Scribd
Upload
31 views

How Computer Viruses Work

Computer viruses, worms, Trojan horses, and spyware can infect computers in various ways. Viruses piggyback on other programs to spread while worms exploit security vulnerabilities to copy themselves across networks. Early viruses infected boot sectors and programs on floppy disks but now mainly spread through email attachments. Spyware often installs through deceptive software bundles, drive-by downloads, or browser addons. Basic protections include antivirus software, avoiding untrusted programs/websites, and using pop-up blockers and firewalls.

Uploaded by

Nitin Mathur
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
31 views

How Computer Viruses Work

Computer viruses, worms, Trojan horses, and spyware can infect computers in various ways. Viruses piggyback on other programs to spread while worms exploit security vulnerabilities to copy themselves across networks. Early viruses infected boot sectors and programs on floppy disks but now mainly spread through email attachments. Spyware often installs through deceptive software bundles, drive-by downloads, or browser addons. Basic protections include antivirus software, avoiding untrusted programs/websites, and using pop-up blockers and firewalls.

Uploaded by

Nitin Mathur
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 16

How Computer Viruses Work

Types of Infections
• Viruses - A virus is a small piece of software that piggybacks on real programs. For
example, a virus might attach itself to a program such as a spreadsheet program. Each
time the spreadsheet program runs, the virus runs, too, and it has the chance to reproduce

(by attaching to other programs) or wreak havoc.


• E-mail viruses - An e-mail virus moves around in email msg, and usually
replicates itself by automatically mailing itself to dozens of people in the victim's
e-mail address book.
• Worms - A worm is a small piece of software that uses computer networks and
security holes to replicate itself. A copy of the worm scans the network for
another machine that has a specific security hole. It copies itself to the new
machine using the security hole, and then starts replicating from there, as well.
• Trojan horses - A Trojan horse is simply a computer program. The program
claims to do one thing (it may claim to be a game) but instead does damage
when you run it (it may erase your hard disk). Trojan horses have no way to
replicate automatically.
What is a virus?
• A computer virus passes from computer
to computer like a biological virus
passes from person to person.
• A computer virus must piggyback on
top of some other program or document
in order to get executed
History of a virus
• The first factor was the spread of the personal computer
• The second factor was the use of computer bulletin boards.
• Bulletin boards led to the precursor of the virus known as the
Trojan horse. A Trojan horse is a program that sounds really
cool when you read about it. So you download it. When you run
the program, however, it does something uncool like erasing
your disk.
• The third factor that led to the creation of viruses was the floppy
disk.
• Viruses took advantage of these three facts to create the first
self-replicating programs.
Origins
• A person has to write the code, test it to
make sure it spreads properly and then
release the virus. A person also designs
the virus's attack phase, whether it's a
silly message or destruction of a hard
disk
Executable Viruses
• Early viruses were pieces of code attached to
a common program like a popular game or a
popular word processor. A person might
download an infected game from a bulleting
board and run it.
• A virus like this is a small piece of code
embedded in a larger, legitimate program.
Any virus is designed to run first when the
legitimate program gets executed.
Executable Viruses
• Then the virus launches the "real program." The user really has
no way to know that the virus ever ran. Unfortunately, the virus
has now reproduced itself, so two programs are infected. The
next time either of those programs gets executed, they infect
other programs, and the cycle continues.
• Some sort of trigger will activate the attack phase, and the virus
will then "do something" -- anything from printing a silly
message on the screen to erasing all of your data. The trigger
might be a specific date, or the number of times the virus has
been replicated, or something similar.
Boot Sector Viruses
• One important trick was the ability to load viruses into memory
so they could keep running in the background as long as the
computer remained on. This gave viruses a much more effective
way to replicate themselves. Another trick was the ability to
infect the boot sector on floppy disks and hard disks.
• In general, both executable and boot sector viruses are not very
threatening any more. The first reason for the decline has been
the huge size of today's programs. Nearly every program you
buy today comes on a CD.
E-mail Viruses

• The latest thing in the world of computer


viruses is the e-mail virus
What is a worm?
• A worm is a computer program that has the
ability to copy itself from machine to machine.
• Worms normally move around and infect
other machines through computer networks.
• A worm usually exploits some sort of security
hole in a piece of software or the operating
system.
Protection
• If you are using an unsecured operating system, then
buying virus protection software is a nice
safeguard.
• If you simply avoid programs from unknown
sources
• You should make sure that Macro Virus Protection
is enabled in all Microsoft applications, and you
should NEVER run macros in a document unless you
know what they do.
• You should never double-click on an attachment
that contains an executable that arrives as an e-
mail attachment.
Spy ware
• Spyware, on the other hand, is generally not
designed to damage your computer. Spyware is
broadly defined as any program that gets into your
computer without permission and hides in the
background while it makes unwanted changes to your
user experience.
• most spyware targets only the Windows operating
system. Some of the more notorious spyware
companies include Gator, Bonzi Buddy, 180
Solutions, DirectRevenue, Cydoor, CoolWebSearch,
Xupiter, XXXDial and Euniverse.
How Did it Get on Your Computer?

• Spyware usually gets onto your


machine because of something you do,
like clicking a button on a pop-up
window, installing a software package
or agreeing to add functionality to your
Web browser
How Did it Get on Your Computer?
• Piggybacked software installation
• Drive-by download - This is when a Web site or pop-
up window automatically tries to download and install
spyware on your machine
• Browser add-ons - These are pieces of software that
add enhancements to your Web browser, like a
toolbar, animated pal or additional search box.
• browser hijackers -- these embed themselves
deeply in your machine and take quite a bit of work to
get rid of.
What Does it do ?
• It can generate endless pop-up ads
• make your Web browser so slow it becomes
unusable.
• can reset your browser's home page to
display an ad every time you open it
• Some spyware redirects your Web searches
• some spyware changes your firewall settings
Protection
• There are several applications you can turn to for trustworthy
spyware detection and removal, including Ad-ware,Spybot and
Microsoft Antispyware.
• Use a pop-up blocker.
• Disable Active-X.
• Be suspicious of installing new software.
• Stay away from the "No thanks" buttons if you can help it, and
instead close the window with the default "X" at the corner of the
toolbar. For an even more reliable option, use the keystroke
combination for "close window" built into your software. You can
look in your browser's "File" menu to find it.

You might also like