SummarySlideshow Chapter3

Computer Viruses
What Does a Computer

Virus Do?
Types of Computer
Viruses
Malware
Preventing Virus Infection
Antivirus Software
Computer Viruses
• Computer virus is a software program that has the
ability.
– to make copies of itself.
– And to attach itself to other programs or files.
• A virus may or may not be destructive.
• In some cases, viruses can erase data or corrupt

programs on the computer.
©Oxford University Press Computer Viruses 2

• Viruses are written by programmers and are intended to
run on computer systems without the user’s knowledge.
• Biological viruses enter our body and attack certain cells.
• Similarly, computer viruses enter the computer system

and attach themselves to an item like.
– the startup area (boot record) or an executable file (a file
with a .exe extension).

• Most viruses stay active in the memory until you turn off
the computer.
– When you do so, the virus is removed from the computer’s

memory, but not from the file(s) or the disk it has infected.
• So, the next time you use your computer the virus
program is activated again.
– It may then attach itself to more programs and/or files.

What Does a Computer Virus Do?
• A virus tries to take control of the computer system it has
infected.
• It makes copies of itself and tries to carry out the harmful

tasks that it is programmed to do.
• This process can happen so quickly that the user is not

even aware that a virus is present in the computer.

• Some viruses are programmed to activate themselves at a
certain date/time.
• Such viruses check the system clock continuously, and

create havoc when the set time or date arrives.
• Viruses can also infect new files created on the infected

computer or the contents of USB(or any removable
storage media) that are inserted into such a computer.
• They attach copies of themselves to these new files

and/or files on the storage media.

What Virus Can Do?
Different viruses do different things

A computer virus could be capable of any of the following:
• Infect disks by
• Infect files that
attaching itself to
• Infect executable are attached to
special programs
program files such email messages or
on the hard disk,
as word copied to disks and
called boot
processors, USB.
records.
spreadsheets, and • In this manner, it
• These are the
operating systems. can spread from
programs that the one computer to
computer uses to another.
start itself up.

What Virus Cannot Do?
There are certain things no program can do
A computer virus is a program;
hence, it cannot do the following:
• Infect computer
• Infect files on hardware such as
write-protected monitors and
discs, such as CD- keyboards.
ROMs. • It infects only
software.

Warning Signals
• When you experience strange behaviour.
– such as screen distortion, or characters not appearing on
the screen when typed,
– then it is possible that a virus has affected the programs
that control the display or the keyboard.
• The computer’s hard disk is not physically damaged, but

the data and programs stored on it may be corrupted or
damaged.

• The computer runs slower than normal.
• Applications take longer to load or do not work properly.
• Unusual error messages appear on the screen.
Common • You notice changes in file size.

signs of a
virus attack
• You notice that the hard disk has more files than it had earlier.
• The computer often freezes or stops responding.
• The computer restarts on its own.
• You see distorted menus and dialog boxes.

How Does a Computer Virus
Spread?
• Computer viruses spread from one computer to another.
– by the transfer of infected data through emails, USB, or
other sources.
Viruses become active Once the virus is in the

when you start an infected computer’s memory, it
application or start your usually infects any
computer from a disk that application you run.
has infected system files.

• Different viruses behave in different ways.
– Some stay active in the memory until the computer is shut

down.
– Others stay active only as long as the infected application is
running.

Types of Computer Viruses
• Computer viruses can be categorized in different ways.
– If we group viruses by their target, we can divide viruses

into the following categories:
Macro Program
Viruses Viruses
Types of
computer
viruses
Boot Viruses

Program Viruses
• Program viruses infect program files, which have
extensions like .COM, .EXE, .SYS, .DLL, .OVL, and .SCR.
• Program files are attractive targets for computer viruses

because:
– they are widely used.
– have relatively simple formats to which viruses can attach
themselves.
• The virus becomes active when the infected file is

executed.

• Examples of program viruses are:
Acid Rain Alien.298 Amoeba.A Crazy.A
Umbrella.
Sunday Cascade
3173

Boot Viruses
• Boot viruses infect the boot records of hard disks and
floppy disks.
– Generally, boot viruses are considered more dangerous

than program viruses.

Stoned Danish
virus Boot
Examples
Michelangelo of Boot Devil.941
Viruses
Disk
Killer Eek (b)

Macro Viruses
• A macro is a set of commands written by the user to be
executed later.
– For example, if you execute a set of commands often in MS
Excel or MS Word, you can save that set of commands as a
macro.
• A macro virus uses the macro language for its program

– These viruses infect data files.

• For example, MS Word and MS Excel files are
susceptible to macro virus attacks.
– as these programs allow the use of macros.
• Macro viruses spread rapidly, as users share infected

documents.
• Examples of such viruses are:
Melissa Concept Nuclear

Malware
• Malware is short for malicious software.
• The word refers to any program that infiltrates and

harms a computer without the user’s consent.
• Malware is a general term that includes:
Computer Trojan
Worms
Viruses horses
Spyware Spam

• Can slow down computers and networks.
Malware • It can be annoying.
• It can be actively destructive.

