus is activated, it loads into the computers memory
where it can spread itself.
• Boot Infectors: If the boot code on the drive is infected, the virus will be
loaded into memory on every startup. From memory, the boot virus can
travel to every disk that is read and the infection spreads.
• Program Infectors: When an infected application is run, the virus activates
and is loaded into memory. While the virus is in memory, any program file
subsequently run becomes infected.
7
8. Causes & Effect of Computer Virus
A computer viruses can infect the program and it
may lead to loss of important data
These viruses are transfers to our data through
any floppy or cd
If any infected file is copy in your system then it
will infect the other files and function too
8
9. Analyze three common viruses
Macro Virus
• What is Macro virus
• A type of computer virus that is encoded as a macro embedded in a
document.
• According to some estimates, 75% of all viruses today are macro
viruses.
• Once a macro virus gets onto your machine, it can embed itself in all
future documents you create with the application.
• In many cases macro viruses cause no damage to data; but in some
cases malicious macros have been written that can damage your work.
• The first macro virus was discovered in the summer of 1995. Since that
time, other macro viruses have appeared.
9
10. Analyze three common viruses
Macro Virus
• How does it spread?
• When you share the file with another user, the attached macro or script
goes with the file. Most macro viruses are designed to run, or attack, when
you first open the file. If the file is opened into its related application, the
macro virus is executed and infect other documents.
• The infection process of the macro virus can be triggered by opening a
Microsoft Office document or even Office Application itself, like Word,
Excel. The virus can attempt to avoid detection by changing or disabling the
built-in macro warnings, or by removing menu commands
10
12. Antivirus technology
Prevention &cure of Computer Virus
• Some Symptoms
• Program takes longer to load.
• The program size keeps changing.
• The drive light keeps flashing when you are not doing
anything.
• User created files have strange names.
• The computer doesn't remember CMOS settings.
12
13. Antivirus technology
How to detect virus?
• Use Antivirus Software to scan the computer memory and
disks.
• A memory-resident anti-virus software can be used to
continuously monitor the computer for viruses.
• Scan your hard disk with an anti-virus software. You should
make sure that an up-to-date virus definition data have been
applied.
• Use server-based anti-virus software to protect your
network.
13
14. Antivirus Technology
How to clean virus?
• All activities on infected machine should be stopped and it
should be detached from the network.
• Recover from backup is the most secure and effective way to
recover the system and files.
• In some cases, you may recover the boot sector, partition table
and even the BIOS data using the emergency recovery disk.
• In case you do not have the latest backup of your files, you
may try to remove the virus using anti-virus software.
14
15. Antivirus Technology
How to clean virus?
The steps to reinstall the whole system –
1. Reboot the PC using a clean startup disk.
2. Type in MBR to rewrite the Master Boot Record.
3. Format DOS partitions.
4. Reinstall Windows XP or other os and other applications.
5. Install Antivirus Software and apply the latest virus definition
data.
15
16. Conclusion
• I think we should not use the pc without any
antivirus security as it may cause damage to our
important data
Do not copy or transfer any data or file without
scanning the disk
16