UNIVERSITY VITEZ TRAVNIK

FACULTY OF HEALTH CARE

STUDY AND CYCLE; FIRST-CYCLE; 1st YEAR
COURSE: NURSING

Thopic of seminar paper:

COMPUTER VIRUSES

Student: Lamija Hodi

Travnik, 2017.

STATEMENT: I, Lamija Hodi, student of University Vitez

Travnik, index number: 0341-14/RZ, responsibly and with moral and
academic responsibility, declare that I have created this work
completely independently, using the cited literature and with the help
of assistant.
Student's signature: Lamija Hodi

SUBJECT: Informatika u zdravstvu i softwerski program

PROFESSOR: Doc. dr. Haris Panda
ASSISTANT: Nermina Konjali
STUDENT: Lamija Hodi
DIRECTION: Nursing

1. Introduction
2. Computer viruses

2
 -Activation of computer viruses
-Antivirus protection
3. Class of viruses
4. Worm and Trojan Virus
5. Antivirus programs
-type of antivirus programs
6. Antivirus methods
7. Network viruses
-Bad Attachments
-Computer network protection
8. Six golden rules to keep PC safe from viruses
9. Literature

INTRODUCTION
Dr. Cohen is a globally recognized expert in information protection
and cybersecurity. He is an ISC2 Fellow, has won international
awards, given keynote speeches at major conferences in this field,
3
acted on advisory boards for many companies, is a recognized
industry analyst in security strategies, and his work in this area is
reflected in many of his other businesses, and other aspects of his
work. Dr. Cohen is best known in the information protection
community for his seminal work on "computer virus" potential
capabilities and defenses. He wrote much of the original work in this
field in the 1980s. computer 'virus' as a program that can 'infect' other
programs by modifying them to include a possibly evolved copy of
itself. With the infection property, a virus can spread throughout a
computer system or network using the authorizations of every user
using it to infect their programs. Every program that gets infected may
also act as a virus and thus the infection grows.
- But there's a problem with Cohen's short definition. The problem
with Cohen's shortened definition is that it does not include many
features that gives its mathematical model. However, using Cohen's
formal model, he classifies some things in viruses that no one would
have thought it such as a virus, for example DISKCOPY program.

- Most of us, would agree with this virus definition: Virus is a

software that can replicate itself and spread to other computers or that
are programmed to damage a computer by deleting files, reformatting
the hard disk, or using up computer memory.''

- Some viruses are programmed to damage the computer by damaging

programs, deleting files, or reformatting the hard disk. Others are not
designed to do any damage, but simply replicate themselves and
perhaps make their presence known by presenting text, video, or audio
messages. Even these benign viruses can create problems for the
computer user.
They typically take up computer memory used by legitimate
programs. As a result, they often cause erratic behavior and can result
in system crashes. In addition, many viruses are bugridden, and these
bugs may lead to system crashes and data loss.

4
The term "virus" is also commonly, but erroneously, used to refer to
other types of malware. "Malware" encompasses computer viruses
along with many other forms of malicious software, such as computer
"worms", ransomware, trojan horses, keyloggers, rootkits, spyware,
adware, malicious Browser Helper Object (BHOs) and other malicious
software.
- These programs are actually very serious matter, they reproduce
faster than they can be found and stopped. Most harmless virus can be
a real life threat. Most harmless virus can be a real life threat. For
example, in the case of a hospital and a computer system that
maintains and monitors the vital functions of the patient, the virus that
would '' just '' stopped the computer and would not do anything but
proved harmless message on the screen and waited until someone
presses a key, in fact could cause fatal place for the patient. Even those
who are developing viruses can not stop their spreading and even if
they themselves want it.
- Computer viruses are actually a special case of something known as
'' sick logic '' (malicious logic) or malware.

