Worst Computer Virus 1: Storm Worm

The latest virus on our list is the dreaded Storm Worm. It was late 2006 when computer security experts first identified the worm. The public began to call the virus the Storm Worm because one of the e-mail messages carrying the virus had as its subject "230 dead as storm batters Europe." Antivirus companies call the worm other names. For example, Symantec calls it Peacomm while McAfee refers to it as Nuwar. This might sound confusing, but there's already a 2001 virus called the W32.Storm.Worm. The 2001 virus and the 2006 worm are completely different programs.

Gabriel Bouys/AFP/Getty Images
Professor Adi Shamir of the Weizmann Institute of Sciences in Israel is the leader of the Anti-Spyware Coalition.

The Storm Worm is a Trojan horse program. Its payload is another program, though not always the same one. Some versions of the Storm Worm turn computers into zombies or bots. As computers become infected, they become vulnerable to remote control by the person behind the attack. Some hackers use the Storm Worm to create a botnet and use it to send spam mail across the Internet.

Many versions of the Storm Worm fool the victim into downloading the application through fake links to news stories or videos. The people behind the attacks will often change the subject of the e-mail to reflect current events. For example, just before the 2008 Olympics in Beijing, a new version of the worm appeared in e-mails with subjects like "a new deadly catastrophe in China" or "China's most deadly earthquake." The e-mail claimed to link to video and news stories related to the subject, but in reality clicking on the link activated a download of the worm to the victim's computer [source: McAfee].

Several news agencies and blogs named the Storm Worm one of the worst virus attacks in years. By July 2007, an official with the security company Postini claimed that the firm detected more than 200 million e-mails carrying links to the Storm Worm during an attack that spanned several days [source: Gaudin]. Fortunately, not every e-mail led to someone downloading the worm.

Although the Storm Worm is widespread, it's not the most difficult virus to detect or remove from a computer system. If you keep your antivirus software up to date and remember to use caution when you receive e-mails from unfamiliar people or see strange links, you'll save yourself some major headaches.

Worst Computer Virus 2: Leap-A/Oompa-A

Maybe you've seen the ad in Apple's Mac computer marketing campaign where Justin "I'm a Mac" Long consoles John "I'm a PC" Hodgman. Hodgman comes down with a virus and points out that there are more than 100,000 viruses that can strike a computer. Long says that those viruses target PCs, not Mac computers.

For the most part, that's true. Mac computers are partially protected from virus attacks because of a concept called security through obscurity. Apple has a reputation for keeping its operating system (OS) and hardware a closed system -- Apple produces both the hardware and the software. This keeps the OS obscure. Traditionally, Macs have been a distant second to PCs in the home computer market. A hacker who creates a virus for the Mac won't hit as many victims as he or she would with a virus for PCs.

But that hasn't stopped at least one Mac hacker. In 2006, the Leap-A virus, also known as Oompa-A, debuted. It uses the iChat instant messaging program to propagate across vulnerable Mac computers. After the virus infects a Mac, it searches through the iChat contacts and sends a message to each person on the list. The message contains a corrupted file that appears to be an innocent JPEG image.

The Leap-A virus doesn't cause much harm to computers, but it does show that even a Mac computer can fall prey to malicious software. As Mac computers become more popular, we'll probably see more hackers create customized viruses that could damage files on the computer or snarl network traffic. Hodgman's character may yet have his revenge.

Worst Computer Virus 3: Sasser and Netsky

Sometimes computer virus programmers escape detection. But once in a while, authorities find a way to track a virus back to its origin. Such was the case with the Sasser and Netsky viruses. A 17-year-old German named Sven Jaschan created the two programs and unleashed them onto the Internet. While the two worms behaved in different ways, similarities in the code led security experts to believe they both were the work of the same person.

David Hecker/AFP/Getty Images
Sven Jaschan, creator of the Sasser and Netsky viruses, leaves the Verden Court.

The Sasser worm attacked computers through a Microsoft Windows vulnerability. Unlike other worms, it didn't spread through e-mail. Instead, once the virus infected a computer, it looked for other vulnerable systems. It contacted those systems and instructed them to download the virus. The virus would scan random IP addresses to find potential victims. The virus also altered the victim's operating system in a way that made it difficult to shut down the computer without cutting off power to the system.

