Republic of the Philippines

Region III
PRESIDENT RAMON MAGSAYSAY STATE UNIVERSITY
Iba, Zambales

GRADUATE SCHOOL DEPARTMENT

________________________________________________________________________

Subject : COMPUTER INFORMATION TECHNOLOGY

Topic : COMPUTER VIRUSES AND WORMS
Professor : JOHN LENON E. AGATEP, Ed. D.
Reporter : HELEN A. ABARRA
MAED-EA

Introduction

Malware is a short for “malicious software,” also known as malicious code or

“malcode.” It is code or software that is specifically designed to damage, disrupt, steal, or

in general inflict some other “bad” or illegitimate action on data, hosts, or networks.

There are many different classes of malware that have varying ways of infecting

systems and propagating themselves. Malware can infect systems by being bundled with

other programs or attached as macros to file.

Two of the most common types of malware are viruses and worms.

COMPUTER VIRUSES AND WORMS

Differences between worms and viruses

As defined in the "Security of the Internet" report, released in 1996 by the CERT

Division of the Software Engineering Institute at Carnegie Mellon University, computer

worms "are self-replicating programs that spread with no human intervention after they
are started." In contrast, "[v]iruses are also self-replicating programs, but usually require
some action on the part of the user to spread inadvertently to other programs or

systems."

WHAT IS A COMPUTER VIRUS?

A computer virus is a type of malicious code or program written to alter the way a

computer operates and is designed to spread from one computer to another. A virus

operates by inserting or attaching itself to a legitimate program or document that

supports macros in order to execute its code. In the process, a virus has the potential to

cause unexpected or damaging effects, such as harming the system software by

corrupting or destroying data.

How does a computer virus attack?

Once a virus has successfully attached to a program, file, or document, the virus

will lie dormant until circumstances cause the computer or device to execute its code. In

order for a virus to infect your computer, you have to run the infected program, which in

turn causes the virus code to be executed.

This means that a virus can remain dormant on your computer, without showing

major signs or symptoms. However, once the virus infects your computer, the virus can

infect other computers on the same network. Stealing passwords or data, logging

keystrokes, corrupting files, spamming your email contacts, and even taking over your

machine are just some of the devastating and irritating things a virus can do.

While some viruses can be playful in intent and effect, others can have profound and

damaging effects. This includes erasing data or causing permanent damage to your hard
disk. Worse yet, some viruses are designed with financial gains in mind.

How do computer viruses spread?

In a constantly connected world, you can contract a computer virus in many ways,

some more obvious than others. Viruses can be spread through email and text message

attachments, Internet file downloads, and social media scam links. Your mobile devices

and smartphones can become infected with mobile viruses through shady app

downloads. Viruses can hide disguised as attachments of socially shareable content such

as funny images, greeting cards, or audio and video files.

To avoid contact with a virus, it’s important to exercise caution when surfing the

web, downloading files, and opening links or attachments. To help stay safe, never

download text or email attachments that you’re not expecting, or files from websites you

don’t trust.

A computer virus attack can produce a variety of symptoms. Here are some of them:

 Frequent pop-up windows.

Pop-ups might encourage you to visit unusual sites. Or they might prod you to

download antivirus or other software programs.

 Changes to your homepage. Your usual homepage may change to another

website, for instance. Plus, you may be unable to reset it.

 Mass emails being sent from your email account. A criminal may take control of

your account or send emails in your name from another infected computer.

 Frequent crashes. A virus can inflict major damage on your hard drive. This may
 cause your device to freeze or crash. It may also prevent your device from coming

back on.

 Unusually slow computer performance. A sudden change of processing speed

could signal that your computer has a virus.

 Unknown programs that start up when you turn on your computer. You may

become aware of the unfamiliar program when you start your computer. Or you

might notice it by checking your computer’s list of active applications.

 Unusual activities like password changes. This could prevent you from logging into

your computer.

How can you help protect your devices against computer viruses?

Here are some of the things you can do to help keep your computer safe.

 Use a trusted antivirus product, such as Norton AntiVirus Basic, and keep it

updated with the latest virus definitions. Norton Security Premium offers

additional protection for even more devices, plus backup.

 Avoid clicking on any pop-up advertisements.


 Always scan your email attachments before opening them.

 Always scan the files that you download using file sharing programs.

What are the different types of computer viruses?

1. Boot sector virus

This type of virus can take control when you start — or boot — your computer.

One way it can spread is by plugging an infected USB drive into your computer.

2. Web scripting virus

This type of virus exploits the code of web browsers and web pages. If you access
such a web page, the virus can infect your computer.

2. Browser hijacker

This type of virus “hijacks” certain web browser functions, and you may be

automatically directed to an unintended website.

3. Resident virus

This is a general term for any virus that inserts itself in a computer system’s

memory. A resident virus can execute anytime when an operating system loads.

4. Direct action virus

This type of virus comes into action when you execute a file containing a virus.

Otherwise, it remains dormant.

6. Polymorphic virus
A polymorphic virus changes its code each time an infected file is executed. It
does this to evade antivirus programs.

7. File infector virus

This common virus inserts malicious code into executable files — files used to

perform certain functions or operations on a system.

8. Multipartite virus

This kind of virus infects and spreads in multiple ways. It can infect both program

files and system sectors.

