PRESENTATION ON

COMPUTER VIRUSES
BY AREEBA A. BHUTTO

OUTLINE:
INTRODUCTION.
HISTORY .
CATEGORIES OF COMPUTER DISRUPT
SOFTWARES.
TYPES & EXAMPLES.
VIRAL LANGUAGE.
PREVENTION FROM VIRUS ATTACKS.
ANTI-VIRUS.
CONCLUSION.

PHISHING:

Phishing is the act of attempting to acquire

information such as usernames, passwords, and
credit card details (and sometimes, indirectly,
money) by masquerading as a trustworthy entity
in an electronic communication.
Phishing emails may contain links to websites
that are infected with malware.

VIRUS HISTORY:

Traditional computer viruses were first widely seen in the

late 1980s, and came about because of several factors. The
first factor was the spread of personal computers (PCs).
The second factor was the use of computer bulletin boards.
People could dial up a bulletin board with a modem and
download programs of all types.
The third factor that led to the creation of viruses was the
floppy disk. In the 1980s, programs were small, and you
could fit the entire operating system, a few programs and
some documents onto a floppy disk or two. Many computers
did not have hard disks, so when you turned on your
machine it would load the operating system and everything
else from the floppy disk. Virus authors took advantage of
this to create the first self-replicating programs.

COMPUTER VIRUSES:

A computer virus is a type of malware that,

when executed, replicates by inserting copies of
itself into other computer programs, data files, or
the boot sector of the hard drive. When this
replication succeeds, the affected areas are then
said to be "infected.
Defining characteristic of viruses is that they are
self-replicating computer programs which install
themselves without the user's consent.

INTRODUCTION

MALWARE:
Malware, short for malicious software, is
software used to disrupt computer operation,
gather sensitive information, or gain access to
private computer systems.

'Malware' is a general term used to refer to a

variety of forms of hostile or intrusive software. It
can appear in the form of code, scripts, active
content, and other software.

BOOT SECTOR VIRUS:

The term boot sector is a generic name that

seems to originally come from MS-DOS but is now
applied generally to the boot information used by
any operating system. In modern computers this
is usually called the master boot record, and it is
the first sector on a partitioned storage device.
Boot sector viruses became popular because of the
use of floppy disks to boot a computer. The
widespread usage of the Internet and the death of
the floppy has made other means of virus
transmission more effective.

THE FILE INFECTOR VIRUS:

The most common type of virus, the file infector

takes root in a host file and then begins its
operation when the file is executed. The virus
may completely overwrite the file that it infects,
or may only replace parts of the file, or may not
replace anything but instead re-write the file so
that the virus is executed rather than the
program the user intended.
The definition is usually meant to refer only to
viruses which use an executable file format, such
as .exe, as their host.

MACRO VIRUS:

A wide variety of programs, including

productivity applications like Microsoft Excel,
provide support for Macros special actions
programmed into the document using a specific
macro programming language. Unfortunately,
this makes it possible for a virus to be hidden
inside a seemingly benign document.
Macro viruses very widely in terms of payload.
The most well known macro virus is probably
Melissa.

MELISSA VIRUS
The Melissa virus, written by David L
Smith in homage to a Florida stripper,
was the first successful email-aware virus
and inserted a quote from The Simpsons
in to Word documents. Smith was later
sentenced to jail for causing over $80
million worth of damage.

TROJAN HORSES:

In computers, a Trojan horse is a program in

which malicious or harmful code is contained
inside apparently harmless programming or data
in such a way that it can get control and do its
chosen form of damage, such as ruining the file
allocation table on your hard disk.
The term comes from Greek mythology about the
Trojan War

OSX/RSPLUG TROJAN

In November 2007, the first example of

financially-motivated malware for Apple Macs
was discovered in the wild. The launch of the
OSX/RSPlug Trojan increased fears that
Apple's platform may be targeted more by
hackers in the future.

COMPUTER WORMS:

A computer worm is a standalone malware

computer program that replicates itself in order
to spread to other computers. Often, it uses a
computer network to spread itself, relying on
security failures on the target computer to access
it.
Worms almost always cause at least some harm
to the network. Spammers are thought to be a
source of funding for the creation of such worms.

STORM WORM

The Storm worm, originally posing as breaking

news of bad weather hitting Europe, infected
computers around the world in 2007. Millions of
infected PCs were taken over by hackers and
used to spread spam and steal identities.

D
I
F
F
E
R
E
N
C
E

Trojan Horses
are sneaky:
while they
appear
harmless, they
really are
programs that
hide all sorts of
malicious
goodies. Trojan
Horses do not
replicate
themselves the
way viruses and
worms do.