The Netsky virus moves through e-mails and Windows networks. It spoofs e-mail addresses and propagates through a 22,016-byte file attachment [source: CERT]. As it spreads, it can cause a denial of service (DoS) attack as systems collapse while trying to handle all the Internet traffic. At one time, security experts at Sophos believed Netsky and its variants accounted for 25 percent of all computer viruses on the Internet [source: Wagner].

Sven Jaschan spent no time in jail; he received a sentence of one year and nine months of probation. Because he was under 18 at the time of his arrest, he avoided being tried as an adult in German courts.

Worst Computer Virus 4: MyDoom

The MyDoom (or Novarg) virus is another worm that can create a backdoor in the victim computer's operating system. The original MyDoom virus -- there have been several variants -- had two triggers. One trigger caused the virus to begin a denial of service (DoS) attack starting Feb. 1, 2004. The second trigger commanded the virus to stop distributing itself on Feb. 12, 2004. Even after the virus stopped spreading, the backdoors created during the initial infections remained active [source: Symantec].

Later that year, a second outbreak of the MyDoom virus gave several search engine companies grief. Like other viruses, MyDoom searched victim computers for e-mail addresses as part of its replication process. But it would also send a search request to a search engine and use e-mail addresses found in the search results. Eventually, search engines like Google began to receive millions of search requests from corrupted computers. These attacks slowed down search engine services and even caused some to crash [source: Sullivan].

MyDoom spread through e-mail and peer-to-peer networks. According to the security firm MessageLabs, one in every 12 e-mail messages carried the virus at one time [source: BBC]. Like the Klez virus, MyDoom could spoof e-mails so that it became very difficult to track the source of the infection.

Worst Computer Virus 5: SQL Slammer/Sapphire

In late January 2003, a new Web server virus spread across the Internet. Many computer networks were unprepared for the attack, and as a result the virus brought down several important systems. The Bank of America's ATM service crashed, the city of Seattle suffered outages in 911 service and Continental Airlines had to cancel several flights due to electronic ticketing and check-in errors.

Chung Sung-Jun/Getty Images
The Slammer virus hit South Korea hard, cutting it off from the Internet and leaving Internet cafes like this one relatively empty.

The culprit was the SQL Slammer virus, also known as Sapphire. By some estimates, the virus caused more than $1 billion in damages before patches and antivirus software caught up to the problem [source: Lemos]. The progress of Slammer's attack is well documented. Only a few minutes after infecting its first Internet server, the Slammer virus was doubling its number of victims every few seconds. Fifteen minutes after its first attack, the Slammer virus infected nearly half of the servers that act as the pillars of the Internet [source: Boutin].

The Slammer virus taught a valuable lesson: It's not enough to make sure you have the latest patches and antivirus software. Hackers will always look for a way to exploit any weakness, particularly if the vulnerability isn't widely known. While it's still important to try and head off viruses before they hit you, it's also important to have a worst-case-scenario plan to fall back on should disaster strike.

Worst Computer Virus 6: Nimda

Another virus to hit the Internet in 2001 was the Nimda (which is admin spelled backwards) worm. Nimda spread through the Internet rapidly, becoming the fastest propagating computer virus at that time. In fact, according to TruSecure CTO Peter Tippett, it only took 22 minutes from the moment Nimda hit the Internet to reach the top of the list of reported attacks [source: Anthes].

The Nimda worm's primary targets were Internet servers. While it could infect a home PC, its real purpose was to bring Internet traffic to a crawl. It could travel through the Internet using multiple methods, including e-mail. This helped spread the virus across multiple servers in record time.

The Nimda worm created a backdoor into the victim's operating system. It allowed the person behind the attack to access the same level of functions as whatever account was logged into the machine currently. In other words, if a user with limited privileges activated the worm on a computer, the attacker would also have limited access to the computer's functions. On the other hand, if the victim was the administrator for the machine, the attacker would have full control.

The spread of the Nimda virus caused some network systems to crash as more of the system's resources became fodder for the worm. In effect, the Nimda worm became a distributed denial of service (DDoS) attack.

SMobile Systems
The Symbian Skull Virus affects cell phones, causing them to display a series of skull images like this.

Worst Computer Virus 7: Code Red and Code Red II

The Code Red and Code Red II worms popped up in the summer of 2001. Both worms exploited an operating system vulnerability that was found in machines running Windows 2000 and Windows NT. The vulnerability was a buffer overflow problem, which means when a machine running on these operating systems receives more information than its buffers can handle, it starts to overwrite adjacent memory.