Computer viruses

A computer virus is a computer program that can copy itself and

infect a computer without permission or knowledge of the user. The
original may modify the copies or the copies may modify themselves,
as occurs in a metamorphic virus. The term comes from the term virus
5
in biology. A computer virus reproduces by making, possibly
modified, copies of itself in the computer's memory, storage, or over a
network. This is similar to the way a biological virus works.
Some viruses are programmed to damage the computer by
damaging programs, deleting files, or reformatting the hard disk.
Others are not designed to do any damage, but simply replicate
themselves and perhaps make their presence known by presenting
text, video, or audio messages. Even these benign viruses can create
problems for the computer user. They typically take up computer
memory used by legitimate programs. As a result, they often cause
erratic behavior and can result in system crashes. In addition, many
viruses are bugridden, and these bugs may lead to system crashes and
data loss.

In the late '80s, computer viruses were pieces of code attached to

the program as they were games or word processors. They are
designed to run when you start up one of these programs. They were
entering in the memory and looking for a suitable ground for
expansion. If they find what they're looking for, their work would
begin, which can manifest itself in several ways. Over time, the virus
writers become more creative, because they learned new '' tricks ''.

One of the best was the possibility of entering viruses in

memory, so that it stayed as long as the computer was turned on
(running). This allowed to virus massive replication. Another
interesting trick was the possibility of infection by a boot floppy or
hard disk. It is part of the disk that the system reads after starting
computer. Today, the spread of viruses on this basis is reduced because
programs for virus protection guard boot sectors, and the program
excange takes place via CD or the Internet. CD can not be modified,
which significantly reduces the risk of spreading the virus. However,
if the data before burning the CD does not test, there is a chance that
the virus '' save '' with him.

Activation of computer virus

6
 When the computer virus starts working, it is called the
activation of virus. A virus normally runs all the time in the computer.
Different viruses are activated in different ways. Many viruses are
activated on a certain data. For example, a popular virusFriday, the
13th is activated only if the date is 13 and the day is Friday. A virus
generally will be activated when it is loaded into a computers
memory, and then it may continue to spread its viral code into a
number of other programs and files stored on the host computer.

The computers programs may still continue to work normally,

but also spread the virus code to other machines on the same network,
or machines that use the same storage devices. Some viruses use
polymorphic code to avoid detection by antivirus software, modifying
their decryption modules so that the virus changes each time it infects
a new host. Software developers that produce programs with large
numbers of bugs are prime targets for viruses because they exploit
these bugs in order to spread. Since viruses are built to avoid
detection, antivirus software can create bait files that get the virus to
infect it in order to study the virus or to discover and remove it. It is
always a good idea to keep antivirus software up to date for protection
against new viruses. The number of Internet users worldwide has
skyrocketed since the birth of the World Wide Web.

Regardless of the method of delivering the infection, the virus

typically will behave in a similar way. Usually the virus first infects
the computer on which it is due and then will enter in phase of
reproduction. During this period, he will use different methods of
transmitting information from infected computer to the other. During
this period the virus will not to do any harm in order to stay
undetected. Only after a while expansion program will achieve full
functionality, or he will do damage.
The system protection against abuse of information technology should
include three types of protection:

1. Protection of information systems from unauthorized user access;

7
2. Antivirus protection and
3. Protection of classified information.

Antivirus protection

Antivirus or anti-virus software, sometimes known as anti-

malvare software, is computer software used to prevent, detect and
remove malicious software. Antivirus software was originally
developed to detect and remove computer viruses, hence the name.
However, with the proliferation od other kinds od malware, antivirus
software started to provide protection from other computer threats. If
there is a virus infection in the information system that leads to
cleansing of all existing content, including viruses. It should be kept in
mind that, all information content on them will be lost. For this
reason making copies is one of exceptional importance in antivirus
protection.

CLASS OF VIRUSES

After years of evolution and developing tools for protection

against viruses and increasingly acquired knowledge about them, by
the companies that produce them, viruses are divided into basic
classes:

- boot sector virus,

- file infector,
- macro virus and
- Internet virus.