9. Macro virus
Macro viruses are written in the same macro language used for software
applications. Such viruses spread when you open an infected document, often through

email attachments.

How to remove computer viruses

You can take two approaches to removing a computer virus. One is the manual

do-it-yourself approach. The other is by enlisting the help of a reputable antivirus

program.

Want to do it yourself?

There can be a lot of variables when it comes to removing a computer virus. This process
usually begins by doing a web search. You may be asked to perform a long list of steps.
You’ll need time and probably some expertise to complete the process.

If you prefer a simpler approach, you can usually remove a computer virus by using an
antivirus software program.

What’s a Computer Worm?

Worms are a self-replicating type of malware (and a type of virus) that enter networks by
exploiting vulnerabilities, moving quickly from one computer to another. Because of this,
worms can propagate themselves and spread very quickly – not only locally, but have the
potential to disrupt systems worldwide.
Unlike a typical virus, worms don’t attach to a file or program. Instead, they slither and
enter computers through a vulnerability in the network, self-replicating and spreading
before you’re able to remove the worm. But by then, they’ll already have consumed all
the bandwidth of the network, interrupting and arresting large network and web servers.

Types of computer worms

Pure computer worms propagate themselves from infected systems to uninfected

systems. This does not minimize the potential for damage from such computer worms.

An infected system may become unavailable or unreliable due to the

computing overhead associated with propagation of the worm, while computer worms
are also known to disrupt networking through saturation of network links with malicious
traffic associated with worm propagation.
More commonly, a computer worm is either a virus or worm hybrid -- a piece of malware
that spreads like a worm, but that also modifies program code like a virus -- or else
carries some sort of malicious payload, such as a virus, ransomware or some other type
of malware.

A bot worm may be used to infect computers and turn them into zombies or bots, with
the intent of using them in coordinated attacks through botnets. Instant messaging,
or IM worms propagate through instant messaging services and exploit access to contact
lists on victim computers.

Email worms are usually spread as malicious executable files attached to what appear to
be ordinary email messages. The email worm spreads by forcing an infected system to
resend the worm to email addresses in user contact lists; the worm infects new systems
when email recipients open the file. Successful email worms usually incorporate social
engineering methods to prompt users to open the attached file.

An ethical worm is a computer worm designed to propagate across networks with the
express purpose of delivering patches for known security vulnerabilities. While ethical
worms have been described and discussed in academia, actual examples in the wild have
not been found, most likely because the potential for unexpected harm done to systems
that react unexpectedly to such software outweighs the potential for removing
vulnerabilities. In any case, unleashing any piece of software that makes changes to a
system without the permission of the system owner opens the publisher to various
criminal and civil charges.

Prevention, detection and removal of computer worms

Users should practice good cybersecurity hygiene to protect themselves against being
infected with computer worms. Measures that will help prevent computer worm
infections include:
 Keeping up to date with operating systems and all other software patches and
updates will help reduce the risk due to newly discovered vulnerabilities.
 Using firewalls will help reduce access to systems by malicious software, while
using antivirus software will help in preventing malicious software from running.
 Being careful with links in email or other messaging applications, which may expose
systems to malicious software. Likewise, attachments to messages from unknown
senders are also often used as vectors for distributing malicious software.
Although some worms are designed to do nothing more than propagate themselves to
new victim systems, most worms are associated with viruses, rootkits or other malicious
software.

The first step to remove a computer worm is to detect the presence of the worm, which
can be difficult.

Some factors that may indicate the presence of a worm include:

 Computer performance issues, including degraded system performance, system
freezing or crashing unexpectedly.
 Unusual system behavior, including programs that execute or terminate without user
interaction; unusual sounds, images or messages; the sudden appearance of
unfamiliar files or icons, or the unexpected disappearance of files or icons; warning
messages from the operating system or antivirus software; and email messages sent
to contacts without user action.

Removing a computer worm can be difficult. In extreme cases, the system may need
to be formatted, and all the software reinstalled. If it is possible to identify the computer
worm infecting the system, there may be specific instructions or tools available to
remove the infection. However, the system should be disconnected from the internet or
any network, wired or wireless, before attempting to remove the computer worm;
removable storage devices should also be removed and scanned separately for
infections.

POTENTIALLY UNWANTED PROGRAMS OR APPLICATIONS

Software that a user may perceive as unwanted. This may include adware,
spyware, or browser hijackers. Such software may use an implementation that can
compromise privacy or weaken the computer’s security. Companies often bundle a
wanted program download with a wrapper application and may offer to install an
unwanted application, in some cases without providing a clear opt-out method.

Adware

Software that generates revenues for its developer by automatically generating

online advertisements in the user interface of the software or on a screen presented to
the user during the installation process. The software may generate two types of
revenue: one is for the display of the advertisement and another on a “pay-per-click”
basis if the user clicks on the advertisement.

Spyware
 A software that aims to gather information about a person or organization
without their knowledge, that may send such information to another entity without the
consumer’s knowledge.

Browser Hijacker

Software that modifies a web browser’s settings without a user’s permission to

inject unwanted advertising into the user’s browser. A browser hijacker may replace the
existing home page, error page, or search engine with its own. These are generally used
to force hits to a particular website, increasing its advertising revenue. This software
often comes in the form of a browser toolbar and is received through an email
attachment or file download.