1 / 40

Learning about a Virus 101

Learning about a Virus 101. By: LeAndrew Davis Brandon Mitchell Phylicia Ross Norman Seifert. Comp. Squad. Over View Learning about a virus 101. Purpose of Project What is a Virus? How Viruses Affect YOU! How you can get a Virus Virus 1: PWS-OnlineGames.cp!4630D9FC

silver
Download Presentation

Learning about a Virus 101

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Learning about a Virus 101 By: LeAndrew Davis Brandon Mitchell Phylicia Ross Norman Seifert Comp. Squad

  2. Over View Learning about a virus 101 • Purpose of Project • What is a Virus? • How Viruses Affect YOU! • How you can get a Virus • Virus 1: PWS-OnlineGames.cp!4630D9FC • Virus 2: W32/Nuwar.worm • Security Issues • Getting rid of a Virus • Lab1: McAfee Avert Stinger Virus Removal Utility • Lab2: F-Secure Virus Scanner • Staying PROTECTED • Conclusion/ What we have learned

  3. Purpose of ProjectLearning about a virus 101 Comp. Squad used resources from the Internet to locate two viruses PWS-OnlineGames.cp!4630D9FC and the W32/Nuwar.worm. • Elaborate on how the viruses we choose work, including its spreading method. • Present thorough awareness on the amount of harm caused by the virus, any specific aims it identifies, if the persons responsible for the virus attack were caught, and what types of security warnings were issued about the virus attack. • Inform users of what measures were prescribed to defend against them and if the virus would best be described as a virus or a worm.

  4. What is a Virus?Learning about a Virus 101 • A Virus is a computer program which attaches itself to an executable file or an application • A computer program that can copy itself and infect a computer without permission or knowledge of the user • Computer virus is simply a set of computer instructions or computer code that is written by some unscrupulous person

  5. What is a Virus? Cont. Learning about a Virus 101 • One of two forms of malicious code • Requires a host software environment in which to execute and it can not function without such a host • In order to replicate itself, a virus must be permitted to execute code and write to memory • Viruses are broken down in different descriptions by their scientific name viruses such as malware

  6. How Viruses Affect YOU!Learning about a Virus 101 • Viruses known as malware or worms are installed without user interaction through security exploits, and may allow an attacker to remotely control the infected machine. • Major security issues and most unaware users are affected by these issues due to the lack of knowledge and awareness about computer viruses • A virus might corrupt or delete data on your computer

  7. How Viruses Affect YOU!Cont. Learning about a Virus 101 • A virus can erase everything on your hard disk • If a filesystem went down due to the virus attack and was subsequently recovered, the files restored from the damaged volume will still contain dormant virus copies • Viruses may render a computer unusable, necessitating the reinstallation of the operating system and applications • Business effects: lost revenue, lost income, wasted man hours trying to fix the computer

  8. How you can get a VirusLearning about a Virus 101 • A virus can only spread from one computer to another when its host is taken to the uninfected computer • Viruses can be sent over a network or the Internet • Viruses can be received from a removable medium such as a floppy disk, CD, or USB drive • Viruses can spread to other computers by infecting files on a network file system or a file system that is accessed by another computer • Viruses are most easily spread by attachments in e-mail messages or instant messaging messages • Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files

  9. How you can get a VirusCont. Learning about a Virus 101 • If you download files from the Internet or copy programs or files from friends on floppy disks, you are very susceptible to viruses • A virus becomes active on your computer when you execute a program that contains the virus • Viruses have even been found in commercial shrink-wrapped software

  10. How a Virus Travels ……….. Learning about a Virus 101

  11. Virus 1: PWS-OnlineGames.cp!4630D9FCLearning about a Virus 101 • This virus is just one of your basic Trojan viruses, which are spread manually through installation. They are often pass through emails, hacked Web pages, internet Relay chat, or peer to peer networks. • McAff usually identifies this virus as PWS-OnlineGames.cp which has a length of 122,116 bytes. Microsoft identifies this as pws:win32/onlinegames.er • The activity this virus consist is that it enumerates running processes and it also writes executable codes in the window folder. • · %WINDIR%\1.exe • · %WINDIR%\system32\drivers\klif.sys • They also create the following registry  • hkey_local_machin\system\currentcontrolset\services\kavsys\ • errorcontrol= 1 • imagepath = \??\c:\windows\system32\drivers\klif.sys

  12. Virus 1: PWS-OnlineGames.cp!4630D9FCCont. Learning about a Virus 101 Symptoms • This symptoms of this detection are the files, registry, and network communication referenced in the characteristics section.

