Scribd
Upload
6 views9 pages

MODULE No.21 Types of Viruses and Worms

This document discusses digital forensics with a focus on various types of computer viruses and worms. It outlines the characteristics, methods of infection, and examples of different virus types, including macro viruses, memory resident viruses, and worms. The document also emphasizes the importance of awareness and preventive measures against malware, particularly in relation to operating systems like Windows.

Uploaded by

jainflamingo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
6 views9 pages

MODULE No.21 Types of Viruses and Worms

This document discusses digital forensics with a focus on various types of computer viruses and worms. It outlines the characteristics, methods of infection, and examples of different virus types, including macro viruses, memory resident viruses, and worms. The document also emphasizes the importance of awareness and preventive measures against malware, particularly in relation to operating systems like Windows.

Uploaded by

jainflamingo
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 9

SUBJECT FORENSIC SCIENCE

Paper No. and Title PAPER No.16: Digital Forensics

Module No. and Title MODULE No.21: Types of Viruses and Worms

Module Tag FSC_P16_M21

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
TABLE OF CONTENTS

1. Learning Outcomes
2. Introduction
3. Different Types Of Computer Virus On The Basis Of Action
4. Some Other Types Of Virus
5. Worms
6. Summary

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
1. Learning Outcomes
After studying this module, you shall be able to

 Know about Virus.


 Learn how to detect Virus.
 Identify Worms.
 How avoid Virus and Worms.

2. Introduction
A computer virus is a program made to damage or cause destruction on an infected
computer. It extends by e-mail attachments, transferable devices, websites having
malevolent scripts and file downloads. A computer virus attaches itself with the host files
and will activate whenever one open the infected files. The virus can duplicate itself and
then infect the other files on the computer causing more harm.

3. Different Types Of Computer Virus On The Basis Of Action

3.1. Macro Viruses


These viruses infect the files formed using several applications or programs that include
macros like doc, pps, xls and mdb. They involuntarily infect the archive with macros and
also templates and documents that are enclosed in the file. They hide in files shared from
e-mail and networks.

 Macro viruses include:


 Relax
 bablas
 Melissa.A
 097M/Y2K

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
3.2. Memory Resident Viruses
They generally attach themselves within the computer memory. They become active
when the OS runs and end up infecting other open files. They conceal in RAM.

Memory Resident Viruses Include:

 CMJ
 meve
 randex
 mrklunky

3.2.1. Overwrite Viruses

These kinds of viruses erase any information in a file they infect, making them partially
or entirely useless if they are infected. Once in the computer, they substitute each of the
file content but the file size doesn’t change.

Overwrite Viruses Include:

 Trj.Reboot
 way
 trivial.88.D

3.3. Direct Action Viruses

These viruses mostly duplicate or take action once they are executed. When a certain
condition is met, the viruses will act by infecting the files in the directory or the folder
specified in the AUTOEXEC.BAT. The viruses are usually seen in the hard disk’s root
index, but they keep on changing location. For example: Vienna virus.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
3.4. Directory Virus
It is also recognized as cluster virus or file system virus. They infect the computer’s
directory by altering the pathway signifying file position. They are generally to be found
in the disk but have an effect on the entire directory. For example: dir-2 virus

3.5. Web Scripting Virus

The majority web pages consist of some intricate codes in order to generate an interactive
and attention-grabbing content. Such a set of laws is regularly demoralized to cause
certain objectionable actions. They typically invent from the infected web pages or
browsers. For example: JS.Fortnight – a virus that spreads via malicious emails.

3.6. Multipartite Virus

These kinds of viruses can spread in various ways. Their method varies according to their
OS installed and existence of certain files. They tend to hide in the computer’s memory
but do not infect the hard disk.

4. Some Other Types Of Viruses

4.1. Trojan horse

A program formed to distribute a malicious program that may then cause damage to your
computer. A Trojan horse is delivered by somebody or hidden inside another program
that may seem undamaging.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
4.2. Spyware

A program made to supervise your proceedings on a computer. A general type of


spyware is a key-logger program. This program can trace every key stroke and mouse
click you have done. Spyware can be delivered via a Trojan horse program. Some
spyware is not meant to be malicious, such as tracking cookies. A tracking cookie tracks
your internet usage and sends the information back to its source.

4.3. Adware

Adware is a form of malware. One word - pop-ups. Adware is formed to pop up


advertisements. Adware can be very annoying.

4.4. Worms

A nasty little program can cause less speed in a network. A worm will duplicate itself
and multiply from computer to computer. Worms are commonly spread through email
attachments.

