Professional Documents
Culture Documents
ON
COMPUTER
VIRUSPREPARED BY
SUSMITA HORROW
VIRUS =
VITAL
RESOURCES
UNDER
SIEZE
Viruses are………
They are executable computer programs,
intended to alter the behavior of the system
without the permission or knowledge of the
user.
Attach themselves to computer startup area
and an executable file.
When activated, may damage files, cause
erratic system behavior or display messages,
corrupt programs, delete or erase the disk.
STRUCTURE OF A BIOLOGICAL VIRUS
PROTEIN SHEATH
PROTECTS FROM
DEFENCE SYSTEM OF HOST
GENETIC
MATERIAL(DNA/RNA)
DETERMINES THE
BEHAVIOUR OF VIRUS
VIRAL CYCLE
INFECTED HOST
Genetic
material
PRODUCES
NEW VIRUS VIRUS
HOST
VIRUS
ANATOMY OF COMPUTER VIRUS
CONCEALER
PROTEIN SHEATH
PAY LOAD
DNA/RNA
REPLICTOR
VIRUS ANATOMY
Computer virus consists of codes, written in any programming
language. Various parts of program perform various tasks and
accordingly they are named.
REPLICATOR
Ensures the survival of the virus on a system.
Appends itself to legitimate programs
Each time the program is run the virus 'wakes
up' and starts to reproduce.
CONCEALER
Hides the virus so that the antivirus cannot catch
it. Techniques used: Polymorphism
PAYLOAD
Designed to alter system behavior.
Sources of infection
•A virus can be attached to any file that you copy to your
computer.
•If you download files from the Internet. It becomes active
when you execute the infected downloaded file.
•Copy programs or files from friends on floppy disks , pen
drives , CDs which are virus infected.
•Many viruses are spread through e-mail, messenger
messages, attachments, files. Today's viruses, like Klez, are
very dangerous because you do not even have to open an e-
mail attachment to release the virus. Just opening the e-mail
itself can release the dangerous bug.
•By using pirated soft wares.
What do viruses do?
INFECT.......................
Executable program files
word processing
spreadsheet
operating system programs
By causing change
length of executable (*.com/*.exe) files
file date/time in the Directory listing
In the file content
Master boot records
Disks used to transfer programs
Add-on Intrusive
Shell viruses viruses viruses
They append
their code
A shell virus to the host code, Intrusive viruses
forms and/or by relocating overwrite
a “shell” the host code some or all of the
around and inserting original host code
the original code. their own code with viral code.
to the beginning.
SHELL VIRUS
107 HOST
107
106 106
105 105
104 HOST VIRUS 104
103 103
102 102
101 101
100 100
TRANSIENT RESIDENT
( DIRECT VIRUSES) (INDIRECT VIRUSES)
MULTIPARTITE VIRUS
Both program and boot virus
BOOT SECTOR VIRUS
It is also called as bimodal virus. These viruses infect floppy
disk boot records or master boot records in hard disks.
Booting means restarting the computer. It is done by
BOOTSTRAP LOADER PROGRAM.
It loads BOOT SECTOR to memory. NORMAL INFECTED
EX: Form, Disk Killer, Michelangelo,
and Stone virus D.B.P
D.B.P VIRUS
BOOT BOOT
PARAMETER PARAMETER
D.B.P VIRUS
BOOT 150 BOOT
150
PARAMETER VIRUS 140 PARAMETER
BOOTING
DISK
DISK
100
100
BIOS BIOS
IVT IVT
Spreading of virus from one disk to another.
If we copy files from an infected disk to a clean disk…..
VIRUS
TRANSFERS
ROM BIOS ROM BIOS CONTROL
TO ROM
CALL TO CALL TO
VIRUS BIOS
ROUTINE
ROM BIOS ROM BIOS
SUBROUTINE ROUTINE
DOS INTERRUPT DOS
BY TSR
VIRUS
IVT IVT
MASTER BOOT
VIRUS
PROGRAM
DISK DISK
Working of Partition Table Virus
Bootstrap Loader Program loads infected boot sector
D.B.P VIRUS
BOOT 150 BOOT
150
PARAMETER VIRUS 140 PARAMETER
BOOTING
DISK
DISK
100
100
BIOS BIOS
IVT IVT
Spreading of virus from one disk to another.
If we copy files from an infected disk to a clean disk…..
VIRUS
TRANSFERS
ROM BIOS ROM BIOS CONTROL
TO ROM
CALL TO
VIRUS BIOS
ROUTINE
ROM BIOS CALL TO
SUBROUTINE ROM BIOS
DOS ROUTINE DOS
INTERRUPT
BY TSR
IVT IVT