Boot sector virus

A boot sector is a region of a hard disk, floppy disk, optical disc, or
other data storage device that contains machine code to be loaded into
random-access memory (RAM) by a computer system's built-in
firmware. The purpose of a boot sector is to allow the boot process of
8
a computer to load a program (usually, but not necessarily, an
operating system) stored on the same storage device. The location and
size of the boot sector (perhaps corresponding to a logical disk sector)
is specified by the design of the computing platform. The elimination
of boot sector viruses performs exclusively by booting computer using
''clean'' boot disk or CD who contains virus removal tools.

File infector
A file infector virus attaches itself to executable programs, such as
word processors, spreadsheet applications, and computer games.
When the virus has infected a program, it propagates to infect other
programs on the system, as well as other systems that use a shared
infected program. Jerusalem and Cascade are two of the best known
file infector viruses. File infectors viruses are made to infect files of on
the computer. File infectors spread once the user runs the infected file.
The virus copies itself to locations on the computer where it can be
executed; usually in RAM. The file infector will continue to infect
files while granting the virus access to the infect files.
Macro viruses
Macro viruses are 'mini - programs'' written in an internal
programming language (script - language or macro - language) of an
application program such as Word, Excel, etc. These viruses are
typically written to reproduce inside of the document created with this
application. Macro viruses can be executed on any platform on which
there is such a program (and corresponding internal language). They
are not limited to individual computers or only a particular operating
system.

Internet viruses

Email virus A virus that specifically, rather than accidentally, uses

the email system to spread. While virus infected files may be
9
accidentally sent as email attachments, email viruses are aware of
email system functions. They generally target a specific type of email
system (Microsofts Outlook is the most commonly used), harvest
email addresses from various sources, and may append copies of
themselves to all email sent, or may generate email messages
containing copies of themselves as attachments. The best two defenses
against e-mail viruses for the individual user are:

(1) a policy of never opening (for example, double-clicking on) an e-

mail attachment unless you know who sent it and what the attachment
contains, and
(2) installing and using anti-virus software to scan any attachment
before you open it.

Business firewall servers also attempt, but not always successfully, to

filter out e-mail that may carry a virus attachment.The Melissa
virus macro virus and the ILOVEYOU virus are among the most
famous e-mail viruses. Each of these also spawned copycat variations
with different words in the subject line.

WORM AND TROJAN HORSE

Worm is a small computer program that uses computer networks
and security holes to replicate itself from computer to computer. The
most common way of spreading worms is through email or IRC
channels. As a condition of replication requires a computer network
(usually the Internet). Using it, the program searches the network and
finds computers with specific vulnerabilities. Further itself copies to
another machine, until it is discovered and removed.

There are two types of worms:

- Worm in home computer (HOST WORM) and

10
- NETWORK WORM).

HOST WORM is located in host computer, and connection to

the network only use for his propagation to other computers. This type
of worm after he start up his copy on a new compromised computer,
destroys original copy. In this way, at a certain point somewhere on
the network there is still one copy of the worm. This type of worm is
also known as '' rabbit '' (RABBIT) precisely because it constantly
escapes around the network.
NETWORK WORM spread directly over the LAN [Local
Area Network] or across the Internet, often making use of a specific
vulnerability. It consists of several parts, segments, each of which runs
on a different computer in the network and usually each segment
carries out a different function using the network for a particular
communication purpose. The network worm that has one main
segment which coordinates the work of other segments of the network
is also known as (OCTOPUS). 19th July 2001 there was a Code Red
worm that in less than nine hours replicated 250,000 times. He
attacked the Windows platform, and to NT and 2000 servers. The
characteristic of of worms is that in addition to the standard
replication, cause further harm. Code Red is replicated first 20 days of
the month, then he changed the content of websites on infected servers
page under the name Hacked by Chinese. Code Red slowed down
Internet traffic so he could replicate. Each copy checks if Windows
NT or Windows 2000 server has installed security patch, and if it
determines that there is no patch copies on it. That new copy works
the same as the original, until it is discovered and removed.
Trojan horse
In computing, Trojan horse, or Trojan, is any malicious computer
program which is used to hack into a computer by misleading users of
its true intent. The term is derived from the Ancient Greek story of
the wooden horse that was used to help Greek troops invade the city
of Troy by stealth. During the night, soldiers who had been hiding

