VIRUS DEFINITION AND MANUAL REMOVAL

 What are Computer Viruses?

 Types of Viruses?

 What is Virus?

 What is Worm?

 What is Trojan Horse?

 What is Spam?

 What is Boot sector Viruses?

 What is Spyware and Adware?

 How does a virus infect your computer?

 Symptoms of Infected Computer

 What are Computer Viruses?

Computer viruses are software programs that invade a computer system to wreck havoc
with computer files or the computer users themselves. Some are benign causing nothing
more than a nuisance while others can delete files or even destroy computer hardware.
Typically viruses are programmed to reproduce themselves and spread from one

1
computer system to another, just like a normal human virus spreads via human contact
throughout the population. Computer viruses can be spread via diskettes or other
removable media, by way of email attachments, or in some cases simply by being
connected to the Internet and not protected.

 Types of Viruses?
Computer viruses are categorized into four main types: boot sector, file or program,
macro, and multipartite viruses.

Boot sector viruses are usually transmitted when an infected floppy disk is left in the
drive and the system is rebooted. The virus is read from the infected boot sector of the
floppy disk and transferred to the master boot record of the system's hard drive.  Then,
whenever the computer is booted up, the virus will be loaded into the system's memory.
Any floppy disk formatted as a bootable disk in the infected machine would contain the
virus and spread itself to other machines.

Program or file viruses are software programs that attach themselves to executable
programs. Once the infected program is run, the virus is transferred to your system's
memory and may replicate itself further. It may spread to all the files on a hard drive or to
files of a specific type. Common viruses such as Happy99, Pretty Park, and the
ILOVEYOU worm can be classified as this type.

Macro viruses are currently the most commonly found viruses. They infect files run by
applications that use macro languages, like Microsoft Word or Excel. The virus looks like
a macro in the file, and when the file is opened, the virus can execute commands
understood by the application's macro language. The infamous Melissa virus is a macro
virus as well as the common Laroux Excel spreadsheet virus.

Multipartite viruses have characteristics of both boot sector viruses and file viruses.
They may start out in the boot sector and spread to applications, or vice versa.

 What is Virus?
A virus is a manmade program or piece of code that causes an unexpected, usually
negative, event. Viruses are often disguised games or images with clever marketing
titles such as "Me, nude."

In terms of sheer number of viruses, these are the most common kind. The simplest file
viruses work by locating a type of file that they know how to infect (usually a file name
ending in ".COM" or ".EXE") and overwriting part of the program they are infecting.
When this program is executed, the virus code executes and infects more files. These
overwriting viruses do not tend to be very successful since the overwritten program
rarely continues to function correctly and the virus is almost immediately discovered. The
more sophisticated file viruses modify the program so that the original instructions are
saved and executed after the virus finishes. Just as system sector viruses can remain
resident in memory and use "stealth" techniques to hide their presence, file viruses can
hide this way also. If you do a directory listing, you will not see any increase in the length
of the file and if you attempt to read the file, the virus will intercept the request and return
your original uninfected program to you.

2
Logic Bombs
Just like a real bomb, a logic bomb will lie dormant until triggered by some event.
The trigger can be a specific date, the number of times executed, a random
number, or even a specific event such as deletion of an employee's payroll
record. When the logic bomb is triggered it will usually do something unpleasant.
This can range from changing a random byte of data somewhere on your disk to
making the entire disk unreadable. The changing of random data on disk may be
the most insidious attack since it would do a lot of damage before it would be
detected.

 What is Worm?
Computer Worms are viruses that reside in the active memory of a computer and
duplicate themselves. They may send copies of themselves to other computers, such as
through email or Internet Relay Chat (IRC).

Worms
A worm is a self-reproducing program which does not infect other programs as a
virus will, but instead creates copies of itself, which create even more copies.
These are usually seen on networks and on multi-processing operating systems,
where the worm will create copies of itself which are also executed. Each new
copy will create more copies quickly clogging the system. The so called Morris
ARPANET/INTERNET "virus" was actually a worm. It created copies of itself
through the ARPA network, eventually bringing the network to its knees. It did not
infect other programs as a virus would, but simply kept creating copies of itself
which would then execute and try to spread to other machines.

