Instructor: Ms. Nandita. G Contain - Introduction ……………………….…………………….. peg 3 History of Virus …………………………..…………….. peg 4 - 5 Type of Virus ………………………………….………… peg 6 - 7 What can Virus do ? ……………………..….………….. peg 8 - 9 - Where are the virus risking ? …………………………... peg 10 Which files can viruses infect ? ………..……………….. peg 10 Questionnaire …………………………………..…….…. Peg 11 Conclusion . ………………………………………….…. Peg 12 - Index …………………………………………….………. Peg 13 - 18 - Bibliography ……………………………………………. Peg 19 Instructor: Ms. Nandita. G Introduction We are use a computer every day and often the virus attic our computer . A computer virus become series problem for people. so we are going to write research about these problem . First what is a computer virus ? Computer virus is a software program attack a computer and networks by making copies of itself consist of stealing data or giving other users control over your computer. It run automatically open certain types of files or it may be when opening an attachment in e-mail download programs from the internet . The dangers of this virus that it can attach themselves to your computer : software, documents, or files that start operating system . In these search we will write about a history of virus to know how the virus start and why ? then we will write about types of virus and how it work ? Also we will make an interview to know about the virus and make a questionnaire about the computer virus to know what dose people knew about the virus . Finally we will write how people can save the computer from the virus . Instructor: Ms. Nandita. G Chapter One : History of Computer Viruses The history of viruses is very interesting because it started as a game in 1950s when Bell labs develop an experimental game when the players attack each other imagines a computer "worm" that spread across networks. However, the viruses and creation then develop through years to become one of the issues all over the world . The first computer virus called Brain which created by two brothers who were running a computer store in Pakistan in 1986. They weaned a program that could spread form PC to another. Brain was harm less because it doesn't delete the files in the computer and move on . In addition it is too easy to be discovered by the infected users by noticing the changed volume label . After Brain, there were many other viruses developed such as Cascade, Alameda , Jerusalem and Lehigh . These viruses were more dangerous than Brain because they were able to infect .COM and .EXE files while Brain can infect the boot sector . After Brain the programmers were trying to hide their work by programming encrypted viruses that can't be detected and disassembled easily "1260" virus was one of defect because the most of the virus code have different form in every infection . In the same year , new viruses appears with stealth techniques . These viruses could hide and change their location in the memory to avoid detection and removal such as whale virus. These viruses made the scanning techniques less effective because it depended on fieed and predictable elements in each copy of a virus . By 1992 the large windows – based computing community led to an increase on the boot-sector infector , but decrease the file infectors . However , these windows encouraged a new category of malware which is the macro virus . Macro is a group of Instructor: Ms. Nandita. G user commands that can be stored and run to gather . It is a technique for automating repetitive tasks within one application. The repetitive tasks help the macro virus instruction to infect other document concept was the first document or macro virus speeded by sharing documents between users . It can spread to different computing platform . For example , macro virus that infect Microsoft Word or Excel on a PC can spread to Macintosh . Melisse virus is one of the document viruses that forward itself by emails . Today the internet connection help these viruses to spread more and more by sharing documents between users through the emails attachments. The most successful email virus was (Love Bug) in 2000. It spread through emails that contained an attachment called "Love Letter" . However , Microsoft reported that these viruses doesn't infect the recipients unless they open the mail and accept the attachment. In summary , There are thousand , and thousand of different viruses these days which improve every day . However , there are many software released every day to detect and avoid these viruses. Although the wild spread of new and strong viruses, it still infect and spread only with users permission . Instructor: Ms. Nandita. G Chapter Tow : Type of Virus Boot of Virus: These virus infect floppy disk boot records or master boot records in hard disks. Boot virus load into memory if the computer tries to read the disk while it is booting. Examples: Disk Killer, Stone virus. Program viruses: These infect executable program files such extensions like .BIN , .COM , .EXE and .SYS . These programs are loaded in memory during exaction. The virus becomes active in memory, making copies of itself and infecting files on disk. Examples: Sunday and Cascade. Stealth viruses: These viruses use certain techniques to avoid detection. They may either redirect the disk head to read another sector instead of the one in which they reside or they may alter the reading lf the infected file's. Example: Frodo and Whale. Active X: Active X and Java controls will soon be the scourge of computing. Most people do not know how to control there web browser to enable or disable the various functions like playing sound or video. By default leave a nice big hole in the security by allowing applets free run into there machine. These are just few broad categories and there are many more specialized types. Parasitic Viruses (file viruses): Parasitic viruses also known as file viruses, When you start a program infected with a file virus, the virus is launched first. The operating system on your computer sees the virus as part of the program you were trying to run Instructor: Ms. Nandita. G and gives it the same right. These rights allow the virus to copy itself, install in memory or release its payload. Trojan Horse: Trojan horse are program that do things that are not described in their specifications. Trojan horse