Project Report
Total Page:16
File Type:pdf, Size:1020Kb
PROJECT REPORT:-
Topic: VIRUSES
Subject: Intro to Computing
Submitted to:
Ma’am Ayisha Qureshi
GROUP MEMBERS:-
ALI RAZA FA10-BBA-171 EHTASHAM ZAFAR SP11-BBA-025 SOHAIB AHMED SP11-BBA-061 FAHAD ABDUL AZIZ SP11-BBA-027 BILAL HASSAN SP11-BBA-019 Computer virus
A computer virus is a computer program that can copy itself[1] and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive.[2]
Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer.[3][4]
As stated above, the term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, even those that do not have the reproductive ability. Malware includes computer viruses, computer worms, Trojan horses, most rootkits, spyware, dishonest adware and other malicious and unwanted software, including true viruses. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves. Types Of Viruses
Not all computer viruses behave, replicate, or infect the same way. There are several different categories of viruses and malware. Below I list and discuss some of the most common types of computer viruses.
Trojan Horse: A trojan horse program has the appearance of having a useful and desired function. While it may advertise its activity after launching, this information is not apparent to the user beforehand. Secretly the program performs other, undesired functions. A Trojan Horse neither replicates nor copies itself, but causes damage or compromises the security of the computer. A Trojan Horse must be sent by someone or carried by another program and may arrive in the form of a joke program or software of some sort. The malicious functionality of a Trojan Horse may be anything undesirable for a computer user, including data destruction or compromising a system by providing a means for another computer to gain access, thus bypassing normal access controls.
Worms: A worm is a program that makes and facilitates the distribution of copies of itself; for example, from one disk drive to another, or by copying itself using email or another transport mechanism. The worm may do damage and compromise the security of the computer. It may arrive via exploitation of a system vulnerability or by clicking on an infected e-mail.
Bootsector Virus: A virus which attaches itself to the first part of the hard disk that is read by the computer upon bootup. These are normally spread by floppy disks.
Macro Virus: Macro viruses are viruses that use another application's macro programming language to distribute themselves. They infect documents such as MS Word or MS Excel and are typically spread to other similar documents.
Memory Resident Viruses: Memory Resident Viruses reside in a computers volitale memory (RAM). They are initiated from a virus which runs on the computer and they stay in memory after it's initiating program closes.
Rootkit Virus: A rootkit virus is an undetectable virus which attempts to allow someone to gain control of a computer system. The term rootkit comes from the linux administrator root user. These viruses are usually installed by trojans and are normally disguised as operating system files. Antivirus software
Antivirus or anti-virus software is used to prevent, detect, and remove malware, including but not limited to computer viruses, computer worm, trojan horses, spyware and adware. This page talks about the software used for the prevention and removal of such threats, rather than computer security implemented by software methods.
A variety of strategies are typically employed. Signature-based detection involves searching for known patterns of data within executable code. However, it is possible for a computer to be infected with new malware for which no signature is yet known. To counter such so-called zero-day threats, heuristics can be used. One type of heuristic approach, generic signatures, can identify new viruses or variants of existing viruses by looking for known malicious code, or slight variations of such code, in files. Some antivirus software can also predict what a file will do by running it in a sandbox and analyzing what it does to see if it performs any malicious actions.
No matter how useful antivirus software can be, it can sometimes have drawbacks. Antivirus software can impair a computer's performance. Inexperienced users may also have trouble understanding the prompts and decisions that antivirus software presents them with. An incorrect decision may lead to a security breach. If the antivirus software employs heuristic detection, success depends on achieving the right balance between false positives and false negatives. False positives can be as destructive as false negatives[citation needed]. Finally, antivirus software generally runs at the highly trusted kernel level of the operating system, creating a potential avenue of attack.[1]
Identification methods
There are several methods which antivirus software can use to identify malware.
Signature based detection is the most common method. To identify viruses and other malware, antivirus software compares the contents of a file to a dictionary of virus signatures. Because viruses can embed themselves in existing files, the entire file is searched, not just as a whole, but also in pieces.
Heuristic-based detection, like malicious activity detection, can be used to identify unknown viruses. File emulation is another heuristic approach. File emulation involves executing a program in a virtual environment and logging what actions the program performs. Depending on the actions logged, the antivirus software can determine if the program is malicious or not and then carry out the appropriate disinfection actions.
What harmful things could computer viruses do?
■ Slow down email. Viruses that spread by email, such as Sobig, can generate so much email traffic that servers slow down or crash. Even if this doesn't happen, companies may react to the risk by shutting down servers anyway.
■ Steal confidential data. The Bugbear-D worm records the user's keystrokes, including passwords, and gives the virus writer access to them.
■ Use your computer to attack websites.
MyDoom used infected computers to flood the SCO software company's website with data, making the site unusable (a denial of service attack).
■ Let other users hijack your computer. Some viruses place "backdoor Trojans" on the computer, allowing the virus writer to connect to your computer and use it for their own purposes. ■ Corrupt data . The Compatable virus makes changes to the data in Excel spreadsheets.
■ Delete data . The Sircam worm may attempt to delete or overwrite the hard disk on a certain day.
■ Disable hardware . CIH, also known as Chernobyl, attempts to overwrite the BIOS chip on April 26, making the computer unusable.
■ Play pranks . The Netsky-D worm made computers beep sporadically for several hours one morning.
■ Display messages. Cone-F displays a political message if the month is May.
■ Damage your credibility . If a virus forwards itself from your computer to your customers and business partners, they may refuse to do business with you, or demand compensation.
■ Cause you embarrassment . For example, PolyPost places your documents and your name on sexrelated newsgroups. What are the harmful effects of computer virus/others virus?
It can slow down your computer. It might corrupt your system files. It might make some programs faulty or corrupt. It might damage your boot sector creating problems when you boot into the windows. it might steal important information from your computer and send to some other person. It might change the power ratings of your computer and could blast the system. It might give you sleepless nights and nightmares if you are able to sleep. You might wake up in bad mood and that will affect your family and your society. Plus it undermines the faith of the people over the law and order situation.
HOW VIRUSES SPREAD?
There are many ways to spread viruses...
Computer viruses, or malicious sections of code intended to damage a computer system, spread in several ways. True viruses are self-replicating, meaning that there is a piece of code causing them to copy and distribute themselves.
By: Posing as something useful (known as a Trojan horse) ie a download, a gift from a friend, etc. Current scam is a 'gift card' or an 'ecard' email that tries to run a malicious script when opened. Because you gave the computer the command to open the file, the virus has an easy path in.
By: Emailing itself - will search for anything fitting an email address xyz.com and then send itself there.
By: Infecting a 'clean' file without the owner's knowledge - lots of viruses can be spread this way, by people downloading files from safe sources that have been hacked by people intent on spreading viruses. By: Using networks - if one computer on a Local Area network or wireless network is infected, this type of virus will infect every computer on that network if not blocked by a suitable firewall.
By: Using removable media - usually, disks, USB drives, external hard drives, floppies, CDs etc. are not checked by the virus scanner when they are inserted, so a virus hiding on one can get onto the computer unquestioned.
Most viruses are spread by 'freaks' or people who hack computers and write viruses because they are essentially twisted people who enjoy causing damage. Some are more targeted, ie stealing information or money, or destroying particular programs. All of them have the potential to do great damage, and there are more ways to spread them than mentioned above.