 What is Trojan Horse?

Trojans
These are named after the Trojan horse which delivered soldiers into the city of
Troy. Likewise, a trojan program is a delivery vehicle for some destructive code
(such as a logic bomb or a virus) onto a computer. The trojan program appears
to be a useful program, but when a certain event occurs, it will attack your PC in
some way.

A Trojan horse program is a malicious program that pretends to be a benign application;

a Trojan horse program purposefully does something the user does not expect. Trojans
are not viruses since they do not replicate, but Trojan horse programs can be just as
destructive.
Many people use the term to refer only to non-replicating malicious programs, thus
making a distinction between Trojans and viruses

 What is Spam?
Simply put, spam is Unsolicited Commercial Email. But you may ask, well, if it is actually
called Unsolicited Commercial Email, where in the world did the nickname 'spam' come
from? Well, if anyone is familiar with Monty Python, they may know of a skit where the
waitress offers spam with each entree though the customer doesn't want it. Furthermore,
there is a Viking Choir who bursts out into song about how wonderful spam actually is.

3
Spam is pretty much like the skit. Nobody wants to have spam, but we get it anyway, just
like the waitress offers spam but the customer doesn't want it.

 What is Boot sector Viruses?

System Sector Viruses (AKA Boot Sector Viruses)

These are viruses which plant themselves in your system sectors. System sectors are
special areas on your disk containing programs that are executed when you boot your
PC. Sectors are not files but simply small areas on your disk that your hardware reads in
single chunks. Under DOS, sectors are most commonly 512 bytes in length. These
sectors are invisible to normal programs but are vital for correct operation of your PC.
They are a common target for viruses. There are two types of system sectors found on
DOS PCs, DOS boot sectors and partition sectors (also known as Master Boot Records
or MBRs). If the term boot sector is new to you, then please read the page on system
sectors for more details on why system sectors are important and how they work.

 What is Spyware and Adware?

SPYWARE and ADWARE ISSUE

Freeware is a great concept. Advertiser supported software that doesn't cost you
anything, but is it really free? All you have to do is give your name, address, phone, e-
mail, and some other general information. Not a bad trade-off, right? But, what if your
personal information was also stored elsewhere on your hard drive, and  transmitted
your personal data via the Internet back to advertisers in exchange for more advertising?
Ah, now is it free or is it spyware aka adware.

Advertising Supported software (adware) is the most common, however some

programs (spyware) will spy on your activities as well for market research.  Adware is a
way for shareware authors to make money from a product, other than by selling it to the
users. There are several large media companies Web3000, EverAd, and Aureate, just to
name a few, that offer to place banner ads in their products in exchange for a portion of
the revenue from banner sales. This way, you don't have to pay for the software and the
developers are still getting paid. If you find the banners annoying, there is usually an
option to remove them, by paying the regular licensing fee.

The problem with Adware is the concept of reporting your Internet surfing habits back
home for data collection purposes. If this bothers you, then removing the spyware from
your system might be a consideration.

Go Hip and Bonzi Buddy don't necessarily tranmit data back home but they are hard to
remove Internet programs that seem to find their way onto your hard drive as well.

 How does a virus infect your computer?

4
Years ago, only certain types of files (generally executable files like program files) could
be carriers of a virus, however with the invention of macro languages in programs like
Microsoft Word or Excel, and the use of Javascript in web page building, almost any type
of data could theoretically carry a virus. The most common way a computer is infected
with a virus today is through the use of a floppy disk containing data from another
computer, or through the use of the Internet with email, IRC, or other online
communication.

Because viruses are becoming more clever, no one should be using a computer that
does not have anti-virus software running on it. The more you use a computer, the more
likely it is you will encounter a virus.

 Symptoms of Infected Computer

 Computer slows down without reason

 Unusual messages or displays on your monitor
 Unusual sounds or music played at random times
 Your system has less available memory than it should
 A disk or volume name has been changed
 Programs or files are suddenly missing
 Unknown programs or files have been created
 Some of your files become corrupted or suddenly don't work properly.

5
6