TERM PAPER OF OPERATING SYSTEM

CSE 316

Topic: VIRUSES

HOW WINDOWS OPERATING SYSTEM HANDLES

SUBMITTED TOLECT. Pushpendra kumar pretiya SUB MITTED BYAnu kumari SEC - E2802 Roll no A05 REG - 10802774

Acknowledgement :
I thank my family: my parents and respected teacher MR. Pushpendra kumar pretiya , for giving me life in the first place, for educating me with aspects from both arts and sciences, for unconditional support and encouragement to pursue my interests, even when the interests went beyond boundaries of language, field. I have something interesting to say, for reminding me that my research should always be useful and serve good purposes for all humankind.

HOW WINDOWS OPERATING SYSTEM HANDLES VIRUSES

An operating system (OS) is software, consisting of programs and data, that runs on computers and manages the computer hardware and provides common services for efficient execution of various application software. For hardware functions such as input and output and memory allocation, the operating system acts as an intermediary between application programs and the computer hardware, although the application code is usually executed

Directly by the hardware, but will frequently call the OS or be interrupted by it. Operating systems are found on almost any device that contains a computer from cellular phones and video game consoles to supercomputers and web servers.

computer; for instance because a user sent it over a network or the Internet, or carried it on a removable medium such as a floppy disk, CD, DVD, or USB drive. Viruses can increase their chances of spreading to other computers by infecting files on a network file system or a file system that is accessed by another computer. As stated above, the term "computer virus" is sometimes used as a catchall phrase to include all types of malware, even those that do not have the reproductive ability. Viruses are sometimes confused with worms and Trojan horses, which are technically different. A worm can exploit security vulnerabilities to spread itself automatically to other computers through networks, while a Trojan horse is a program that appears harmless but hides malicious functions. Worms and Trojan horses, like viruses, may harm a computer system's data or performance. Some viruses and other malware have symptoms noticeable to the computer user, but many are surreptitious or simply do

Examples of popular modern operating systems for personal computers are Microsoft Windows, Mac OS X, and Linux

WHAT IS A VIRUS
A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, including but not limited to adware and spyware programs that do not have the reproductive ability. A true virus can spread from one computer to another (in some form of executable code) when its host is taken to the target

nothing to call attention to themselves. Some viruses do nothing beyond reproducing themselves.

A virus should never be assumed harmless and left on a system. Most common types of viruses are mentioned below:

How operating system handle virus

For handling viruses operating system takes help of application software i.e. antivirus. "Antivirus" is protective software designed to defend your computer against malicious software. Malicious software or "malware" includes: viruses, Trojans, key loggers, hijackers, dialers, and other code that vandalizes or steals your computer contents. In order to be an effective defense, your antivirus software needs to run in the background at all times, and should be kept updated so it recognizes new versions of malicious software.

Resident Viruses
This type of virus is a permanent which dwells in the RAM memory.

Examples include:
Randex, CMJ, Meve, and MrKlunky.

Direct Action Viruses

The main purpose of this virus is to replicate and take action when it is executed. When a specific condition is met, the virus will go into action and infect files in the directory or folder that it is in and in directories that are specified in the AUTOEXEC.BAT file PATH.

TYPES OF VIRUS

Overwrite Viruses
Virus of this kind is characterized by the fact that it deletes the information contained in the files that it infects, rendering them partially or totally useless once they have been infected.

Examples of macro viruses: Relax, Melissa.

A, Bablas, O97M/Y2K.

Examples of this virus include: Way,

Trj.Reboot, Trivial.88.D.

Polymorphic Virus Polymorphic viruses encrypt or encode

themselves in a different way (using different algorithms and encryption keys) every time they infect a system.

Boot Virus
This type of virus affects the boot sector of a floppy or hard disk. This is a crucial part of a disk, in which information on the disk itself is stored together with a program that makes it possible to boot (start) the computer from the disk.

Examples include:
Elkern, Marburg, Satan Bug, and Tuareg.

Examples of boot viruses include:

Polyboot.B, AntiEXE.

File Infectors
this type of virus infects programs or executable files (files with an .EXE or .COM extension). When one of these programs is run, directly or indirectly, the virus is activated, producing the damaging effects it is programmed to carry out.

Macro Virus
Macro viruses infect files that are created using certain applications or programs that contain macros.