11
inside the horse emerged, opened the city's gates to let their fellow
soldiers in and then overran the city.
Unlike computer viruses and worms, Trojans generally do not
attempt to inject themselves into other files or otherwise propagate
themselves. Attackers have long used Trojan horses as a way to trick
end users into installing malware. Typically, the malicious
programming is hidden within an innocent-looking email attachment
or free program, such as a game. When the user downloads the Trojan
horse, the malware that is hidden inside is also downloaded. Once
inside the computing device, the malicious code can execute whatever
task the attacker designed it to carry out.
A Trojan horse containing malware may also be referred to as
simply a Trojan or a Trojan horse virus. Unlike a true virus, however,
malware in a Trojan horse does not replicate itself, nor can it
propagate without the end user's assistance. Because the user is often
unaware that he has installed a Trojan horse, the computing device's
security depends upon its antimalware software recognizing the
malicious code, isolating it and removing it.
Unexpected changes to computer settings and unusual activity
even when the computer should be idle are strong indications that a
Trojan or other malware is residing on a computer. To avoid being
infected by Trojan malware, users should keep their antivirus software
up to date, never download files or programs from untrusted sources,
and always scan new files with antivirus software before opening
them.

Back Orifice consists of two key pieces: a client application and

a server application. The way in which Back Orifice works is that the
client application runs on one machine and the server application runs
on a different machine. The client application connects to another
machine using the server application. The confusing part is the server
installed on the victim. Many people may be confused by this because
it does not seem logical, but that is how it works. The only way for the

12
server application of Back Orifice to be installed on a machine is for it
to be installed deliberately. Obviously, the Trojan does not come with
a default installation of Windows 2000, so you must find a way to get
the victim to install it.
There are various types of Trojans that damage victim machines
or threaten data integrity, or impair the functioning of the victims
machine. Multi-purpose Trojans are also included some virus writers
have created multi-functional Trojans rather than Trojan packs. Some
types of Trojans as listed below;

PSW Trojan
Trojan Droppers
Rootkits
Arcbomb
Trojan Downloaders
Trojan Proxies
Trojan Spies
Trojan Notifiers
Backdoors.

ANTIVIRUS PROGRAMS
They represent the first level of protection against viruses and
Trojans. These software packages are able to detect, isolate and (or)
eliminate viruses. All antivirus programs consist of several parts. One
part of it '' Monitor '' is memory-resident and provides continuous
protection against viruses, while the second part '' Scan 'allows
scanning the entire system. Antivirus are today an essential piece of
software that everyone should have installed on computer. These
programs include various methods of monitoring and protecting your
computer against malicious code. Usually there is a protection in real
time and scanning the user's request, while modern versions of these
programs offer a variety of other forms of protection against viruses
that spread via the Internet. There are plenty of companies that
13
develop and offer these programs, and the most famous among them
are: Symantec, Sophos, Panda, Kaspersky ... Today the number of
of known viruses is about 65,000, which hundreds of them are
dangerous. High quality protection is reduced to a caution, using good
antivirus program, regularly update the virus signature.
Type of antivirus programs
The best known and most widely used antivirus programs are:
- NORTON ANTIVIRUS,
- SOPHOS ANTI-VIRUS,
- MCAFFEE,
- PCCLLIN.

NORTON ANTI VIRUS

Norton AntiVirus was an anti-malware software developed and
distributed by Symantec Corporation. It was developed between 1991
and 2014. It used signatures and heuristics to identify viruses. Other
features included in it were e-mail spam filtering and phishing
protection.