The original Code Red worm initiated a distributed denial of service (DDoS) attack on the White House. That means all the computers infected with Code Red tried to contact the Web servers at the White House at the same time, overloading the machines.

A Windows 2000 machine infected by the Code Red II worm no longer obeys the owner. That's because the worm creates a backdoor into the computer's operating system, allowing a remote user to access and control the machine. In computing terms, this is a system-level compromise, and it's bad news for the computer's owner. The person behind the virus can access information from the victim's computer or even use the infected computer to commit crimes. That means the victim not only has to deal with an infected computer, but also may fall under suspicion for crimes he or she didn't commit.

While Windows NT machines were vulnerable to the Code Red worms, the viruses' effect on these machines wasn't as extreme. Web servers running Windows NT might crash more often than normal, but that was about as bad as it got. Compared to the woes experienced by Windows 2000 users, that's not so bad.

Microsoft released software patches that addressed the security vulnerability in Windows 2000 and Windows NT. Once patched, the original worms could no longer infect a Windows 2000 machine; however, the patch didn't remove viruses from infected computers -- victims had to do that themselves.

Worst Computer Virus 8: The Klez Virus

The Klez virus marked a new direction for computer viruses, setting the bar high for those that would follow. It debuted in late 2001, and variations of the virus plagued the Internet for several months. The basic Klez worm infected a victim's computer through an e-mail message, replicated itself and then sent itself to people in the victim's address book. Some variations of the Klez virus carried other harmful programs that could render a victim's computer inoperable. Depending on the version, the Klez virus could act like a normal computer virus, a worm or a Trojan horse. It could even disable virus-scanning software and pose as a virus-removal tool [source: Symantec].

Shortly after it appeared on the Internet, hackers modified the Klez virus in a way that made it far more effective. Like other viruses, it could comb through a victim's address book and send itself to contacts. But it could also take another name from the contact list and place that address in the "From" field in the e-mail client. It's called spoofing -- the e-mail appears to come from one source when it's really coming from somewhere else.

Spoofing an e-mail address accomplishes a couple of goals. For one thing, it doesn't do the recipient of the e-mail any good to block the person in the "From" field, since the e-mails are really coming from someone else. A Klez worm programmed to spam people with multiple e-mails could clog an inbox in short order, because the recipients would be unable to tell what the real source of the problem was. Also, the e-mail's recipient might recognize the name in the "From" field and therefore be more receptive to opening it.

Worst Computer Virus 9: ILOVEYOU:

A year after the Melissa virus hit the Internet, a digital menace emerged from the Philippines. Unlike the Melissa virus, this threat came in the form of a worm -- it was a standalone program capable of replicating itself. It bore the name ILOVEYOU.

Robyn Beck/AFP/Getty Images
A screenshot of the ILOVEYOU computer virus

The ILOVEYOU virus initially traveled the Internet by e-mail, just like the Melissa virus. The subject of the e-mail said that the message was a love letter from a secret admirer. An attachment in the e-mail was what caused all the trouble. The original worm had the file name of LOVE-LETTER-FOR-YOU.TXT.vbs. The vbs extension pointed to the language the hacker used to create the worm: Visual Basic Scripting [source: McAfee].

According to anti-virus software producer McAfee, the ILOVEYOU virus had a wide range of attacks:

• It copied itself several times and hid the copies in several folders on the victim's hard drive.
• It added new files to the victim's registry keys.
• It replaced several different kinds of files with copies of itself.
• It sent itself through Internet Relay Chat clients as well as e-mail.
• It downloaded a file called WIN-BUGSFIX.EXE from the Internet and executed it. Rather than fix bugs, this program was a password-stealing application that e-mailed secret information to the hacker's e-mail address.

Who created the ILOVEYOU virus? Some think it was Onel de Guzman of the Philippines. Filipino authorities investigated de Guzman on charges of theft -- at the time the Philippines had no computer espionage or sabotage laws. Citing a lack of evidence, the Filipino authorities dropped the charges against de Guzman, who would neither confirm nor deny his responsibility for the virus. According to some estimates, the ILOVEYOU virus caused $10 billion in damages [source: Landler].

Worst Computer Viruses NUMBER 10 of All Time :

A courtroom photo of David L. Smith, the alleged creator of the Melissa virus.