Computer
viruses attach
themselves to
files or
programs,
often through
email
attachments
which means a
person has to
actually run
the program
for the virus to
become active
and spread.

Worms are similar

to viruses because
they self-replicate
but unlike viruses,
they dont have to
attach themselves
to a program.
Instead they use
computer networks
to send malicious
software to other
computers,
spreading from
computer to
computer.

ROOTKITS:

A Rootkit is a stealthy type of software, typically

malicious, designed to hide the existence of certain
processes or programs from normal methods of detection
and enable continued privileged access to a computer.
Rootkit installation can be automated, or an attacker
can install it once they've obtained root or Administrator
access. Obtaining this access is a result of direct attack
on a system (i.e. exploiting a known vulnerability,
password (either by cracking, privilege escalation, or
social engineering). Once installed, it becomes possible
to hide the intrusion as well as to maintain privileged
access. The key is the root/Administrator access i.e. full
control over a system.

SPYWARE:
Spyware is software that aids in gathering
information about a person or organization
without their knowledge and that may send such
information to another entity without the
consumer's consent.
Spyware can collect almost any type of data,
including personal information like Internet
surfing habits, user logins, and bank or credit
account information.

CRIMEWARE:

Crimeware is any computer program or set of

programs designed expressly to facilitate illegal
activity online. It is a class of malware designed
specifically to automate cybercrime.
Crimeware is designed to perpetrate identity
theft in order to access a computer user's online
accounts at financial services companies.
Crimeware also often has the intent to export
confidential or sensitive information from a
network for financial exploitation.

ADWARE:

Adware, or advertising-supported software, is

any software package which automatically
renders advertisements in order to generate
revenue for its author. The advertisements may
be in the user interface of the software or on a
screen presented to the user during the
installation process.
The term is sometimes used to refer to software
that displays unwanted advertisements.

E-MAIL VIRUSES:

An e-mail virus is computer code sent to you as

an e-mail note attachment which, if activated,
will cause some unexpected and usually harmful
effect, such as destroying certain files on your
hard disk and causing the attachment to be remailed to everyone in your address book.
Although not the only kind of computer virus, email viruses are the best known and undoubtedly
cause the greatest loss of time and money overall.

SPAMMING:

Electronic spamming is the use of electronic messaging

systems to send unsolicited bulk messages (spam),
especially advertising, indiscriminately. While the most
widely recognized form of spam is e-mail spam.
Spamming remains economically viable because
advertisers have no operating costs beyond the
management of their mailing lists, and it is difficult to
hold senders accountable for their mass mailings. Because
the barrier to entry is so low, spammers are numerous,
and the volume of unsolicited mail has become very high.
A person who creates electronic spam is called a spammer.

I LOVE YOU VIRUS

I LOVE YOU virus, which appeared on May 4,

2000, was even simpler. It contained a piece of
code as an attachment. People who double-clicked
on the attachment launched the code. It then
sent copies of itself to everyone in the victim's
address book and started corrupting files on the
victim's machine.

IN WHICH PROGRAMMING
LANGUAGES A VIRUS CAN BE
CREATED?

There are viruses in almost every programming

language, but most are probably written in C and
C++ as these two languages have a lot more
control over your application compared to most
others, so you can be very specific about what you
want them to do. Smaller, less powerful
languages such as Visual Basic, .NET, Python or
Java will also suffice in creating viruses.

ANTI-VIRUS TIPS
Do not open any files attached to an email from an unknown,
suspicious or untrustworthy source.
Do not open any files attached to an email unless you know what it
is.
Do not open any files attached to an email if the subject line is
questionable or unexpected.
Delete chain emails and junk email. Do not forward or reply to
any to them. These types of email are considered spam - unsolicited,
intrusive messages that clog up the inboxes and networks.
Do not download any files from strangers.
Exercise caution when downloading files from the Internet.
Ensure that the source is a legitimate and reputable one. Verify
that an anti-virus program checks the files on the download site.
Update your anti-virus software regularly.
Back up your files on a regular basis. If a virus destroys your
files, at least you can replace them with your back-up copy. You
should store your backup copy in a separate location from your work
files, one that is preferably not on your computer.

HOW TO PREVENT FROM VIRUS

ATTACKS?

Anti-virus software is crucial to preventing virus

attacks, but this strategy only works if users
update their software.
Always use an anti-virus software program, one
with both an on-demand and an on-access
scanner. You'll want to look for one that has a
fairly complete database of viruses and that is
updateable. New viruses are produced daily, so
it's important to have software that can detect
the latest threat.

CONCLUSION:

"Better Safe Than Sorry".

BETTER SAFE THAN SORRY!