  13. Virus 2: W32/Nuwar.worm Learning about a Virus 101 • This is just one of your basic worm viruses. This virus was discovered 10/21/2008.It is a mass mailing worm which attempts to send copies of itself based on email information harvested from the host system it uses spammed messages to direct users to download copies of the worm. • This viruses goes by numerous alias names depending on the software that discovers it such as:  • Email-Worm.Win32.Glowa (Kaspersky) • I-Worm/Nuwar (Grisoft) • Storm Worm • Trojan.Peacomm.D (Symantec) • WORM_NUWAR

  14. Virus : W32/Nuwar.wormLearning about a Virus 101 Symptoms • The worm will terminate applications based on window name.  Applications using the following text in their window name will be terminated within a few seconds of launch: • mcafee • firewall • hijack • The malware author uses a theme about FBI and Facebook. The spamned emails contain a link to a video, which would cause downloading an executable file, often called fbi_facebook.exe. • The worm will finish constructing the spoofed email addresses by using domain names found on the system.

  15. Security Issues Learning about a Virus 101 • PWSOnlineGames.cp!4630D9FC • W32/Nuwar.worm • Unaware users will be affected by these issues due to the lack of knowledge and awareness about the virus. • Malware or Worms are installed without user interaction

  16. Getting rid of a Virus Visit your virus-scan software manufacturer’s Web site and install any virus updates that are available. Search the Web for info regarding your specific virus Download and install any patches that will help eliminate the virus Run another virus scan to make sure the virus has been dealt with properly

  17. Lab 1: McAfee Avert Stinger Virus Removal Utility Type of Investigation: Detecting and Removing Viruses Source: Freeware Goal of lab: To explain how to remove a Virus using McAfee Avert Stinger Virus Removal Utility Operating Systems: Windows XP, Windows Vista

  18. McAfee Avert Stinger Virus Removal Utility: Step One

  19. McAfee Avert Stinger Virus Removal Utility: Step Two

  20. McAfee Avert Stinger Virus Removal Utility: Step 2 cont…

  21. McAfee Avert Stinger Virus Removal Utility: Step Three

  22. McAfee Avert Stinger Virus Removal Utility: Step Four

  23. McAfee Avert Stinger Virus Removal Utility: Step 4 cont…

  24. McAfee Avert Stinger Virus Removal Utility: Step Four cont..

  25. Lab 2: F-Secure Virus Scanner Type of Investigation: Scanning a computer/Anti-virus protection Source: Freeware Goal of lab: To find out if your computer is infected with a virus and clean your PC when it is needed. Operating Systems: Windows 2000 or more

  26. F-Secure Virus Scanner: Step One Go to the F-Secure website and click on downloads section to find the F-Secure Online Virus Scanner. To install the scanner, click on "Start Scanning". Read all the end user license agreements and click on "Accept. http://support.f-secure.com/enu/home/ols.shtml

  27. F-Secure Virus Scanner: Step One

  28. F-Secure Virus Scanner: Step One

  29. F-Secure Virus Scanner: Step Two

  30. F-Secure Virus Scanner: Step Two cont…

  31. F-Secure Virus Scanner: Step Two cont…

  32. F-Secure Virus Scanner: Step Three

  33. F-Secure Virus Scanner: Step Four

  34. F-Secure Virus Scanner: Step Four

  35. F-Secure Virus Scanner: Step Five

  36. F-Secure Virus Scanner: Step Five cont…

  37. F-Secure Virus Scanner: Step Five cont…

  38. Staying ProtectedLearning about a Virus 101 • Use the default security settings • Turn on the security features • Check Security Bulletins regularly • Download files only from trusted sites • Install only from authentic CDs • Back up your data regularly • Don't open suspicious e-mail messages or files 

  39. ConclusionLearning about a Virus 101 • Every day new viruses are produced and found in computer networks everywhere and we want to grant the information necessary to discontinue these attacks from occurring. • Computer users must be knowledgeable on how to install patches/updates, configure firewalls, and install anti-virus software. • Comp. Squad plans to take the measures required to make this happen.

  40. QuestionsLearning about a virus 101

More Related