Scribd
Upload
23 views

9.VIRUSES AND OTHER DESTRUCTIVE PROGRAMS

The document discusses various types of computer viruses and destructive programs, including worms, Trojan horses, logic bombs, and different virus types such as boot sector, file infecting, polymorphic, stealth, multi-partite, and macro viruses. It explains how these viruses operate, spread, and the potential damage they can cause to computer systems. Additionally, it highlights the importance of antivirus software in detecting and cleaning infected files while providing ongoing protection.

Uploaded by

snhs.88
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
23 views

9.VIRUSES AND OTHER DESTRUCTIVE PROGRAMS

The document discusses various types of computer viruses and destructive programs, including worms, Trojan horses, logic bombs, and different virus types such as boot sector, file infecting, polymorphic, stealth, multi-partite, and macro viruses. It explains how these viruses operate, spread, and the potential damage they can cause to computer systems. Additionally, it highlights the importance of antivirus software in detecting and cleaning infected files while providing ongoing protection.

Uploaded by

snhs.88
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

VIRUSES AND OTHER DESTRUCTIVE PROGRAMS

A virus is a computer program that executes when an infected program is executed. Therefore,
only executed files can be infected.

- By Definition, A Virus Infects Other Programs With Copies Of Itself


 may simply clone itself
 may damage other programs and data
 some self-destruct when done
- Virus programs are often quite small, only a few lines of code
- can be hidden in healthy software and quite hard to find
- Can infect any computer, can be transmitted over any lines. Reproduce rapidly, making it
difficult to trace back to source

OTHER DESTRUCTIVE PROGRAMS

WORMS:

- Worms are constructed to infiltrate (penetrate) legitimate(legal) data processing programs


and alter or destroy data (e.g., illicit(not permissible) bank funds transfer)
- Worms do not replicate themselves (worms are like a benign (gentle) tumor (a swelling),
viruses like malignant (infectious) ones)
- Worm's changes may continue in effect after worm is destroyed unless corrected.

TROJAN HORSES:

- Trojan Horses are destructive programs that have been disguised, or concealed
(மறைத்து) in, an innocuous (harmless) piece of software (virus or worm may be within
trojan horse) can be in games, graphics)
- Trojan horses do not reproduce themselves and spread

LOGIC BOMBS:

- Logic bombs are similar to a trojan horse, but are set to go off at a particular date and
time (can be delayed a long time)
- Logic bombs do not reproduce
- Often designed to do maximum damage
- Often used by disgruntled(dissatisfaction) employees, e.g., when their name is removed
from payroll records
- Can be used to hold software "hostage" until a money demanded is paid. Also
"insurance" for payment to computer system suppliers or consultants

TYPES OF VIRUSES

A virus may attach itself to other programs and hide in them. Or it may enter gradually into the
computer's operating system

Usually contracted from external software source virus host programs made deliberately
(intentional) attractive to victims (e.g., e-mail message, game)

Can act immediately or lie dormant (sleeping) for a period of time (e.g., michelango virus, on
michelango's birthday) or until some event (1-2-3 virus when 1.2.3 typed)

BOOT SECTOR VIRUSES ("boot sector" is the first thing loaded when a computer
starts):

- infect the "boot sector" on a computer system, overwriting it with infected code
- they then move the original boot sector information to another sector on the disk,
marking that sector as a bad spot on the disk so it will not be used in the future
- takes full command of the infected computer
- the only way a system can become infected with a boot sector virus is to boot using an
infected floppy disk

FILE INFECTING VIRUSES:

- Viruses that (surprise!) Infect files


- mostly infect executable files (e.g.. .com, .exe, .ovl)
- some act like boot sector infectors and replace the "program load" instruction in an
executable file with their own instructions
- Others use "companion" files. e.g., rename all .com files with .exe, then write a new file
with a .com extension. This new file will have the virus instructions, and will execute

POLYMORPHIC VIRUSES

- polymorphic viruses change their appearance with each infection


- They are encrypted, and alter the encryption algorithm with each new infection (some
with over 2 billion different forms). Anti-virus software must scan for algorithms as well
as strings

STEALTH (secret) VIRUSES

- attempt to hide both from operating system and anti-virus software


stop
- must stay in memory to intercept all attempts to use the operating system
- can hide changes it makes to file sizes, directory structures and/or other operating system
aspects
- must be detected while in memory and disabled before disk-based components can be
corrected

MULTI-PARTITE VIRUSES

- infect both boot sectors and executable files


- combine some or all of the stealth(Secret) techniques, along with polymorphism

MACRO VIRUSES

- Currently account for about 80 percent of all viruses. Fastest growing viruses in computer
history
- unlike other virus types, macro viruses aren't specific to an operating system and spread
via email attachments, floppy disks, web downloads, file transfers and cooperative
applications
- Macro viruses are, however, application specific. They infect macro utilities that
accompany such applications as Microsoft word and excel, which means a word macro
virus cannot infect excel document or vice versa
- Instead, macro viruses travel between data files in the application and can eventually
infect hundreds of files in no time.
- macro viruses are written in visual basic and are relatively easy to create
- they can infect at different points during a file's use, for example, when it is opened,
saved closed or deleted

HOW VIRUSES SPREAD

 FLOPPY DISKS
 MODEMS
 NETWORKS
 TECHNICIANS AND THIRD PARTIES
 TRAPDOORS
- avoid passwords and security procedures
- usually built in by programmers for easy access
- can be created by hackers a second entrance in case kicked off the system

ANTIVIRUS SOFTWARE

- test files and directories for the presence of viruses


- clean infected files
- provide ongoing real-time protection against memory resident viruses

You might also like