Malicious Software

Identification

Presented By:

Sandeep Kaur

What is Malicious Software?

Malware, short for malicious software, is software used to disrupt

computer operation, gather sensitive information, or gain access to

private computer systems.

It can appear in the form of code, scripts, active content, and other

software.

In law , malware is sometimes known as a computer contaminant.

List of malware

Virus

Logic bomb

Trojan horse

Spyware

Backdoors

Virus

A Computer Virus is a program that can copy itself and infect a

computer without the permission or knowledge of the user.

A Computer Virus has 2 major characteristics: the ability to replicate

itself, and the ability to attach itself to another computer file.

Viruses can be transmitted as attachments to an e-mail note or in a

downloaded file, or be present on a diskette or CD.

Two different types of viruses occur in PCs:

boot sector viruses (BSV) & program viruses.

Logic bomb

one of oldest types of malicious software.

A logic bomb is a program that performs a malicious action as a

result of a certain logic condition.

A logic bomb is programming code, inserted intentionally, that is

designed to execute (or "explode") under circumstances such as

the lapse of a certain amount of time or the failure of a program

user to respond to a program command.

Trojan Horse

Trojan horse is any program that invites the user to run it, concealing

harmful or malicious code.

The code may take effect immediately and can lead to many

undesirable effects, such as deleting the user's files or installing

additional harmful software.

Some Trojans allow people to take control of your computer so that

they can send out spam e-mail (making it look as if it comes from you) or do other underhand things.

Spyware

Spyware is any technology that aids in gathering information about

a person or organization without their knowledge.

On the Internet (where it is sometimes called a Spybot or tracking software), Spyware is programming that is put in someone's

computer to secretly gather information about the user and relay it

to advertisers or other interested parties.

Spyware can get in a computer as a software virus .

Spyware software payload

1. Spyware engine infects

a user’s computer.

Computer user

2. Spyware process collects

keystrokes, passwords,

and screen captures.

3. Spyware process

periodically sends

collected data to

spyware data collection

agent.

Spyware data collection agent

Backdoor

A backdoor, which is also sometimes called a trapdoor, is a hidden

feature or command in a program that allows a user to perform

actions he or she would not normally be allowed to do.

It is a method of gaining access to some part of a system other than

by the normal procedure .

Hackers who successfully penetrate a system may insert trapdoors to allow them entry at a later date, even if the vulnerability that

they originally exploited is closed.

have been commonly used by developers.

Malware attacks

What can I do?

Use only trusted software not pirated software.

Regularly take backup of the programs.

Use anti-virus software to detect and remove viruses.

Install firewall software, which hampers or prevents the functionality

of worms and Trojan horses.

Make sure that the e-mail attachments are secure.

Do not keep a floppy disk in the drive when starting a program,

unless sure that it does not include malicious software, else virus will

be copied in the boot sector.

Can we remove virus without

antivirus?

On command prompt:

For check the virus:

>dir c: s –h *.* /s /d

For shortcut virus:

Type “attrib –r –a –s –h /s /d (name of drive):/*.*”

For delete:

Delete autorun.inf

Anti-Malware Software

Thank you