3. What Is Malware?
● Malware is a software designed to harm or
secretly access a computer system without the
owner's informed consent.
● Malware, short for malicious software,also
known as pestware.
● In general term used by computer professionals
to mean a variety of forms of hostile, intrusive,
or annoying software or program code.
6. Lets Introduce The Common
Ones...
VIRUS:
A computer virus is a small program written to alter the
way a computer operates, without the permission or
knowledge of the user. With an ability to replicate itself,
thus continuing to spread. Also, known as Malicious
Software, a program that can cause damage to a computer.
The computer viruses can damage or corrupt data, modify
existing data, or degrade the performance of the system by
utilizing resources such as memory or disk space. It may
spread over a network (internet), carried it on a removable
medium such as a Floppy disk, CD/DVD Drive, USB Drive.
7. Classification of Computer viruses:
•Boot sector virus
•Master Boot Record (MBR) virus
•File infector virus
•Multipartite virus
•Macro virus
8. BOOT SECTOR VIRUS:
Boot sector viruses generally hide in the boot sector,
either in the bootable disk or the hard drive.
It attaches itself to the primary active partition of the hard
disk that is read by the computer upon boot up.
MASTER BOOT RECORD VIRUS:
MBR viruses are memory-resident viruses that infect disks
in the same manner as boot sector viruses. However it,
infects the MBR of the system, gets activated when the
BIOS activates the Master boot code. MBR infectors
normally save a legitimate copy of the master boot record
in an different location.
9. File Infector Virus:
File Infector viruses infect program files. Normally infect
executable code, such as .COM, .SYS, .BAT and .EXE files.
They can infect other files when an infected program is run
from floppy, hard drive, or from the network. Many of these
viruses are memory resident. After memory becomes
infected, any uninfected executable file that runs becomes
infected.
E.g. Snow.A, Jerusalem, Cascade.
10. Macro Virus:
Macro are mini-programs which make it possible to
automate series of operations so that they are
performed as a single action, thereby saving the user
from having to carry them out one by one.
Macro viruses infect files that are created using certain
applications or programs that contain macros.
They are platform-independent since the virus itself are
written in language of the application and not the
operating system.
They infect documents created from Microsoft Office
Word, Excel, PowerPoint and Access files.
E.g.W97M.Melissa,Bablas,WM.NiceDay,W97M.Groov.
11. Trojan Horse
Trojan horses are impostors that claim to be something
desirable but, in fact, are malicious. Trojan horse programs
do not replicate themselves. Trojan horses contain
malicious code that when triggered cause loss, or even
theft, of data.
E.g. Trojan.Vundo
Retrieving user’s critical information. i.e. name, password.
Erasing or overwriting data on a computer.
Spying on a user to gather his information like browsing
habits, sites visited etc.
12.
13. WORMS
Worms are programs that replicate themselves from
system to system without the use of a host file. The worms
are spread through networks like LAN, WAN and also
through Internet. There are various ways by which a worm
spreads, through Internet like E-mails, Messaging and
Chats.
Worms almost always cause harm to the network, like
consuming network bandwidth.
E.g.W32.Mydoom.AX@mm
14. SPYWARE:
It is a type of malware that can be installed on computers, and
which collects small pieces of information about users without
their knowledge. The presence of spyware is typically hidden
from the user, and can be difficult to detect. Typically, spyware
is secretly installed on the user's personal computer.
ADWARE:
It is any software package which automatically plays, displays,
or downloads advertisements to a computer. It is a type of
malware which steals information. Example Bonzi Buddy, an
application marketed as an "Intelligent Software Agent",
corrupted many of the user's system files, forcing the display of
many obscene advertisements.
16. We Are The Angels Of Your Computer System. We Protect Your System Round The Clock
17. ANTIVIRUS
An antivirus software is a computer program that identify
and remove computer viruses, and other malicious
software like Worms and Trojans from an infected
computer. Not only this, an antivirus software also protects
the computer from further virus attacks.
We should regularly run an antivirus program to scan
and remove any possible virus attacks from a computer.
18. Anti-spyware
They can provide real time protection against the
installation of spywares on the computer. This type of
spyware protection works the same way as that of anti-
virus protection. It scans and blocks all incoming network
threats as it comes across.
It can be used solely for detection and removal of
spyware that has already been installed into the
computer. Anti-spyware scans the contents of the
windows registry, operating system files, and installed
programs on the computer and will provide a list of any
threats found.
19. How An Antivirus Works...
Using dictionary Approach:
• The antivirus software examines each and every file in
a computer and examines its content with the virus
definitions stored in its virus dictionary.
• A virus dictionary is an inbuilt file belonging to an
antivirus software that contains code identified as a
virus by the antivirus authors.
20. Using Suspicious Behavior Approach:
•Antivirus software will constantly monitors the activity of
all the programs.
•If any program tries to write data on an executable file, the
antivirus software will flag the program having a suspicious
behavior, means the suspected program will be marked as
a virus.
•The advantage of this approach is that it can safeguard
the computer against unknown viruses also.
•The disadvantage is that it may create several false alerts
too.
21. Virus Updates
Providing regular updates for the virus dictionary.
An antivirus program should provide free virus updates on
a periodic basis.
With the current outburst in macro and script-based
viruses, virus updates that address the latest threats are
essential.
Most commercial antivirus software in today’s scenario
provide virus updates on daily basis.
22. What to do on Suspecting Virus attack?
•Disconnect the suspected computer system from the
Internet as well as from the Local Network.
•Start the system in Safe Mode or from the Windows boot
disk, if it displays any problem in starting.
•Take backup of all crucial data to an external drive.
•Install antivirus software if you do not have it installed.
•Now, download the latest virus definitions updates from
the internet.
•Perform a full system scan.