Ravindra Virus1

S.V.Polytechnic Collage,Bho

Computer Science & Eng

Presentation on VIRUS

Guided by-Mr. Kamalesh Azad sir.

Submitted by -RAVINDRA KUMAR GAWHADE Branch– C.S.E. IInd sem., Ist year

VIRUS:A computer virus is a software program with the ability to reproduce or clone , itself , intended to damage your computer system without your knowledge or permission. A virus may attach itself to another program, or to the partition table or the boot track on your hard disk. When a certain event occurs, a date passes ,or a specific program executes , the virus is triggered into action. Not all viruses are harmful; some are just annoying.

Types of VIRUS: Boot sector virus  File Infector / Program virus  Multipartite virus  Polymorphic virus  Stealth virus  Macro virus

1. Boot sector viruses:These viruses reside in specific areas of the disk that are read and executed at boot time.They infeet floppy disk boot records or Master Boot Records (MBRs) in hard disk. They replace the boot record program (Which responsible for loading the operating system in memory) copying it else where on the disk or overwriting it. Boot viruses load into memory if the computer tries to read the disk while it is booting. Examples– Form, Disk killer , Michelangelo and store virus.

2.File Infector/Program viruses:These infect executable program files, such as those with extension like .BIN, .COM .EXE, .OVL, .DRV (driver) and .SYS (device drives). These program are loaded in memory during execution, taking the virus with them. The virus becomes active in memory, making copies of itself and infecting files on disk. Examples– Sunday, Cascade.

3. Multipartite viruses:A hybrid of boot and program viruses. They infect program files and when the infected program is executed , these viruses infect the boot record , When you boot the computer next time the virus from the boot record loads in memory and then starts infecting other program files on disk. Examples— Invader, Flip and Tequila.

4. Stealth viruses:These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading of the infected files size shown in directory listing. For instance , the Whale virus adds 9216 bytes to an infected file ; then the virus subtracts the same number of bytes (9216) from the size given in the directory. Examples– Frodo , Joshi ,Whale.

5. Polymorphic viruses:A virus that can encrypt its code in different ways so that it appears differently in each infection.These viruses are more difficult to detect. Examples— Involuntary, Stimulate, Cascade, Phoenix, Evil, Proud, Virus 101.

6. Macro viruses:A macro virus is a new type of computer virus that infects the macros within a document or template. When you open a word processing or spreadsheet document, the macro virus is activated and it infect the normal template (Normal .dot ) a general purpose file that stores default document formatting setting. Every document you open refers to the normal template, and hence gets infected with the macro virus. Since this virus attaches itself to documents, the infection can spread if such documents are opened on other computers. Examples—DMW, Nuclear, Word concept.

ANTIVIRUS DEFINITION OF ANTIVIRUS:Antivirus is a program or a set of program by which we can recover the lost data or destroy the virus programs.

NAME OF SOME ANTIVIRUSES Norton Antivirus  Mcafee Virus Scan  F-Secure Antivirus  Sophos Antivirus  Norman virus control  Esafe protect  Command Antivirus  PC-Cilline

Tips for safe computing:1. Write-protect your floppy disk when using them on other computer. 2. Remove floppy disk from drives while booting. 3. Use a good anti-virus program to scan floppy disks before copying files. 4. Install software only from original write protected disk with the publisher’s label. 5. Do not install pirated software, especially computer games. 6. Activate watch-guard programs(monitors) that look out for suspicious activity.

1. Scan the entire hard disk twice a month. 2. Change a setting in the BIOS that enables your PC to boot from the C-drive first. 9. Use the update service offered by soft-ware vendor and update the anti-virus software every month. 10. Prepare a rescue disk with critical system files.Preferable , it should be bootable. 11. Keep the original CD-ROM or diskettes containing the operating system handy. 12. Scan files downloaded from the Internet or those transferred through a network.

Virus Symptoms:1. Program take longer to load. Memory- intensive operations slow down. 2. Increased use of disk space and growth in file size- the virus attaches itself to many files. 3. A change in dates against the filenames in the directory.When the virus modifies a file the operating system changes the date stamp. 4. The floppy disk or hard disk is suddenly accessed without logical reason. 5. Abnormal write-protect errors. The virus trying to write to a protected disk.

1. Strange characters appear in the directory listing of filenames. The virus stores itself in the data area of a disk, disguising itself as a file. 3. Strange messages like “Your PC is stoned” (Stoned Virus) or “Wazzu” appear on the screen and in documents. 4. Strange graphic displays such as falling letters or a bouncing ball appear on screen (caused by DOS-based viruses). 5. Programs may hang the computer or not work at all. The virus corrupts the program code. 6. Junk characters overwrite text in document or data files.

Presented by— Ravindra Kumar Gawhade.