Worms
• Computer worm is a program capable of reproducing
and spreading itself to another computer system.
– usually by means of a computer network.
• Worms spread without any human action, and thus

differ from viruses.
• Viruses spread only when the user does something.

– like running an infected program or attaching an infected
file.

• A worm emails • Uses the address
copies of itself to • Infects them. book of the
other computers. infected computer
to spread further.
• Computer worms usually do not cause direct damage to

programs and files.
• However, they consume large amounts of memory

and/or network bandwidth.
– Thus, slowing down the computer and making it almost
impossible for the user to work.
Examples of computer worms are:
CodeRed Sircam ILOVEYOU

Trojan Horses
• Trojan horse is a program that appears useful, but is
actually programmed to pass the user’s data to someone
else.
– Trojan horses attempt to steal and pass on confidential

information such as passwords and credit card numbers.
– They do not reproduce by infecting other files or by self-

replicating like viruses and worms.

• When a Trojan horse is
activated, it typically
• A Trojan horse enters a changes existing desktop
computer system because a icons or creates new ones.
user installs it, under the • It may also delete important
wrong impression that it is
system files.
a useful and harmless
program. • Its main aim is to steal
sensitive information stored
on the infected computer.
Some well-known Trojan horses are:
Netbus SubSeven Beast Zeus

Spyware
• Spyware refers to computer programs that secretly
gather information about the user and relay it to
advertisers or other interested parties.
• They are also called spybots or tracking software.
• Spyware is often installed without the user’s consent

when:
– The user downloads something from the Internet.
– The user clicks on something in a popup window that
appears while browsing.

• Spyware can consume a lot of memory, making the
computer very slow and difficult to work with.
• The biggest problem with spyware is that it can steal

your information and misuse your computer.

Spam
• Spam refers to unsolicited, unwanted email.
• It may carry advertisements or serve as a means of

spreading malware like viruses and worms.
• Do not give your email address to unknown people.

Some
ways of
• Use the spam filter of your email program to block
avoiding
unwanted emails.
spam are:
• Delete spam mails without reading them.

Preventing Virus Infection
• Some basic rules to avoid virus infections are:
• Restrict access to your system, both offline and online.
• Allow only trustworthy users to use the system.
• Never use an unknown disk in your system unless it comes from a

trustworthy source and you are sure that it is virus-free.
• Install and use antivirus software and keep it updated.

• Keep programs and data on separate disks, if possible.
• Scan the files that you download from the Internet.
• Never click on a link or attachment in an email, unless the email is

from a trusted source.
• Install an anti-spyware program that operates against malware

and spyware and keep it updated.
• Examples of such programs are:
 Ad Aware SE.
 Windows Defender.

• Install a free firewall program to help block unwanted
Internet traffic that can cause problems.
• Make sure that the firewall is always on.
• If you get a malicious script from a Web page and you do

not know what to do or if a window appears asking if you
want to allow an automatic install.
Click NO.

Antivirus Software
• Antivirus software refers to applications designed to
detect and remove viruses from computer systems.
• However, certain types of viruses are difficult to remove

– And the files damaged by them may be lost forever.
• Whenever the
computer system • It keeps a check on
every file that is • If it detects a
starts up, the
opened or run and virus, then the
Antivirus
on all Internet software tries to
software starts
traffic. remove the virus.
automatically.

• It should run in the background at all times.
• It should be kept updated so it recognizes new versions

of malicious programs.
Necessary for
an antivirus • It should have the capability to scan email attachments
program to and files as they are downloaded from the Internet.
be effective:
• The user should run full disk scans periodically. This

checks all the files on a computer system.

• Some popular antivirus programs are:
McAfee Kaspersky
Norton AntiVirus
VirusScan AntiVirus
Quick Heal Total Microsoft Security

Security Essentials
QuickHeal AntiVirus
• Let us study the Quick Heal Total Security system in
more detail to understand how an antivirus program
helps to secure your system.
• To start Quick Heal Total Security:
1 Click Start ► All
Programs ► Quick Heal
Total Security ► Quick
Heal Total Security.
Or
2
Double-click the Quick
Heal Antivirus icon in the
Windows system tray.
Or
3 Right-click Quick Heal
Antivirus icon in the
Windows system tray and
select Open Quick Heal
The Quick Heal Total Security
Total Security.
main window appears.

Quick Heal Main Window
• The main window
has three sections:
Top section
Middle section
Bottom section

The top section has the following menu options:
• Allows you to customize and configure settings
Settings • You can decide settings for automatic update, full system
scan, etc.
• Provides various tools, including clean-up and restore tools
and track cleaner
Tools
• These tools prevent virus infection and help to diagnose
problems.
• Allows you to view the activity reports of the Scanner, Virus
Reports
Protection, etc.
• Provides information on how to use Quick Heal Antivirus
Help
• Also provides details about the version, virus database, etc.

