Computer viruses and antivirus PRESENTATION BY Beibit Nurbibi Psychologist Psychologist

What is Computer Virus? : What is Computer Virus? Definition -- Virus: A self- replicating piece of computer code that can partially or fully attach itself to files or applications, and can cause your computer to do something you don't want it to do.

Boot Sector Virus - Michelangelo Boot sector viruses infect the boot sectors on floppy disks and hard disks, and can also infect the master boot record on a user's hard drive. File Infector Virus - CIH Operate in memory and usually infect executable files. Multi-partite Virus Multi-partite viruses have characteristics of both boot sector viruses and file infector viruses. Macro Virus - Melissa Macro Virus They infect macro utilities that accompany such applications as Microsoft Word, Excel and outlook. Types of Computer Virus

Continue Trojan / Trojan Horse – A Trojan or Trojan Horse is a program that appears legitimate, but performs some malicious and illicit activity when it is run. Worm – Red Code A worm is a program that spreads over network. Unlike a virus, worm does not attach itself to a host program. It uses up the computer resources, modifies system settings and eventually puts the system down. Worms are very similar to viruses in that they are computer programs that replicate themselves. The difference is that unlike viruses, worm exist as a separate small piece of code. They do not attach themselves to other files or programs Continue Trojan / Trojan Horse – A Trojan or Trojan Horse is a program that appears legitimate, but performs some malicious and illicit activity when it is run. Worm – Red Code A worm is a program that spreads over network. Unlike a virus, worm does not attach itself to a host program. It uses up the computer resources, modifies system settings and eventually puts the system down. Worms are very similar to viruses in that they are computer programs that replicate themselves. The difference is that unlike viruses, worm exist as a separate small piece of code. They do not attach themselves to other files or programs Types of Computer Virus -

Memory Resident: Loads in memory where it can easily replicate itself into programs of boot sectors. Most common. Non-Resident: Does not stay in memory after the host program is closed, thus can only infect while the program is open. Not as common. Stealth: The ability to hide from detection and repair in two ways. - Virus redirects disk reads to avoid detection. - Disk directory data is altered to hide the additional bytes of the virus. Memory Resident: Loads in memory where it can easily replicate itself into programs of boot sectors. Most common. Non-Resident: Does not stay in memory after the host program is closed, thus can only infect while the program is open. Not as common. Stealth: The ability to hide from detection and repair in two ways. - Virus redirects disk reads to avoid detection. - Disk directory data is altered to hide the additional bytes of the virus. Virus Characteristics :

The Basic Rule: A virus is inactive until the infected program is run or boot record is read. As the virus is activated, it loads into the computers memory where it can spread itself. Boot Infectors: If the boot code on the drive is infected, the virus will be loaded into memory on every startup. From memory, the boot virus can travel to every disk that is read and the infection spreads. Program Infectors: When an infected application is run, the virus activates and is loaded into memory. While the virus is in memory, any program file subsequently run becomes infected The Basic Rule: A virus is inactive until the infected program is run or boot record is read. As the virus is activated, it loads into the computers memory where it can spread itself. Boot Infectors: If the boot code on the drive is infected, the virus will be loaded into memory on every startup. From memory, the boot virus can travel to every disk that is read and the infection spreads. Program Infectors: When an infected application is run, the virus activates and is loaded into memory. While the virus is in memory, any program file subsequently run becomes infected How does computer virus work? :

How to detect virus? How to clean virus? How to detect virus? How to clean virus? Antivirus Technologies Best Practices DIFFERENT TYPES OF ANTIVIRUS

How to detect virus? Some Symptoms Program takes longer to load. The program size keeps changing. The drive light keeps flashing when you are not doing anything. User created files have strange names. The computer doesn't remember CMOS settings How to detect virus? Some Symptoms Program takes longer to load. The program size keeps changing. The drive light keeps flashing when you are not doing anything. User created files have strange names. The computer doesn't remember CMOS settings Antivirus technology

1.All activities on infected machine should be stopped and it should be detached from the network. 2.Recover from backup is the most secure and effective way to recover the system and files. 3.In some cases, you may recover the boot sector, partition table and even the BIOS data using the emergency recovery disk. 4.In case you do not have the latest backup of your files, you may try to remove the virus using anti-virus software. 1.All activities on infected machine should be stopped and it should be detached from the network. 2.Recover from backup is the most secure and effective way to recover the system and files. 3.In some cases, you may recover the boot sector, partition table and even the BIOS data using the emergency recovery disk. 4.In case you do not have the latest backup of your files, you may try to remove the virus using anti-virus software. How to clean virus?

The steps to reinstall the whole system – 1. Reboot the PC using a clean startup disk. 2. Type in MBR to rewrite the Master Boot Record. 3. Format DOS partitions. 4. Reinstall Windows XP or others and other applications. 5. Install Antivirus Software and apply the latest virus definition data. The steps to reinstall the whole system – 1. Reboot the PC using a clean startup disk. 2. Type in MBR to rewrite the Master Boot Record. 3. Format DOS partitions. 4. Reinstall Windows XP or others and other applications. 5. Install Antivirus Software and apply the latest virus definition data. How to clean virus?

Thank you