2)
Threats and malicious program that can damage a computer, mobile device or
disrupt any system.
Types of malware
|
What it does
|
1.
Computer
virus
|
·
Set
of program instruction that attaches itself to a file, reproduce itself and
spread to other files.
·
A
small software program that spread from one computer to another and interferes
with computer operation.
·
It
might corrupt or delete data on a computer use an email program to spread the
virus to other computers or even delete everything on the hard disk.
·
Current
known computer virus spread by attachment in email messages or by instant
messaging messages.
·
Virus
can be disguised as attachment of funny images, greeting cards, or video
files.
·
It
also spread through download in the internet.
|
2.
Computer
worm
|
·
A
worm is a computer code that spreads without user interaction.
·
Most
worm begin as email attachment that infected the computer when they are open.
·
Worms
usually cause computer and network performance and stability problems.
·
Example:
mass-mailing worm
|
3.
Trojan
horse
|
·
A
Trojan horse hides inside other program.
·
It
enters a legitimate program such as screen saver then it puts code into the
operating system that enables a hacker to access the infected computer.
·
It
usually spread by viruses, worms or download software.
·
Example:
keylogger-stealing password ; Rmote Access Trojan (RAT)
|
4.
Bot
|
·
Bot
is actually a short for ‘robot’.
·
Bot
sneak onto a person’s computer and spread themselves across the Internet by
searching for vulnerable, unprotected computers to infect.
·
When
they found one, they quickly infect the machine and report to their master.
·
The
bot is then awoken by their master to
perform a task.
·
They
do not work alone, but are a network of an infected machines called a
‘botnet’.
·
Example
are zombie and botnet.
|
5.
Spyware
|
·
Secretly
gathers personal information without the victim’s knowledge.
·
They
also can change the computer’s configuration or collect advertising data and
personal information.
·
They
also redirect the web browser of one’s computer to a different website that
we intend to go.
|
How to remove a Trojan, Virus, Worm, or other Malware
1.
|
|
2.
|
Reboot into Safe Mode so
that the malware is not started when you are doing these steps. Many malware
monitor the keys that allow them to start and if they notice they have been
removed, will automatically replace that start up key. For this reason
booting into safe mode allows us to get past that defence in most cases.
|
3.
|
Navigate to the C:\Autoruns folder you created in
Step 1 and double-click on autoruns.exe.
|
4.
|
When the program starts, click on the Options
menu and enable the following options by clicking on them. This will place a
checkmark next to each of these options:
·
Include empty locations
·
Verify Code Signatures
·
Hide Signed Microsoft Entries
|
5.
|
Then press the F5 key on your keyboard to refresh
the start ups list using these new settings.
* The program shows information about your start up
entries in 8 different tabs. For the most part, the filename you are looking
for will be found under the Logon or the Services tabs, but you should check
all the other tabs to make sure they are not loading elsewhere as well. Click
on each tab and look through the list for the filename that you want to
remove. The filename will be found under the Image Path column. There may be
more than one entry associated with the same file as it is common for malware
to create multiple start up entries. It is important to note that many
malware programs disguise themselves by using the same filenames as valid
Microsoft files. it is therefore important to know exactly which file, and
the folder they are in, that you want to remove. You can check our Start up Database for
that information or ask for help in our computer help forums.
|
6.
|
Once you find the entry that is associated with
the malware, you want to delete that entry so it will not start again on the
next reboot. To do that right click on the entry and select delete. This
startup entry will now be removed from the Registry.
|
7.
|
Now
that we made it so it will not start on boot up, you should delete the file
using My Computer or Windows Explorer. If you cannot see the file, it may be
hidden. To allow you to see hidden files you can follow the steps for your
operating system.
|
8.
|
When
you are finished removing the malware entries from the Registry and deleting
the files, reboot into
normal mode as you will now be clean from the infection.
|
By :
Siti norfaridatul binti Sulaiman
Ferlicia anak Rasin
Nurul
Sarah binti Jalaluddin
No comments:
Post a Comment