Symantec distributed the product as a download, a box copy, and as

OEM software. Norton AntiVirus and Norton Internet Security, a
related product, held a 61% US retail market share for security suites
as of the first half of 2007. Competitors, in terms of market share in
this study, include antivirus products from CA, Trend Micro, and
Kaspersky Lab.
SOPHOS ANTI VIRUS
Sophos Anti-Virus is the virus protection software recommended by
MIT. This software detects and cleans up viruses, Trojans, worms,
spyware, adware and other potentially unwanted applications. Of
course, he is the shadow of the leading Norton and McAffee tools that
14
are still a class above Sophos. For a simple program such as this has to
go through an installation that to users is not so normal. After that, the
program will be placed in memory and expect unwanted virus attacks.
The search for viruses can be divided into two types. One of them is
the one when user requests in the case of suspected infection -
scanning. The second is automatic, which the program performs in the
background. The second is automatic, which the program performs in
the background. This second type is based on a review of files which
the operating system currently access with all files at any time that
could be a potential danger. The review is based on the Sophos
InterCheck technology, which has a client - server support from the
local network. On a single server, files with Sophos server installation,
keep information about activities Sophos client applications, and any
founded viruses, which increases network security. Of course there are
those standard features, such as viewing a wide variety of files,
scheduling regular reviews etc. For the installation of new virus
definition, there is no mechanism for automatic upgrades, so the user
has to do it manually, via the web producer's web site. Sophos as a
quality antivirus tool has a lot of options but it is still undefined.

NOD32
ESET NOD32 Antivirus, commonly known as NOD32, is an
antivirus software package made by the Slovak company ESET. ESET
NOD32 Antivirus is sold in two editions, Home Edition and Business
Edition. The Business Edition packages add ESET Remote
Administrator allowing for server deployment and management,
mirroring of threat signature database updates and the ability to install
on Microsoft Windows Server operating systems. NOD32 has
accumulated sixty seven VB100 awards from Virus Bulletin; it has
thrice failed to receive this award. To install this antivirus software it
requires little space, so that there's enough space for other programs.
NOD32 antivirus tool is characterized by transparent graphical
interface. For detection of the virus it need's to specify the scanning
area, to define the action that will be executed when the program finds
15
a virus and in the Setup options to determine the mode. Once the
certain basic items are scanned, the machine scans with action Scan,
or cleans with command Clean. While scanning, NOD32 memory
will detect viruses, worms and Trojans; and also archives like (ZIP,
RAR, ARJ, ...). In addition to the basic settings, NOD32 has an
integrated control center that takes care of updating the entire system
NOD32. Except the Control Center, NOD32 contains a tiny program
Amon who is ''access scanner for Windows 95, 98, ME, NT, 2000 and
XP platforms'', which prevents the opening infected files, scans the
floppy drive when you open and shut down, sends notice of the
infected e-mail which is automatically activated at system startup.
Average of other antivirus tools is 825 seconds, while NOD32 is
performed for 135 seconds (Scan Rate).
PANDA ANTIVIRUS TITANIUM
Panda Antivirus Titanium is a Security software developed by Panda
Security. Panda Antivirus Titanium is the latest generation of antivirus
software. Its innovative technology and ease of use make it the most
powerful antivirus on the market. Panda Antivirus Titanium features a
new UltraFast scan engine, 30 faster than its predecessors, Panda's
exclusive SmartClean technology, which not only disinfects viruses
but also restores system settings damaged by the latest trojan horse
technologies, and its low use of system resources. Coupled with a new
best-of-breed truly automatic update system which takes advantage of
your Internet connection to transparently update the virus signature
files incrementally and its new innovative ease of use interface, Panda
Antivirus Titanium is the first truly 'install-and-forget' antivirus for the
home user. It contains all the options necessary for a quality
computers protection and elegant setting options. It is intended for
home users and anyone with lower configurations.
The company Panda Software was founded in 1990. and so far has
achieved good results in the field of network solutions. After
installation Panda is placed in memory, where it works invisibly and
without occupies minimal memory resources. Its activity focuses on
the files that are in some ways changed (copying, opening, recording
16
of certain programs, etc.). The user can choose to run a system scan,
which is done through so-called. Search engines (Search Engine).
Antivirus methodes
SCANNERS
The working principle of the antivirus scanner is based on checking
the files, sectors and system memory for known and unknown
malicious code. The search for known viruses is called masking.
Virus '' mask '' is a specific piece of code contained in a virus. If a
file does not contain a mask (that part of the code) or the size of the
mask is insufficient, it should use other methods to find viruses.
Scanners are divided into two categories:
- general and
- special.
General - scanners are designed to find and disable all types of
viruses for a particular type of operating system.
Special - finds a limited number of viruses or certain types of
viruses, such as macro viruses. Scanners are divided into resident
and non-resident (check system only if it is requested by them).
Resident system provide better protection, because he react
immediately upon the occurrence of the virus, while non-resident
virus is detected only when they are running.
CRC SCANNERS works by calculating the CRC sums for the
current disk, file system or sector. CRC sums contain a database
with information such as file size, date and so on. They compare
the information to the database and control 18 values. If the data in
the database are different from those that the scanner found, that
indicate the possible presence of a virus on your computer.
CRC scanners use powerful anti - stealth algorithms against viruses
and often it occurs that viruses can be detected only by this method.
The problem with these types of scanners is that they can not
register for viruses infecting the system at the moment, because

