CAMBO TECH YOUTH GROUP

Viruses Elimination

Professional Lecturer: KEAN TAK

Trainer: - LEANG PENGAN- THACH MONIROTH

Team : CHEAT SOVANNARA, BUN CHANTHEARA, CHAP SOVANYUTH, HEL SOMBO.

VIRUS ELIMINATION

What is Computer Viruses?• Computer Viruses is a program made by the programmer

to do some malfunctions in computer, can delete documents, and make your system run slowly.

Type of Computer Viruses• Viruses: Copy itself and infect to computer. • Spyware: Collect information and send to spyware author. • Malware: Infiltrate in to system without owner’s informed.• Worms: A self-replicating malware program.• Trojan: None self-replicating. • RAT: Remote Administrator Toolkits.

Computer Viruses Infection Method• Overwriting : Merge to existing file ( File will be broken).

• Appending : Embedded into file (File still able to be run).

• Disk Infector : Make change to MBR(Windows can’t boot).

Computer Viruses Symptoms• Working Program return some errors.• The Computer is crashing and restarting by itself.• RAM overgrow • Your disks and drives are not working properly. • There are error messages popping out • The Computer running slower than normal.• Your files and folders are getting deleted automatically. • You are unable to install a new antivirus program.

Startup Mode in Windows XP• Safe Mode: Start with minimal drivers and services.• Normal Mode: Start with all drivers and services.• Debugging Mode: Start with Windows debugging tools.

Type of Folder in Windows

• Normal Folder : Folder created by normal users.• Special Folder: Folder created by System.

Useful Programs in Windows OS• Command Prompt(cmd) : Getting into new MS DOS.

• Old Command Prompt(command) : Getting into old MS DOS

• Registry Editor(regedit) : Modify Registry Key and Value.

• System Configuration(msconfig) : Manage startup program.

• Task Manager (taskmgr) : Manage Process, Performance, running app.

• Group Policy Editor(gpedit) : a new way to modify value in Regedit

How to Remove Viruses• Kill all running viruses process.• Delete all Viruses associated files.• Remove and correct some Registry Key & Value.

> How to Kill Virus Process

• Using build-in Task Manager• Using Third Party Program : Process XP, Win XP

Manager, Win Vista Manager, Win 7 Manager …

> How to delete all Viruses associated files

• Show all Hidden File and folder in Folder Options

• Search for viruses extension (.exe, .com, .bat, .pif, .scr ) from all drives.

• Use boot CD to delete Viruses files: eg. ERD commander(optional), Bart PE or any live CD.

• Search and Delete all registry key or value created by Viruses.

Introduction to Useful Built-in Windows Tools

1- System Configuration (msconfig)• To open it:

• Start > Run > Type: msconfig

2- Task Manager (taskmgr)• To open it:

• Start > Run > Type : taskmgr Or right click on Taskbar > Task Manager Or Press CTRL + ALT + Del key.

3- Group Policy (gpedit.msc)• To open it:

• Start > Run > type : gpedit.msc

4- Command Line (cmd)• To open it:

• Start > Run > type: cmd ( For new version of command line)• Start > Run > type : command (For old version of command line).

Key Pane

Root Keys Sub keys

Value Name

Contents pane

Value Data

• How to Read Registry Key• No warning when delete or modify of key or value• Data Type of Registry• Hive Key in Registry• How Registry work• Working with permission Registry Value• How to Import/Export Registry Value• How to safely modify key or value in registry

5- Registry (regedit)

Batch File and Script File• Batch File (.Bat File) : Using Windows Command line.

• Script File (VbScript File): Using Microsoft VB language.

Thanks You

Contact me :• moniroth@live.com• Twitter/moniroth• Facebook/roth999• Skype: roth999• HP: 017 877 855• Website: http://bestpctips.co.cc• Blog: http://moniroth.wordpress.com