The middle section deals with protection options:
Files and • Helps you to configure settings that protect files and
Folders folders against threats.
• Allows you to configure settings related to threats that
Emails arrive by email, trusted email clients, and protection from
spam.
Internet & • Allows you to configure settings for protecting the system
Network when you are online.
External • Allows you to configure settings related to threats from
Drives & CDs, USB, external disks, etc.
Devices

The bottom section has the following options:
News • Provides you with the latest news from Quick Heal.
• Provides various scanning options, like:
 Full System Scan.
Scan  Custom Scan.
 Memory Scan.
 Boot Time Scan.

System Scanning
• To perform a full
system scan:
1
Click Scan ► Full System
Scan.
2
Review the scan report and
click Close. 1
2
The scan statistics and reports

The scan process will begin
are provided upon completion
of the scan.

Updating Virus Definitions
• Virus definitions refers to the database of viruses that
antivirus software scans for.
• This database needs to be updated regularly, because

new viruses are being developed and released all the
time.
• If the virus definition file is not updated:

– Antivirus software will not know about new viruses.
– and will not be able to catch them.

• Updates for Quick Heal Total Security are posted
regularly on its Website.
• These updates contain information for the detection and

removal of newly discovered viruses.
• By default, Quick Heal Total Security is set to update

itself automatically from the Internet without the user’s
intervention.
• The only requirement is that the computer should be

connected to the Internet.

Free Antivirus Software
• Some popular free antivirus programs are:
– AVG.
– Avast.
– Microsoft Security Essentials.
• Microsoft Security Essentials comes free with

genuine Windows operating system.
• You can use Microsoft Security Essentials to protect

your computer against viruses, spyware, and other
malicious programs.

• It is easy to install and use, and it runs efficiently in the
background.
• Updates happen automatically.

Fill in the blanks
1. off
Most viruses stay active until you turn __________ the computer.
2. write-protected
A computer virus cannot infect files on ________________ discs.
3. Program
______________ viruses infect files that have extensions like .com, .exe,
etc.
4. macro
A _________ is a set of commands written by the user to be executed
later.
5. A ______________
Trojan horse is a program that appears useful, but is actually
programmed to pass the user’s data to someone else.

True or False?
1. An antivirus program should run in the background at all times:
True
________
2. True
You should delete spam mails without reading them: ________
3. You should restrict access to your system both offline and online:
True
________
4. Generally, boot viruses are considered more dangerous than program

viruses: ________
True
False
5. Computer viruses can infect a computer keyboard: ________

SummarySlideshow Chapter3

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SummarySlideshow Chapter3

Uploaded by

Copyright:

Available Formats

Computer Viruses

What Does a Computer

Preventing Virus Infection

• A virus may or may not be destructive.

• In some cases, viruses can erase data or corrupt

©Oxford University Press Computer Viruses 2

• Biological viruses enter our body and attack certain cells.

• Similarly, computer viruses enter the computer system

©Oxford University Press Computer Viruses 3

– When you do so, the virus is removed from the computer’s

– It may then attach itself to more programs and/or files.

©Oxford University Press Computer Viruses 4

• It makes copies of itself and tries to carry out the harmful

• This process can happen so quickly that the user is not

©Oxford University Press Computer Viruses 5

• Such viruses check the system clock continuously, and

• Viruses can also infect new files created on the infected

• They attach copies of themselves to these new files

©Oxford University Press Computer Viruses 6

Different viruses do different things

©Oxford University Press Computer Viruses 7

©Oxford University Press Computer Viruses 8

• The computer’s hard disk is not physically damaged, but

©Oxford University Press Computer Viruses 9

• Applications take longer to load or do not work properly.

• Unusual error messages appear on the screen.

Common • You notice changes in file size.

• The computer often freezes or stops responding.

• The computer restarts on its own.

• You see distorted menus and dialog boxes.

©Oxford University Press Computer Viruses 10

Viruses become active Once the virus is in the

©Oxford University Press Computer Viruses 11

– Some stay active in the memory until the computer is shut

©Oxford University Press Computer Viruses 12

– If we group viruses by their target, we can divide viruses

©Oxford University Press Computer Viruses 13

• Program files are attractive targets for computer viruses

• The virus becomes active when the infected file is

©Oxford University Press Computer Viruses 14

Acid Rain Alien.298 Amoeba.A Crazy.A

©Oxford University Press Computer Viruses 15

– Generally, boot viruses are considered more dangerous

©Oxford University Press Computer Viruses 16

©Oxford University Press Computer Viruses 17

• A macro virus uses the macro language for its program

©Oxford University Press Computer Viruses 18

• Macro viruses spread rapidly, as users share infected

• Examples of such viruses are:

Melissa Concept Nuclear

©Oxford University Press Computer Viruses 19

• The word refers to any program that infiltrates and

• Malware is a general term that includes:

©Oxford University Press Computer Viruses 20

Malware • It can be annoying.

• It can be actively destructive.

©Oxford University Press Computer Viruses 21

• Worms spread without any human action, and thus

• Viruses spread only when the user does something.

©Oxford University Press Computer Viruses 22

• Computer worms usually do not cause direct damage to

• However, they consume large amounts of memory