17
 they have not yet made the necessary changes to sis files. CRC
scanners can not detect the existence of viruses in incoming files,
such as e-mail, floppy disks, restored backup files unpacked
archives, etc., Because their base don't have information about
them.

BEHAVIOUR BLOCKERS - are memory resident applications

that '' listen '' reaction viruses and notify the user. Such information
may occur during startup of executable files, write to the boot
sector ... The good qualities of the blocker is that stops the
execution of the virus at the time of infection and the bad is that
they very often make mistakes.

NETWORK VIRUSES
This type of virus spreads through the global network - Internet.
The way they are spreading is varied. The most common way of
spreading the virus is one of the most commonly used Internet 19
service, e-mail. Besides e-mail, network virus can 'earn' 'and in other
ways - in the newsgroup, over IRC, ICQ or by downloading
unsolicited files. Many of these viruses take control of a computer, so
that malicious allow access to files on the disk, screen or data that the
user types to the keyboard in the infected computer. Virus, like
program, via e-mail or news groups can come as an attachment. When
it downloads from a Web site or FTP address, the program is that file
that is downloaded to the virus, which are often 'packaged' as a
product catalog, greeting card for holiday and the like. However, all
have one thing in common - they are all executable files, ie. programs.
Under Windows operating system, executable programs all files
ending with .exe. This is very important, because there are cases that
files which carry viruses have the name picture.jpg.exe or
katalog.txt.exe. Even if it writes slika.jpg this is not a picture, but a
program. Upon execution, this program may actually show an image,
but almost certainly will infect your computer with a virus.

18
Bad Attachments
If it happen to get a message that has attachments (files attached
to the message) it should not be opened immediately. This creates the
danger of starting the attachment that infects your computer.
Unfortunately, most modern programs for e-mail, including the far the
most popular Microsoft Outlook Express often do not show that the
type of an attached file. It shows only his name. All e-mail programs
allow recording files on the disc. The best thing would be for every
attachment that arrives, to burn to disc, and then check it out.
Checking the recorded file starts with checking which type it is.
If it really comes to images (.gif, .jpg, .bmp) or text (.txt, .asc) then it
is safe to open. If it is about the document of the popular word
processor, Word (.doc), an executable file (.exe, .com, .bot, .cmd) or
something unknown, it is necessary to scan that directory with
antivirus program. Everything that is said for the the e-mail
attachments, goes for attachments from news groups. Files that are
downloaded from the Web or FTP address is are not anything different
from attachment. With them you have to be careful as much, if not
more.
Network protection
Network security consists of the policies and practices adopted
to prevent and monitor unauthorized access, misuse, modification, or
denial of a computer network and network-accessible resources.
Network security involves the authorization of access to data in a
network, which is controlled by the network administrator. Users
choose or are assigned an ID and password or other authenticating
information that allows them access to information and programs
within their authority. Network security covers a variety of computer
networks, both public and private, that are used in everyday jobs;
conducting transactions and communications among businesses,
government agencies and individuals.
Networks can be private, such as within a company, and others
which might be open to public access. Network security is involved in