Worst Computer Virus 10 Melissa:

In the spring of 1999, a man named David L. Smith created a computer virus based on a Microsoft Word macro. He built the virus so that it could spread through e-mail messages. Smith named the virus "Melissa," saying that he named it after an exotic dancer from Florida [source: CNN].

Rather than shaking its moneymaker, the Melissa computer virus tempts recipients into opening a document with an e-mail message like "Here is

that document you asked for, don't show it to anybody else." Once activated, the virus replicates itself and sends itself out to the top 50 people in the recipient's e-mail address book.

The virus spread rapidly after Smith unleashed it on the world. The United States federal government became very interested in Smith's work -- according to statements made by FBI officials to Congress, the Melissa virus "wreaked havoc on government and private sector networks" [source: FBI]. The increase in e-mail traffic forced some companies to discontinue e-mail programs until the virus was contained.

After a lengthy trial process, Smith lost his case and received a 20-month jail sentence. The court also fined Smith $5,000 and forbade him from accessing computer networks without court authorization [source: BBC]. Ultimately, the Melissa virus didn't cripple the Internet, but it was one of the first computer viruses to get the public's attention.

TOP 20 VIRUSES IN THE HISTORY :

1. CREEPER (1971) first worm program ran on a DEC 10 computer under the TOPS TEN operating system.

2. ELK CLONER (1985) first personal computer virus, on the Apple IIe. This was created by a 9th grader

3. THE INTERNET WORM (1985) written by a person at Cornell University which brought the Internet to a standstill.

4. PAKISTANI BRAIN (1988) first virus to infect the IBM PC, written by two brothers from Pakistan. This was the first virus widely covered by the media, although viruses were already well known in Science Fiction.

5. JERUSALEM FAMILY (1990) About fifty different strains of this virus, believed to have come from the University of Jerusalem

6. STONED (1989) the most widespread virus in the first decade of viruses; stoned was a boot sector/.mbr infector that would count the number of reboots from its original infection and display the phrase “your computer is now stoned”

7. DARK AVENGER MUTATION ENGINE (1990) was actually written in 1988, but was only first used in the early nineties in viruses like POGUE and COFFEESHOP. This Mutation Engine was the first real Polymorphism put into use in the wild, and changed virus work forever.

8. MICHEANGELO (1992) a variant of STONED, with a destructive payload. On March 6th, this virus will erase the first 100 sectors of a hard drive, rendering it useless.

9. WORLD CONCEPT (1995) the first Microsoft Word Macro virus in the wild, Word Concept would enter the phrase, “That’s enough to prove my point” This launched the second era of computer viruses, and was important in that it brought computer viruses to a much less skilled level of hacker

10. CIH/CHERNOBYL (1998) The Chernobyl virus was the most destructive virus ever seen, up to it’s time. Hitting on the 26th of any month (depending on the version involved), it would both erase the hard drive, and wipe out the flash ROM BIOS of the computer in question.

11. MELISSA (1999) the first major virus to spread via email, and really the beginning of the Internet virus era. Although Melissa was non destructive, it was disruptive in the fact that it would both replicate and fill email boxes wherever it went.

12. LOVEBUG (2001) the most popular email worm ever, driven purely by social engineering

13. Code RED (2001) named for a popular high caffeine soft drink, this network virus spread without either email or webpage. It located vulnerable computers and infected them all on it’s own.

14. NIMDA (2001). Dubbed “the Swiss Army Knife” of viruses, it used buffer overflows, email, network shares, and ten other methods to gain entry to a network.

15. BAGEL/NETSKY (2004) were viruses designed to demonstrate a fake competition, or war with each other. With hundreds of versions each, and varying amounts of new technology and success, these two worms stayed in the news virtually the entire year.

16. BOTNETS (2004) these zombie warriors of the internet provide Cybercriminals with an endless collection of infected computers that can be reconfigured in networks to forward spam, infecting new people, stealing data—they allow the bad guys to use.

17. ZOTOB (2005) this worm only affected unpatched windows 2000 systems, but managed to take out several major media sites, including CNN and the New York Times

18. ROOTKITS (2005) they have become one of the most popular stealth tools in the world of malicious code. It is used to make other malware invisible by warping the operating system.

19. STORM WORM (2007) the virus went through thousands of iterations, eventually creating the world’s largest botnet. At one time it was believed that more than fifteen million machines were infected at the same time, and in the control of the criminal underworld.