4.5. Boot Sector Virus

Not so usual any longer, but they were spiteful little programs that got encumbered into
your master boot record. Most frequently multiply by floppy disks. These viruses could
then commence themselves ahead of your operating system even loaded. Today most
BIOS avert code from being written to the boot sector.

4.6. Time Bomb

A virus made to perform at a later date or upon an action done. These programs lay
inactive until an incident occurs.

4.7. Browser Hijacker

A virus will cover your web browser and involuntarily readdress you to another website.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
4.8. File Infector Virus

A virus that live inside a file, usually a .exe file. When the file is executed, it will then
run its malicious code.

4.9. Polymorphic Virus

A virus is made to change itself in way to evade virus detection.

5. Worms
A computer worm is a standalone malware computer program that duplicates itself so
that it can extend to other computers. Often, it uses a computer network to multiply itself,
relying on security failures on the target computer to access it. Unlike a computer virus, it
does not require to join itself to an accessible program. Worms nearly at all times cause at
least some harm to the network, still only by consuming bandwidth, while viruses almost
forever crooked or change files on a targeted computer.

Many worms that have been formed are intended only to spread, and do not effort to alter
the system they go by. However, as the Morris worm and my doom showed, even these
"payload free" worms can cause significant interference by rising network traffic and
other unintentional effects. A "payload" is code in the worm formed to do more than
multiply the worm it might delete files on a host system (e.g., the Explore Zip worm),
encrypt files in a crypto viral extortion attack, or send documents via e-mail. A very
ordinary payload for worms is to install a backdoor in the infected computer to permit the
formation of a "zombie" PC under power of the worm creator. Networks of such
machinery are frequently known to be bonnets and are very usually used by spam senders
for transferring scrap email or to hide their website's address. Spammers are therefore
thought to be a source of financial support for the formation of such worms, and the
worm writers have been caught selling lists of IP addresses of infected machines. Others
try to blackmail company with threatened DoS attacks.

Backdoors can be demoralized by other malware, comprising worms. Examples


include Doom juice, which can multiply using the backdoor opened by My doom, and at
least one example of malware taking benefit of the root kit and backdoor installed by
the Sony/BMG DRM software utilize by millions of music CDs previous to late 2005.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
5.1. The History of Worms
The real term "worm" was primarily used in John Brunner's 1975 novel, The Shockwave
Rider. In that work of fiction, Nichlas Haflinger designed and sets off a data-collecting
worm in an act of vengeance in opposition to the dominant men who run a nationwide
electronic information web that induces mass conformity. "You have the biggest-ever
worm movable in the net, and it involuntarily sabotage any effort to check it.

5.2. How to Prevent Worms


Worms extend by exploiting vulnerabilities in operating systems. Vendors with security
problems provide usual security updates and if these are installing to a device then the
greater part of worms are not capable to multiply to it. If susceptibility is disclose before
the security patch released by the merchant, a zero-day attack is possible. Users require
caution of opening surprising email, and should not run attached files or programs, or
visit web sites that are linked to such emails. However, as with the I LOVE YOU worm,
and with the amplified growth and effectiveness of phishing attacks, it remains likely to
fool the end-user into running malicious code. Anti-virus and anti-spyware software are
useful, but have to be kept up-to-date with latest blueprint files at least every few days.
The use of a firewall is also recommended. In the April–June, 2008, issue
of IEEE Transactions on reliable and protected Computing, computer scientists explain a
prospective new way to fight internet worms. The researchers exposed how to enclose the
type of worm that scans the Internet arbitrarily, looking for susceptible hosts to infect.
They establish that the key is for software to observe the number of scans that machines
on a network send out. When a machine starts transferring many scans, it is a sign that it
has been infected, allow administrator to take it off- line and make sure it for malware. In
addition, machine learning techniques can be used to identify new worms, by investigate
the performance of the alleged computer.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms
6. Summary

 A virus is a self-duplicating program formed to cause damage to your computer or


permit somebody to take control of your computer.
 Not all the kinds mentioned above are defined to be a virus, but they are forms of
malware and you require being aware of them.
 A lot of viruses are written to target Microsoft software.
 Virus writers know the majority of users use Windows as their Operating system
and Internet Explorer as their web browser.
 One easy way to reduce your chances of picking up a virus is to run a Linux
operating system.

FORENSIC SCIENCE PAPER No. 16: Digital Forensics


MODULE No. 21:Types of Viruses and Worms

You might also like