Similar presentations:
Computer viruses and antivirus
1.
Computer viruses and antivirus2.
What is Computer Virus? :What is Computer Virus?
Definition -- Virus: A selfreplicating piece of computer
code that can partially or fully
attach itself to files or
applications, and can cause
your computer to do
something you don't want it to
do .
3.
Types of Computer Virus• Boot Sector Virus - Michelangelo
Boot sector viruses infect the boot sectors on floppy disks and hard disks,
and can also infect the master boot record on a user's hard drive .
• File Infector Virus - CIH
Operate in memory and usually infect executable files.
• Multi-partite Virus
Multi-partite viruses have characteristics of both boot sector viruses and
file infector viruses .
• Macro Virus - Melissa Macro Virus
They infect macro utilities that accompany such applications as Microsoft
Word, Excel and outlook.
4.
Types of Computer Virus Continue Trojan / Trojan Horse –A Trojan or Trojan Horse is a program that appears legitimate,
but performs some malicious and illicit activity when it is run.
Worm – Red Code
A worm is a program that spreads over network. Unlike a virus,
worm does not attach itself to a host program. It uses up the
computer resources, modifies system settings and eventually
puts the system down.
Worms are very similar to viruses in that they are computer
programs that replicate themselves. The difference is that
unlike viruses, worm exist as a separate small piece of code.
They do not attach themselves to other files or programs
5.
Virus Characteristics :• Memory Resident:
Loads in memory where it can easily replicate itself into
programs of boot sectors. Most common.
• Non-Resident:
Does not stay in memory after the host program is
closed, thus can only infect while the program is open.
Not as common.
• Stealth:
The ability to hide from detection and repair in two
ways. - Virus redirects disk reads to avoid detection. Disk directory data is altered to hide the additional bytes
of the virus .
6.
How does computer virus work? :The Basic Rule:
A virus is inactive until the infected program is run or boot
record is read. As the virus is activated, it loads into the
computers memory where it can spread itself.
Boot Infectors:
If the boot code on the drive is infected, the virus will be
loaded into memory on every startup. From memory, the
boot virus can travel to every disk that is read and the
infection spreads.
Program Infectors:
When an infected application is run, the virus activates and is
loaded into memory. While the virus is in memory, any
program file subsequently run becomes infected
7.
Antivirus TechnologiesHow to detect virus?
How to clean virus?
Best Practices DIFFERENT TYPES OF ANTIVIRUS
8.
Antivirus technologyHow to detect virus?
Some Symptoms
Program takes longer to load.
The program size keeps changing.
The drive light keeps flashing when you
are not doing anything.
User created files have strange names.
The computer doesn't remember CMOS
settings
9.
How to clean virus?1.All activities on infected machine should be stopped and it
should be detached from the network.
2.Recover from backup is the most secure and effective way to
recover the system and files.
3.In some cases, you may recover the boot sector, partition
table and even the BIOS data using the emergency recovery
disk.
4.In case you do not have the latest backup of your files, you
may try to remove the virus using anti-virus software .
10.
How to clean virus?The steps to reinstall the whole system –
1. Reboot the PC using a clean startup disk.
2. Type in MBR to rewrite the Master Boot Record.
3. Format DOS partitions.
4. Reinstall Windows XP or others and other
applications.
5. Install Antivirus Software and apply the latest virus
definition data.