Information Technology
Synopsis
Virus-Antivirus
SUBMITED TOMrs. Prathiba SUBMITED BYLalit Kothari 17028 Soniya Yadav 17048
Date: Sign:
What is virus: A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes.Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems. Since 1987, when a virus infected ARPANET, a large network used by the Defense Department and many universities, many antivirus programs have become available. These programs periodically check your computer system for the best-known types of viruses. Some people distinguish between general viruses and worms. A worm is a special type of virus that can replicate itself and use memory, but cannot attach itself to other programs.
2
Types of Viruses: But what are the types of computer viruses and worms that you're computer can come into contact with? The list of viruses is quiet long and complex. So, we simplified the list by mentioning few broad categories of viruses that can put your computer and all your personal data on it, in danger. These computer viruses include: •
Boot Sector viruses: A boot sector virus infects diskettes and hard drives. All disks and hard drives contain smaller sections called sectors. The first sector is called the boot. The boot carries the Mater Boot Record (MBR). MBR functions to read and load the operating system. So, if a virus infects the boot or MBR of a disk, such as a floppy disk, your hard drive can become infected, if you re-boot your computer while the infected disk is in the drive. Once your hard drive is infected all diskettes that you use in your computer will be infected. Boot sector viruses often spread to other computers by the use of shared infected disks and pirated software applications.
•
Program viruses: A program virus becomes active when the program file (usually with extensions .BIN, .COM, .EXE, .OVL, .DRV) carrying the virus is opened. Once active, the virus will make copies of itself and will infect other programs on the computer.
3
•
Multipartite viruses: A multipartite virus is a hybrid of a Boot Sector and Program viruses. It infects program files and when the infected program is active it will affect the boot record. So the next time you start up your computer it'll infect your local drive and other programs on your computer.
•
Stealth viruses: A stealth virus can disguise itself by using certain tactics to prevent being detected by antivirus software. These tactics include altering its file size, concealing itself in memory, and so on. This type of virus is nothing new, in fact, the first computer virus, dubbed Brain, was a stealth virus.
•
Polymorphic viruses: A polymorphic virus acts like a chameleon, changing its virus signature (also known as binary pattern) every time it multiples and infects a new file. By changing binary patterns, a polymorphic virus becomes hard to detect by an antivirus program.
•
Macro Viruses: A macro virus is programmed as a macro embedded in a document. Many applications, such as Microsoft Word and Excel, support macro languages. Once a macro virus gets on to your computer, every document you produce will become infected.
4
Signs of a Computer Infection: Some signs that may indicate that your computer is infected include: • • • •
Your computer functions slower than normal Your computer responds slowly and freezes often Your computer restarts itself often You see uncommon error messages, distorted menus, and dialog boxes • You notice applications on your computer fail to work correctly • You fail to print correctly
5
What is anti-virus software? Anti-virus software is the countermeasure program used to "inoculate" computer viruses. Computer viruses are programs that mimic the attributes of their real-world counterparts. Computer viruses replicate, cause damage to an otherwise healthy system, and can spread from host to host. Like real-world viruses, a computer virus needs a host, a means of transportation. In the digital world this can be in e-mail, other programs, or media (cd/floppy/tape). There is one caveat however - computer viruses need to be activated. Much the same way that carcinogens in our bodies won’t give us cancer unless they are activated, computer viruses need to be activated as well, usually via a click or open command.
Most using Anti-Virus softwares• • • • • • • • • •
Norton Anti Virus McAfee Virus Scan AVG antivirus Trend Micro PC – Cillin Bit-Defender, Kaspersky Lab F-Secure Anti Virus 2006 Panda Titanium 2006 Norman ESET Nod32 etc
6
How does anti-virus software work? Anti-virus software works in two ways. The first and the staple of the industry is based on signature files. When a computer virus is reported, the virus is examined and a signature file is created for inoculating the virus. This inoculation is added to the anti-virus software database (.dat file) and is used when scanning computers to identify and destroy viruses. Unfortunately this is a reactive process so someone has to be the guinea pig and get infected. The other more progressive way of identifying viruses is called heuristics. This method will be the future of the industry and is basically the only hope we have in eliminating computer viruses. Heuristics monitor all activity on your computer and if a program is "acting" like a virus, then a red flag is raised and it is destroyed or contained and reported. The biggest hurdle for advancement in this area is the difficulty of determining what constitutes virus-like activity. For instance, replication is a common attribute of virus activity, but there can also be valid replication, like in program association. During program association, programs check to see whether or not they are the default. If they are not and you want them to be, then the program will change all of the files, which is akin to replication.
7
Why do I need anti-virus software? Computer viruses are the most common threat in the digital world right now. If you don't have anti-virus software, you will eventually get a virus and probably lose data that you have had on your computer for years. If you have anti-virus software, not only can you save your data, but you’ll save yourself the migraine you'll get when you discover the havoc wreaked upon your computer by a virus, which could be as bad as an infection in your boot record or BIOS, rendering your computer completely useless. Anti-virus software is worth every penny, giving you peace of mind and insurance against certain trouble.
What should I look for when purchasing antivirus software? There are many different vendors of Anti-Virus software, and you are probably wondering which one is the best. Whatever solution you choose for your computer, make sure of the following specifications:
The software can automatically update itself The vendor provides updated virus definitions regularly The software can integrate into your email program Virus scans can be scheduled to run automatically The software has a proven track record The vendor releases timely and accurate information about new viruses 8
9