20. ITALIAN JOB (2007) rather than a single piece of malware, the Italian Job was a coordinated attack using a prepackaged tool kit known as MPACK. It involved corrupting more than ten thousand websites, causing them to plant modern Data Stealing Malware.

INFORMATION ABOUT Drivegruard.exe VIRUS

DriveGuard.exe is a virus - Trojan -spyware and its spread by micro-soft.tripod.com. This trojan reaches your computer from unknown source, even if you run any anti-virus, say Kaspersky or McAfee (Internet security suite).

This trojan generates a file called "verupdate.tmp" in the temp folder of the computer and it runs as a system process collecting datas along with the main file driveguard.exe.

After collecting datas it generates a jpg file at internet temp folder and connects to the said tripod site as a process of IE and executes a CGI file at micro-soft.tripod.com. Even though the file has jpg extension, its not a picture file but an exe file.

To remove this, go to task manager, stop the running services of this trojen and then delete it from the program files folder.

It labels itself as windriveguard.exe in the latest varients.

I hope this works. If it dint, then u will have to install a good trojan remover (trojan hunter latest version recomended).

INFORMATION ABOUT Backdoor-SS

Overview -

This is a trojan detection. Unlike viruses, trojans do not self-replicate. They are spread manually, often under the premise that they are beneficial or wanted. The most common installation methods involve system or security exploitation, and unsuspecting users manually executing unknown programs. Distribution channels include email, malicious or hacked web pages, Internet Relay Chat (IRC), peer-to-peer networks, etc.
Aliases
Backdoor.LittleWitch
Backdoor.LittleWitch.B (Symantec)

Characteristics -

This threat is a Low risk and Profiled in the following Tech Live article Wicked Code Emerges for Halloween.

There are many variants of this remote access trojan. This description is meant to be a guide. When this trojan is run it may copy itself to the WINDOWS SYSTEM (%SysDir%) directory as Rundll.exe. The following regsitry key is created to load the trojan at startup:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
\RunServices\Rundll=Rundll.exe
Other registry keys may include:
HKEY_CURRENT_USER\Software\Msn\Date=%Date_Run%
HKEY_LOCAL_MACHINE\Rundll=Rundll.exe
The trojan sends an ICQ pager notification to the author/configurator. This provides the attacker with the necessary information to connect to the compromised system remotely. A .DAT file is created to store trojan information, %WinDir%\usr.dat.

Once infected, a remote attacker can connect to the compromised system to perform various tasks, such as:
Chat
FTP functions
Retrieve logged keystrokes
Retrieve cached passwords
Open/close CD-ROM door
Retrieve configured email account information
Retrieve system information (CPU speed, RAM, Drive space, etc)
Open a remote command console
Swap mouse buttons
Open URLs
Hide/Show
Kill processes
Change screen resolution
Capture screen shots
Play sounds
Shutdown/restart Windows

Symptoms -

TCP Port 31,320 being left opened.

Method of Infection -

Trojans often come disguised as a desired program, but they do not propagate on their own. Once the trojan is run, it installs itself on the local system, and allows a remote attacker to perform various functions.

Manual Removal Instructions

Delete the registry key(s) as mentioned above
Information on deleting registry keys
Restart the computer
Delete the files mentioned above

if dis dint work, try starting ur pc in safe mode n thn use registry mechanic 2 repair ur registry

HOW TO REMOVE SEETE.EXE and SMELF.EXE VIRUS FROM THE COMPUTER

DO THE FOLLOWING TO REMOVE THE VIRUS:

1. Open a Command Prompt window and leave it open.

2. Close all open programs.

3. You now need to close EXPLORER.EXE. The proper way to shutdown Explorer is to raise the "Shut Down Windows" dialog (select "Shut Down..." from the start menu), hold down CTRL+SHIFT+ALT and press the CANCEL button. Explorer will exit cleanly.

Note: The at the 'Shut Down Windows' dialog method of closing Explorer is built into Explorer. (It was specifically designed so that developers

writing Shell Extensions could get Explorer to release their Shell Extension DLLs while debugging them).

4.Go back to the Command Prompt window and change to the directory where the undeletable file is located in. At the command prompt type DEL where is the file you wish to delete.

5.Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.

6.Close Task Manager.