19
organizations, enterprises, and other types of institutions. It does as its
title explains: It secures the network, as well as protecting and
overseeing operations being done. The most common and simple way
of protecting a network resource is by assigning it a unique name and
a corresponding password.
Network security starts with authenticating, commonly with a
username and a password. Since this requires just one detail
authenticating the user namei.e., the passwordthis is sometimes
termed one-factor authentication. With two-factor authentication,
something the user 'has' is also used (e.g., a security token or 'dongle',
an ATM card, or a mobile phone); and with three-factor
authentication, something the user 'is' is also used (e.g., a fingerprint
or retinal scan).

Once authenticated, a firewall enforces access policies such as

what services are allowed to be accessed by the network users.Though
effective to prevent unauthorized access, this component may fail to
check potentially harmful content such as computer worms or Trojans
being transmitted over the network. Anti-virus software or an intrusion
prevention system (IPS) help detect and inhibit the action of such
malware.
An anomaly-based intrusion detection system may also monitor the
network like wireshark traffic and may be logged for audit purposes
and for later high-level analysis. Newer systems combining
unsupervised machine learning with full network traffic analysis can
detect active network attackers from malicious insiders or targeted
external attackers that have compromised a user machine or account.

Communication between two hosts using a network may be encrypted

to maintain privacy.

20
SIX GOLDEN RULES IN ANTIVIRUS PROTECTION

Step 1: Make sure to install some antivirus tools! Even though there
is no absolute protection against viruses, installation and proper
adjustment of some of these programs significantly reduce the
possibility of infection.
Step 2: Regularly update antivirus definitions. Set tools to
automatically '' remove '' the latest virus definitions. If an antivirus
program does not support automatic refresh (which is unlikely), then
this is done manually from the company site. This step is very
important because it occurs daily around thirteen new virus.
Refreshing base we give the possibility to antivirus tool that protects
your computer from a large number of viruses.
Step 3: Set your antivirus software to automatically scan all files. By
checking all files, not just the executive, protection is complete and it
prevents the spread of the virus. Attention should be paid to
incorporate scanning compressed files (optional Scan Compressed
Files)
Step 4: Scan all files that come from the Internet. First of all, it is
necessary to scan all incoming and outgoing e-mail messages. Email is
now the most common way of spreading viruses. Also, many websites
contain software that could be infected. So by scanining all files
copied from the Internet will protect them.
Step 5: Periodically scan the entire disk. Regularly scan the entire disk
(or partitions, if the disk is partitioned). The scanning process can take
time because it depends on the size of the hard drive and the number
of files which disposes. Therefore, i tis not so bad to leave a computer
to scan during night.
Step 6: Scan the hard drive after installing the software. After the
installation of various tools (especially those that are copied from the
Internet) scan the hard drive or the location to which the software is

21
installed. It may happen that compressed archive are infected by
viruses.It may be that compressed archive to be infected by viruses.

LITERATURE

1. http://vesti.serbiancafe.ws/index.php?
str=opsirnije&kat=10&vid=6446
2. https://promos.mcafee.com/offer.aspx?
id=1016765&clickid=2%3Arz%3AgxugXE4zSd3Fz0-
JT1WUkkTraR4PWQ-

22
 Rk0&lqmcat=Affiliate:IR:null:206606:13696:13696:null&utm_
medium=affiliate&utm_source=IR&affiliateProgramType=1249
3. Prof.dr Vesna Aleksi- Mari, prof.dr Duanka Stojanovi
Informacioni sistemi, Drugo, neimjenjeno izdanje, Ekonomski
fakultet, Banja Luka, 2005.godine,
4. Ladislav Krasny, lanak u asopisu ''INFO'' Br-522/00, str.43-55,
5. Samir Leme, dipl. ing. ma., Muhamed Muji, ''PC nije bauk'',
Zenica, Mart 1998. godine.

23