Virus Elimination Course
-
Upload
thach-moniroth -
Category
Technology
-
view
1.677 -
download
0
description
Transcript of Virus Elimination Course
![Page 1: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/1.jpg)
CAMBO TECH YOUTH GROUP
Viruses Elimination
Professional Lecturer: KEAN TAK
Trainer: - LEANG PENGAN- THACH MONIROTH
Team : CHEAT SOVANNARA, BUN CHANTHEARA, CHAP SOVANYUTH, HEL SOMBO.
![Page 2: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/2.jpg)
VIRUS ELIMINATION
![Page 3: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/3.jpg)
What is Computer Viruses?• Computer Viruses is a program made by the programmer
to do some malfunctions in computer, can delete documents, and make your system run slowly.
Type of Computer Viruses• Viruses: Copy itself and infect to computer. • Spyware: Collect information and send to spyware author. • Malware: Infiltrate in to system without owner’s informed.• Worms: A self-replicating malware program.• Trojan: None self-replicating. • RAT: Remote Administrator Toolkits.
![Page 4: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/4.jpg)
Computer Viruses Infection Method• Overwriting : Merge to existing file ( File will be broken).
• Appending : Embedded into file (File still able to be run).
• Disk Infector : Make change to MBR(Windows can’t boot).
Computer Viruses Symptoms• Working Program return some errors.• The Computer is crashing and restarting by itself.• RAM overgrow • Your disks and drives are not working properly. • There are error messages popping out • The Computer running slower than normal.• Your files and folders are getting deleted automatically. • You are unable to install a new antivirus program.
![Page 5: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/5.jpg)
Startup Mode in Windows XP• Safe Mode: Start with minimal drivers and services.• Normal Mode: Start with all drivers and services.• Debugging Mode: Start with Windows debugging tools.
Type of Folder in Windows
• Normal Folder : Folder created by normal users.• Special Folder: Folder created by System.
![Page 6: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/6.jpg)
Useful Programs in Windows OS• Command Prompt(cmd) : Getting into new MS DOS.
• Old Command Prompt(command) : Getting into old MS DOS
• Registry Editor(regedit) : Modify Registry Key and Value.
• System Configuration(msconfig) : Manage startup program.
• Task Manager (taskmgr) : Manage Process, Performance, running app.
• Group Policy Editor(gpedit) : a new way to modify value in Regedit
![Page 7: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/7.jpg)
How to Remove Viruses• Kill all running viruses process.• Delete all Viruses associated files.• Remove and correct some Registry Key & Value.
> How to Kill Virus Process
• Using build-in Task Manager• Using Third Party Program : Process XP, Win XP
Manager, Win Vista Manager, Win 7 Manager …
![Page 8: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/8.jpg)
> How to delete all Viruses associated files
• Show all Hidden File and folder in Folder Options
![Page 9: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/9.jpg)
• Search for viruses extension (.exe, .com, .bat, .pif, .scr ) from all drives.
• Use boot CD to delete Viruses files: eg. ERD commander(optional), Bart PE or any live CD.
• Search and Delete all registry key or value created by Viruses.
![Page 10: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/10.jpg)
Introduction to Useful Built-in Windows Tools
![Page 11: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/11.jpg)
1- System Configuration (msconfig)• To open it:
• Start > Run > Type: msconfig
![Page 12: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/12.jpg)
2- Task Manager (taskmgr)• To open it:
• Start > Run > Type : taskmgr Or right click on Taskbar > Task Manager Or Press CTRL + ALT + Del key.
![Page 13: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/13.jpg)
3- Group Policy (gpedit.msc)• To open it:
• Start > Run > type : gpedit.msc
![Page 14: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/14.jpg)
4- Command Line (cmd)• To open it:
• Start > Run > type: cmd ( For new version of command line)• Start > Run > type : command (For old version of command line).
![Page 15: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/15.jpg)
Key Pane
Root Keys Sub keys
Value Name
Contents pane
Value Data
![Page 16: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/16.jpg)
• How to Read Registry Key• No warning when delete or modify of key or value• Data Type of Registry• Hive Key in Registry• How Registry work• Working with permission Registry Value• How to Import/Export Registry Value• How to safely modify key or value in registry
5- Registry (regedit)
![Page 17: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/17.jpg)
Batch File and Script File• Batch File (.Bat File) : Using Windows Command line.
• Script File (VbScript File): Using Microsoft VB language.
![Page 18: Virus Elimination Course](https://reader036.fdocuments.net/reader036/viewer/2022062313/558637e8d8b42aa52c8b482f/html5/thumbnails/18.jpg)
Thanks You
Contact me :• [email protected]• Twitter/moniroth• Facebook/roth999• Skype: roth999• HP: 017 877 855• Website: http://bestpctips.co.cc• Blog: http://moniroth.wordpress.com