Types of Computer Viruses:

Boot Sector viruses: A boot sector virus infects diskettes and hard drives. All disks and hard drives contain smaller sections called sectors. The first sector is called the boot. The boot carries the Mater Boot Record (MBR). MBR functions to read and load the operating system. So, if a virus infects the boot or MBR of a disk, such as a floppy disk, your hard drive can become infected, if you re-boot your computer while the infected disk is in the drive. Once your hard drive is infected all diskettes that you use in your computer will be infected. Boot sector viruses often spread to other computers by the use of shared infected disks and pirated software applications. The best way to disinfect your computer of the boot sector virus is by using antivirus software.

Program viruses: A program virus becomes active when the program file (usually with extensions .BIN, .COM, .EXE, .OVL, .DRV) carrying the virus is opened. Once active, the virus will make copies of itself and will infect other programs on the computer.

Multipartite viruses: A multipartite virus is a hybrid of a Boot Sector and Program viruses. It infects program files and when the infected program is active it will affect the boot record. So the next time you start up your computer it'll infect your local drive and other programs on your computer.

Stealth viruses: A stealth virus can disguise itself by using certain tactics to prevent being detected by antivirus software. These tactics include altering its file size, concealing itself in memory, and so on. This type of virus is nothing new, in fact, the first computer virus, dubbed Brain, was a stealth virus. A good antivirus should be able to detect a stealth virus lurking on your hard drive by checking the areas the virus infected and evidence in memory.

Polymorphic viruses: A polymorphic virus acts like a chameleon, changing its virus signature (also known as binary pattern) every time it multiples and infects a new file. By changing binary patterns, a polymorphic virus becomes hard to detect by an antivirus program.

Macro Viruses: A macro virus is programmed as a macro embedded in a document. Many applications, such as Microsoft Word and Excel, support macro languages. Once a macro virus gets on to your computer, every document you produce will become infected. This type of virus is relatively new and may slip by your antivirus software if you don't have the most recent version installed on your computer. .

Active X and Java Control: Some users do not know how to manage and control their web browser to allow or prohibit certain functions to work, such as enabling or disabling sound, pop ups, and so on. Leaving your computer in danger of being targeted by unwanted software or adware floating in cyberspace.

HOW TO GET RID OF THE SVCHOST VIRUS:

svchosts.exe is a process which is registered as a trojan. This Trojan allows attackers to access your computer from remote locations, stealing passwords, Internet banking and personal data. This process is a security risk and should be removed from your system.

The svchosts.exe file is installed and used by SpyGraphica

SpyGraphica Description:

SpyGraphica is a commercial PC surveillance application that logs keystrokes and takes screenshots of user activity. It sends gathered data to a configurable e-mail address. SpyGraphica must be manually installed. It automatically runs on every Windows startup.

svchosts.exe Manual Detection

Below are manual removal instructions for svchosts.exe so you can remove the unwanted file from your PC. Always be sure to back up your PC before you modify anything.

Step 1: Use Windows File Search Tool to Find svchosts.exe Path

1. Go to Start > Search > All Files or Folders.
2. In the "All or part of the the file name" section, type in " svchosts.exe" file name(s).
3. To get better results, select "Look in: Local Hard Drives" or "Look in: My Computer" and then click "Search" button.
4. When Windows finishes your search, hover over the "In Folder" of " svchosts.exe", highlight the file and copy/paste the path into the address bar. Save the file's path on your clipboard because you'll need the file path to delete svchosts.exe in the following manual removal steps.

Step 2: Use Windows Task Manager to Remove svchosts.exe Processes

1. To open the Windows Task Manager, use the combination of CTRL+ALT+DEL or CTRL+SHIFT+ESC.
2. Click on the "Image Name" button to search for " svchosts.exe" process by name.
3. Select the " svchosts.exe" process and click on the "End Process" button to kill it.

Step 3: Detect and Delete Other svchosts.exe Files

1. To open the Windows Command Prompt, go to Start > Run > cmd and then press the "OK" button.
2. Type in "dir /A name_of_the_folder" (for example, C:\Spyware-folder), which will display the folder's content even the hidden files.
3. To change directory, type in "cd name_of_the_folder".
4. Once you have the file you're looking for type in del "name_of_the_file".
5. To delete a file in folder, type in "del name_of_the_file".
6. To delete the entire folder, type in "rmdir /S name_of_the_folder".
7. Select the " svchosts.exe" process and click on the "End Process" button to kill it.

