Chapter 19

Virus, Disaster Recovery and Maintenance plan

A+ Certification for PC Technician

Preventive Maintenance
What is Preventive Maintenance (PM)?
Performing proactive maintenance in
order to prevent system problems
Why is PM important?
It saves money, saves time, helps
safeguard Data and improves
performance
Save Money?
Avoiding problems with your PC will save
you money in the long run, compared
with laying out cash for new components
or repair jobs.
Chapter 19 – Virus, Disaster Recovery and Maintenance
Ver 1.0 10 April 2001
Save Time?
Saves time in dealing with system
failures and data loss because PM
procedures are quite simple compared
to troubleshooting and repair
procedures. Example Scandisk
Safeguard Data?
Data on the hard disk is more important
than the hardware that houses it. Take
steps to protect this data.
Improve Performances?
Some parts of the system will actually
degrade in performance over time, and
preventive maintenance will help to
improve the speed of your system in
these respects. Example Disk
Defragmentation
Plan Slide 2
PM Tasks
What are the items that need PM?
External components including the
monitor, keyboard, and mouse. Internal
components include the fans, floppy and
tape drives, circuit boards, and
expansion slots.
Cleaning Monitor?
Do not use standard glass cleaner. Use
an anti-static cleaner that has been
made especially for electronic
equipment. Standard window cleaner
may strip off the special charged
coating that is applied to the outside of
the monitor. Spray the cleaning product
on a lint-free cloth, then wipe the LCD
or CRT with the cloth.
Chapter 19 – Virus, Disaster Recovery and Maintenance
Ver 1.0 10 April 2001
Cleaning Keyboard?
May need a small electric vacuum
cleaner, compressed air, or paintbrush
to remove dust, dirt, and debris. To
remove products such as oil and soda
spots, use a volatile liquid, like rubbing
alcohol on a lint-free cloth
Cleaning Mouse?
Likely reason for a mouse stops
tracking correctly or sticks is dirt.
Clean the ball with the cleaning solution
or warm water and dry it off. Remove
any lint or dust from the rollers inside
the mouse housing
Plan Slide 3
PM Tasks
Cleaning Internal Components?
Dust and dirt tend to build inside the
computer case after a while. If left
unchecked, dust can accumulate and
cause your system to overheat and/or
crash.
How to clean the internal components?
Unplug the system and clean it
routinely. You should use compressed
air or a vacuum for this purpose. One
critical PM procedure is checking the
power supply for 5 and 12 VDC.
Chapter 19 – Virus, Disaster Recovery and Maintenance
Ver 1.0 10 April 2001
Cleaning Contacts ?
Ensure a reliable connection between
devices that are attached to the
motherboard.
What to clean on Motherbaord?
Clean the slot connectors, power supply
connectors, and keyboard connector.
How to clean Expansion card?
For the expansion cards, clean the edge
connectors that plug into slots on the
motherboard as well as any other
connectors, such as external ones
mounted on the expansion card’s
bracket. Use a contact cleaner to clean
the I/O card’s edge connector contacts
Plan Slide 4
Computer Infestations
What are the main categories of forest
infect?
Virus, Worm, Trojan and Hoax
What is a Virus?
Designed to spread itself by first
infecting executable files or the system
areas of hard and floppy disks and then
making copies of itself. Operates
without the knowledge or desire of the
computer user. Needs a Host Program.
What is a worm?
Self-replicating virus that does not
alter files but resides in active memory
and duplicates itself. Worms use parts
of an operating system that are
automatic and usually invisible to the
user. Does not need a Host.
Chapter 19 – Virus, Disaster Recovery and Maintenance
Ver 1.0 10 April 2001
What is a Trojan Horse?
A program in which malicious or harmful
code is contained inside apparently
harmless program or data. In this way it
can get control and do its chosen form of
damage, such as ruining the file allocation
table on your hard disk. Eg Troj_wipedisk
What is Hoax?
Not a virus. A message or warning about
non-existent virus. Eg Good times
“A deadly new computer virus that actually
causes home computers to explode in a
hellish blast of glass fragments and flame
has injured at least 47 people since
August 15, horrifying authorities who say
millions of people are risking injury,
blindness or death every time they sit
down to work at their PC!”
Plan Slide 5
Type of Virus
What is Boot Sector Virus?
Attack the boot program that is stored
on every bootable floppy disk or hard
disk.
How it works?
The code is executed by the system
when the PC is started up. By installing
themselves here they guarantee that
their code will be executed whenever
the system is started up, giving them
full control over the system to do what
they wish.
How does boot sector virus normally
spread?
They are spread most commonly
through infected bootable floppy
Chapter 19 – Virus, Disaster Recovery and Maintenance
Ver 1.0 10 April 2001
What is file infector?
Directly attack and modify program
files, which are usually .EXE or .COM
files.
How is it activated?
When the program is run, the virus
executes and does whatever it wants to
do. Usually it loads itself into memory
and waits for a trigger to find and
infect other program files.
How is file infector spread?
These viruses are commonly spread
through infected floppy disks, over
networks, and over the Internet.
Plan Slide 6
Type of Virus
What is a Macro Virus? What is Multipartite Virus?
Make use of the built-in programming Infect both boot sectors and files
languages in popular programs such as
Microsoft Word and Microsoft Excel
What is a Virus Hoaxes?
A rumor or warning about a virus that is
What are macro? spread from well-meaning person to
These are programs allow users to well-meaning person, telling them not to
create programs that automate tasks. download a program or take other
action, or they will get a virus. But the
virus does not exist, and in fact it is
How this virus works?
the virus warning.
As the macro languages have become
more powerful, virus writers have
created malevolent macros that, when
opened unwittingly, duplicate
themselves into other documents and
spread just like a conventional virus
would.