are sometime used as a mean of infecting a user with a computer virus. Trojan is programs that allow other computer users to take control of your PC over the internet. What are hoaxes? Hoaxes are reports of non-existent viruses. Typically, they are emails which do some or all of the following: Warn you that there is an undetectable, highly destructive new virus. Claim that a major software company, internet provider or government agency issued the warning. Urge you to forward the warning to other users. Why are hoaxes a problem? Hoaxes can be as disruptive and as a genuine virus. If users do forward a hoaxes warning to all there friends and colleagues, there can be a deluge of email. This can overload mail servers and make them crash. The effect is the same as that of a real virus, but the hoaxes hasn't even had to write any computer code. What is Spam Spam is unsolicited email, often advertising get-rich quick schemes, home working jobs, loans or pornographic website. Spam often comes with fake return information ,which makes it more difficult to deal with the perpetrator. Such mail should simply be deleted. Can I be infected just by visiting websites? Visiting a websites is less hazardous them opening unknown programs or document. There are risks. the threat depends on the types code used in the site and the security Instructor: Ms. Nandita. G measures taken by service providers and by you. Here are the main types of code you will encounter. Are cookies a risk ? Cookies do not pose a direct threat to your computer or the data on it. A cookie enable a website to remember your details and keep track of your visits to the site. Chapter Three : What can viruses do ? Slow down email. Viruses that spread by email, such as Sobig, can generate so much email traffic that servers slow down or crash. Even if this doesn't happen, companies may react to the risk by shutting down servers anyway. ■ Steal confidential data. The Bugbear-D worm records the user's keystrokes, including passwords, and gives the virus writer access to them. ■ Use your computer to attack websites. MyDoom used infected computers to flood the SCO software company's website with data, making the site unusable (a denial of service attack). ■ Let other users hijack your computer. Some viruses place “backdoor Trojans” on the computer, allowing the virus writer to connect to your computer and use it for their own purposes. ■ Corrupt data. The Compatable virus makes changes to the data in Excel spreadsheets. Instructor: Ms. Nandita. G ■ Delete data. The Sircam worm may attempt to delete or overwrite the hard disk on a certain day. ■ Disable hardware. CIH, also known as Chernobyl, attempts to overwrite the BIOS chip on April 26, making the computer unusable. ■ Play pranks. The Netsky-D worm made computers beep sporadically for several hours one morning. ■ Display messages. Cone-F displays a political message if the month is May. ■ Damage your credibility. If a virus forwards itself from your computer to your customers and business partners, they may refuse to do business with you, or demand compensation. ■ Cause you embarrassment. For example, PolyPost places your documents and your name on sexrelated newsgroups. Where are the virus risking ? Instructor: Ms. Nandita. G 1- CD and floppies : Floppy disks can have a virus in the boot sector . It can infected programs and documents. 2- Programs and documents : Also the programs an documents can infected by viruses . If you share this programs or documents with other users, the infection can spread . 3- Email : The attachments in email can infected by viruses . When you open the attachment the viruses well infect the computer . 4- The internet : sometimes when we download programs or documents or music maybe it is infected by virus so the security vulnerabilities in your operating system can also allow viruses to infect your computer. Which files can viruses infect ? 1- Boot sectors 2- Programs 3- Documents Chapter Four : Instructor: Ms. Nandita. G Questionnaire These graph shows the gnarl people information about computer virus .The virus attics sometimes about 57.89% of people computer and attic always about 31.58% of people computer . But 10.53% say that the virus never effect the computer. These graph show that people dose use antivirus software ? . The graph shows that 90% of people use antivirus software but 10% of people does not use antivirus software . Instructor: Ms. Nandita. G Chapter Five : Conclusion Finally we need to solve this problem by using Anti-virus software. This software detect the virus prevent the infection and eliminate the viruses . It also prevent from accessing infected files . There are different type of anti-virus software such as virus scanners and heuristics. Virus scanner is the most easy and popular form of anti-virus . However it should be updated regularly because it detect and disinfect only known viruses . There are two type of scanners on access remain active while using the computer . It automatically check the files when you try to open then and prevent users from using infected files . While on-demand scanners schedule the scanning of some files . On the other hand , heuristic form detect both known and unknown viruses because it use general rules of how the viruses looks like therefore it doesn't depends on regular updates . However, it could give false alarm sometimes . Bibliography Al-Abri Zahir ,2007, effect of computer virus , 1st Dec 2007 . Al-Balushi Karim, 2007 , types of virus , 28th Nov 2007 . Al-Dayakh Raibal,2005,Global electronic epidemic, science and the world, October 2005,vol28,p.g66 . Andreson Ross,2003,security engineering,USA. Hilme Fooad , 2005, Viruses attack SMS , science and the world, April 2005,vol22,p.g16. Instructor: Ms. Nandita. G Kamat Mayur, 29th July 2001, Viruses-Types and Examples , [on-line] http://www.boloji.com, viewed 24th Nov 2007. Krebs Brian , 14th Feb 2003, A short history of computer viruses and attacks, [on-line] http://www.securityfocus.com/news/2445, viewed 20th Nov 2007. Paquette Jeremy , 17th July 2000, A history of virus,[on-line] http://www.securityfocus.com, viewed 25th Nov 2007 . 2002,Hack proofing your network,USA,second edition. 23 October 2006 , What is a computer virus ?[on-line]http:// www.microsoft.com, viewed 24th Nov 2007 .