How to protect your computer against viruses

To protect your computer against viruses, follow these steps:

1. On the computer, turn on the firewall.
2. Keep the computer operating system up-to-date.
3. Use updated Antivirus software on the computer.
4. Use updated Antispyware software on the computer.

Source: Microsoft

How to remove a computer virus

Even for an expert, removing a computer virus can be a difficult task without the help of computer virus removal tools. Some computer viruses and other unwanted software, such as spyware, even reinstall themselves after the viruses have been detected and removed. Fortunately, by updating the computer and by using antivirus tools, you can help permanently remove unwanted software.

To remove a computer virus, follow these steps:

1. Install the latest updates from Microsoft Update on the computer.
2. Update the antivirus software on the computer. Then, perform a thorough scan of the computer by using the antivirus software.

Symptoms that may be the result of ordinary Windows functions

A computer virus infection may cause the following problems:

• Windows does not start even though you have not made any system changes or even though you have not installed or removed any programs.
• There is frequent modem activity. If you have an external modem, you may notice the lights blinking frequently when the modem is not being used. You may be unknowingly supplying pirated software.
• Windows does not start because certain important system files are missing. Additionally, you receive an error message that lists the missing files.
• The computer sometimes starts as expected. However, at other times, the computer stops responding before the desktop icons and the taskbar appear.
• The computer runs very slowly. Additionally, the computer takes longer than expected to start.
• You receive out-of-memory error messages even though the computer has sufficient RAM.
• New programs are installed incorrectly.
• Windows spontaneously restarts unexpectedly.
• Programs that used to run stop responding frequently. Even if you remove and reinstall the programs, the issue continues to occur.
• A disk utility such as Scandisk reports multiple serious disk errors.
• A partition disappears.
• The computer always stops responding when you try to use Microsoft Office products.
• You cannot start Windows Task Manager.
• Antivirus software indicates that a computer virus is present.

Symptoms of worms and trojan horse viruses in e-mail messages:

When a computer virus infects e-mail messages or infects other files on a computer, you may notice the following symptoms:

• The infected file may make copies of itself. This behavior may use up all the free space on the hard disk.
• A copy of the infected file may be sent to all the addresses in an e-mail address list.
• The computer virus may reformat the hard disk. This behavior will delete files and programs.
• The computer virus may install hidden programs, such as pirated software. This pirated software may then be distributed and sold from the computer.
• The computer virus may reduce security. This could enable intruders to remotely access the computer or the network.
• You receive an e-mail message that has a strange attachment. When you open the attachment, dialog boxes appear, or a sudden degradation in system performance occurs.
• Someone tells you that they have recently received e-mail messages from you that contained attached files that you did not send. The files that are attached to the e-mail messages have extensions such as .exe, .bat, .scr, and .vbs extensions.

Symptoms of a computer virus

If you suspect or confirm that your computer is infected with a computer virus, obtain the current antivirus software. The following are some primary indicators that a computer may be infected:

• The computer runs slower than usual.
• The computer stops responding, or it locks up frequently.
• The computer crashes, and then it restarts every few minutes.
• The computer restarts on its own.Additionally, the computer does not run as usual.
• Applications on the computer do not work correctly.
• Disks or disk drives are inaccessible.
• You cannot print items correctly.
• You see unusual error messages.
• You see distorted menus and dialog boxes.
• There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension.
• An Antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.
• An Antivirus program cannot be installed on the computer, or the antivirus program will not run.
• New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs.
• Strange sounds or music plays from the speakers unexpectedly.
• A program disappears from the computer even though you did not intentionally remove the program.

Note: These are common signs of infection. However, these signs may also be caused by hardware or software problems that have nothing to do with a computer virus. Unless you run the Microsoft Malicious Software Removal Tool, and then you install industry-standard, up-to-date antivirus software on your computer, you cannot be certain whether a computer is infected with a computer virus or not.

What is a computer virus?

A computer virus is a small software program that spreads from one computer to another computer and that interferes with computer operation. A computer virus may corrupt or delete data on a computer, use an e-mail program to spread the virus to other computers, or even delete everything on the hard disk.

Computer viruses are most easily spread by attachments in e-mail messages or by instant messaging messages. Therefore, you must never open an e-mail attachment unless you know who sent the message or unless you are expecting the e-mail attachment. Computer viruses can be disguised as attachments of funny images, greeting cards, or audio and video files. Computer viruses also spread by using downloads on the Internet. Computer viruses can be hidden in pirated software or in other files or programs that you may download.