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 7
How Virus Spread
How can I get computer virus?
Can get infected through:
 Trading floppy disks containing
program files
 Connecting the PC to unprotected
network
 Buying software from unreliable
source
 Downloading programs from the
Internet
 Using floppy drive from unknown
source
 Use shared network program
 Reading e-mail that automatically
executes a word process to read
attached file

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 8
Anti-Virus Software
What are common Antivirus software? What are the “virus” that antivirus
1. F-secure Antivirus software cannot prevents?
2. Norton Antivirus 1. Trojan horse
3. Mcafee VirusScan 2. Hoax
4. PC-cillin
5. InocuLAN Antivirus What should you do when you suspect
that the file contain a virus?
What does antivirus program consists? Run a scan of the file to detect and
delete the virus
1. Program
2. Virus Profile (virus signature)

Why needs to update the program?

Patches and Virus Signature file (DAT).
VS must be updated periodically.

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 9
Backup
Why the need to backup? How to perform a Differential Backup?
There are many different risks to your Backup the files that have been
data: hard disk crash, software failure, changed since the last full backup
file system corruption virus infection,
theft, sabotage and natural disaster. How to perform a Incremental Backup?
Data backup ensure you can recover
Only the files that have changed since
from these situations. the last backup (Full or Incremental)
are selected. That is, those with
What are the 3 ways to select files for Archive bit that had been turned on.
Backup?
Full, Differential and Incremental What are the media used for backup?
Tape, Super disk (120MB), Zip drive
How to perform a Full Backup? (1GB), Jaz drive (2GB), CD-RW (640MB)
All the files on the hard disk are
selected for backup. The simplest type
of backup, and yields the most complete
backup image, but it takes the most
time and media space to do.

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 10
Scheduling a Backup Job
How to use DOS command to backup What is that purposed of scheduling a
small number of documents/data? backup?
Create a batch file eg. bckupdoc.bat Run automatically without user
interaction.
How to create the batch file?
For example, to copy the files from How to schedule a task?
c:\itbasic to a diskette (A: ) 1. My Computer
1. Start Notepad 2. Scheduled Tasks
2. Type XCOPY C:\ITBASIC\*.DOC A: 3. Add Schedule Task
3. Save as C:\BCKUPDOC.BAT 4. Browse to find the file
4. Create a shortcut on the Desktop BCKUPDOC.BAT
5. Specified Time and Day

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 11
Backup
What are the common software used?
Backup utility eg Microsoft Backup
Disk cloning and disk imaging software
eg Norton Ghost

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 12
RAID
What is RAID?
Redundant array of Independent disks

What is the purpose of RAID?

Use by high-end, high cost file server
or workstation to protect data. Two
copies of data are written, each to a
different hard disk.
(only 3 will be discussed here)

What is RAID 0?
Disk stripping. Increases the logical
drive capacity by treating 2 or more
disk as a single disk. Support by
Windows NT and Windows 2K.
Disadvantage?
Data is lost if 1 disk fails. No fault
tolerance.
What is RAID 1?
Disk mirroring. Protect data by writing
data twice, once to each of two disks.
Should either disk fails, the data is
safe on the other disk. Fault tolerance.
What is RAID 1 duplexing?
When each disk has its own disk
controller card.

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 13
RAID
What happens when 1 disk fails?
Data on the disk is generated on the
new disk with information from the
others.

What happens when 2 disks fails?

Data lost.

What is RAID 5?
Disk stripping with Parity. Requires at
least 3 disk, excluding the System/Boot
disk.

How RAID 5 works?

Example, 5 disks RAID 5. Data is
divided into 4 parts and written 4 disks
with parity written to the 5th disk.

Chapter 19 – Virus, Disaster Recovery and Maintenance

Ver 1.0 10 April 2001 Plan Slide 14