The majorities of existing viruses belong to this category, and can be classified depending on the actions that they carry out.

Companion Viruses
Companion viruses can be considered file infector viruses like resident or direct action types. They are known as companion viruses because once they get into the system they "accompany" the other files that already exist.

information and is a vital part of the normal functioning of the computer. This type of virus attack can be especially dangerous, by preventing access to certain sections of the disk where important files are stored. Damage caused can result in information losses from individual files or even entire directories.

Trojans or Trojan Horses

Another unsavory breed of malicious code are Trojans or Trojan horses, which unlike viruses do not reproduce by infecting other files, nor do they selfreplicate like worms.

In other words, in order to carry out their infection routines, companion viruses can wait in memory until a program is run (resident viruses) or act immediately by making copies of themselves (direct action viruses).

Logic Bombs
They are not considered viruses because they do not replicate. They are not even programs in their own right but rather camouflaged segments of other programs. Their objective is to destroy data on the computer once certain conditions have been met. Logic bombs go

Some examples include: Stator,

Asimov.1539, and Terrax.1069

FAT Virus
The file allocation table or FAT is the part of a disk used to connect

undetected until launched, and the results can be destructive.

2. Goto the startup tab and uncheck all the items (you can keep your antivirus app checked there, but what if it is infected as well?) 3. Reboot your pc If you are lucky, this approach will remove viruses from loading into the system. Next, without executing any applications, simply scan your whole system with a good antivirus software. If this does not work, connect your hard disk to a different computer in slave mode and scan this hard disk of yours with a software installed on that external computer. After the scan you can connect your hard disk back to your computer and use it normally. When you are assured that your computer is safe and does not contain any viruses, you can take some of this protective measures so you are not troubled by viruses again:

How we can remove the virus.

we remove viruses from our systems: our options: 1. Formatting your PC 2. Removing viruses while system boot-up 3. Removing viruses through anti-virus programs (externally) The first option is quite obvious. Let us look at the second. By removing viruses, before your operating system starts up you have a much better chance of eradicating them from their roots. To achieve this, simply boot your system with an emergency boot disk or by pressing f8 key (while booting) and entering safe mode. Now, when in safe mode or emergency boot up mode, do the following: 1. Click start menu then run type msconfig and hit enter

1. Install a good quality antivirus software (Recommended: ZoneAlarm) 2. Install a monitor software such as WinPatrol

3. Ensure that your operating system and antivirus softwares are frequently updated (may be once in a week would suffice

Operating system removes the virus

Viruses have become more and more complex and sophisticated and are beginning to win the war in the struggle to keep our Windows machines clear of infections. So what do you do when we cant remove a virus?

compromised and locked down to the point where you cant even work. If you have a machine that has a virus, you should not keep it plugged into a working Internet connection unless you are attempting to download removal tools, as the virus will take that opportunity to download more viruses and update itself to counter anything you try to do.

we can certainly reformat and reinstall the Operating System. While that is the preferred method when dealing with a massive virus infection, its not an option for everyone. The following may help you remove a stubborn virus if you cannot get rid of it with traditional means.

Techniques For Removing Viruses

Acting quickly will help you fight a virus. The longer you wait, the more your machine can become

Reboot into Safe Mode by tapping the F8 key when fist booting. Be sure to select Safe Mode With Networking, as you will need to get online. Next, open your web browser and download the Malwarebytes program from Malwarebytes.org. Use the free version, for now.

Allow Malwarebytes to update itself, then perform a full scan of your computer and any attached hard drives. It might take a while, depending on the size of the drives. View and remove anything it flags. The machine will want to reboot to finish the cleaning. There is a chance this will not work. If you continue to get the pop-ups and still see other signs of infection, you must reboot and go back into Safe Mode. You should try a System Restore to revert the registry back to a date prior to infection. If you know you were infected on, say, Tuesday, then go back to the previous Tuesday. A lot of times, this technique will work and the virus will be gone.

References: http://sitepress.com/antivirus/20 10/10/07/computerviruses-types-and-howto-remove-them/ http://site press.com/ antivirus/2010/10/07/c omputer-viruses-typesandHow-to-remove-them/ http://www.blurtit.com/ q783978.html http://en.wikipedia.org/ wiki/Virus