LESSON 10: CREATING BOOTABLE DISK / DOS BASE Topics: What is Bootable Disk?

? Kinds of Bootable Disk Where can I get this? How to create a Bootable Disk?
How to Create Bootable CD from A Bootable Floppy Disk

How to use Bootable Disk? History of DOS Basic Commands of DOS

View the contents of a directory by using the dir command. o Change directories by using the cd command. o Create directories by using the md command. o Delete directories by using the rd command. o Change drives by specifying the drive letter followed by a colon. o Copy files by using the copy command. o Rename files by using the ren command. o Delete files by using the del command.

WHAT IS BOOTABLE DISK?

A boot disk will allow you to boot off of a diskette instead of your hard drive. This diskette can be used to fix issues which may arise during the lifetime of your computer as well as can be used to help load MS-DOS games or games you may not be able to run from Windows or MS-DOS because of high memory requirements.

After you have created a boot diskette, it is highly recommended that you write-protect the diskette to prevent possible computer virus infection. A floppy disk that contains the necessary system files that will complete the computers boot up sequence and load a basic Operating System. For DOS and Windows, a floppy disk that can upload the OS files necessary for a computer startup. For DOS or Windows 9X, it must contain the files Io.sys, Msdos.sys and Command.com. A floppy disk containing part of the operating system which allows the computer to boot. If you ever need to reformat your hard disk you need a bootable disk.

CREATING A WINDOWS 98/ME BOOT DISK Note: These steps are for users who have Windows 98 or Windows ME installed on the computer. An excellent feature of Windows 98/ME is its boot diskette. Using Windows to create you a Windows 98 boot diskette will give you all the needed files as well as CD-ROM support. To create a Windows 98 boot diskette, click Start / Settings / Control Panel / double-click the Add Remove programs icon / click the Startup Disk and create disk. Alternatively, to create a Windows 98 boot diskette manually from Windows, click Start / Shutdown and choose the option to restart the computer in a MS-DOS prompt. At the prompt, type: cd\windows\command Once at the C:\DOS directory, skip to copying files. COPYING ADDITIONAL FILES NOTE: When making a boot disk, if you are running "Stacker" or some kind of a DoubleSpace or drive swapper program, this could not work Once you are in DOS and at the correct directory as instructed in the above sections by operating system, you are ready to create your bootable diskette. Insert a diskette which does not contain any information (it will be erased). At the prompt, if you have MS-DOS 6.2 / Windows 3.x / Windows 95 / Windows 98, type: FORMAT A:/S If you have MS-DOS 5.0 type using double density 5.25" diskettes type: FORMAT A: /360 /S If you have MS- DOS 3.11 through 4.0 using double density 5.25" diskettes, type: FORMAT A: /4 /S

Once the diskette has been formatted and the system has been transferred, you should be returned to your original directory. In this directory, type: copy format*.* a: [PRESS ENTER] copy fdisk*.* a: [PRESS ENTER] copy mscdex*.* a: [PRESS ENTER] copy sys*.* a: [PRESS ENTER] copy edit*.* a: [PRESS ENTER] copy qbasic*.* a: [PRESS ENTER] (Win 95/98 users skip this line) copy debug*.* a: [PRESS ENTER] copy himem*.* a: [PRESS ENTER] copy emm386*.* a: [PRESS ENTER] If you are planning to use this diskette as a diskette to load games or you feel that you need mouse support, you will need to copy the mouse driver onto the boot diskette. The MS-DOS mouse driver is generally mouse.com / mouse.sys. Locate this file and copy it to your bootable diskette. For CD-ROM support, visit our CD-ROM drivers page for information on loading your CD-ROM driver. Once you have copied the above files, create an autoexec.bat and a config.sys. Get to the floppy drive by typing A:, once at the floppy drive, type: copy con autoexec.bat [PRESS ENTER] @echo off [PRESS ENTER] LH A:\MSCDEX.EXE /D:CDROM [PRESS ENTER] (this line is used for your CD-ROM drive). LH A:\MOUSE.* [PRESS ENTER] (skip line if you did not copy mouse file, the * is either sys / com). Press and hold CTRL + Z - this should return ^Z. Once this is displayed, press enter to copy the file. copy con config.sys [PRESS ENTER] device=a:\himem.sys dos=high,umb device=a:\emm386.exe noems files=30 buffers=20 devicehigh=a:\oakcdrom.sys /d:CDROM (this line is used for your CD-ROM drive). Press and hold CTRL + Z - this should return ^Z. Once this is displayed, press enter to copy the file. Congratulations, after completing the above steps you should now have a bootable floppy diskette. CREATING A WINDOWS NT BOOT DISK

To create a boot diskette you must have access to the i386 directory located on your Windows NT CD or possibly your Hard disk drive. Format the floppy diskette you wish to make a bootable Windows NT boot disk using the Windows NT machine. Copy boot.ini, ntdetect.com and ntldr to the floppy diskette just formatted. If you are using any SCSI devices which you need access to, you will also need to load these drivers onto the diskette CREATING A WINDOWS 2000 BOOT DISK To create a Windows 2000 Professional bootable diskette you will need four 1.44MB diskettes and the Windows 2000 Professional CD. Click Start / Run / browse to the CD-ROM drive. Open the "BOOTDISK" folder and double-click makeboot.exe and click ok to launch the program to create the diskette. Users can also easily create an Emergency Repair Disk by clicking Start, Programs, Accessories, System Tools, and opening Backup. From the Backup window, click the button for Emergency Repair Disk and follow each of the steps. CREATING A WINDOWS XP BOOT DISK Create MS-DOS bootable diskette When formatting a floppy diskette, users have the option of creating a MS-DOS startup disk, follow the below steps to do this. 1. Place diskette in the computer. 2. Open My Computer, right click the A: drive and click Format. 3. In the Format window, check Create an MS-DOS startup disk. 4. Click Start HOW TO CREATE BOOTABLE CD FROM A BOOTABLE FLOPPY DISK Next time your computer crashes, you'll have a CD handy to save your life...or at least your work. (Note: you do not need your own bootable floppy disk, thus even if your floppy drive is broken you can follow this procedure.) STEPS 1. Download and install Nero, which is a free, easy to use, disk burning program that has a feature allowing you to make a bootable disk. It can be obtained by doing a simple web search using the terms "Nero free download."

2. Go to the data menu in Nero (look at the several icons at the top of the Nero splash screen), and click on "Make Bootable Disk." Nero prompts you to first add files to the disk. 3. Bypass the step of adding files by clicking "next," and go directly to making the bootable disk. 4. On the next screen, click on "use a standard boot image." Nero will automatically bypass your "A" drive, and make the disk with no fuss. 5. Keep clicking on next and follow the wizard until you arrive at the "Burn" button at the bottom lower right of your screen on menu. TIPS

Keep this disk handy, as it can get you out of all sorts of difficulty. For instance if you get a virus, usually the drivers for the CD-ROM are okay, whereas you may have trouble booting from a floppy. Make sure you go into your bios (usually done by holding down on the DEL key, or control key, and change the boot order, so the computer will search the CD ROM drive first in the bootup.) You may want to copy an uninstalled version of your operating system onto your hardrive (not in the same partition as your installed operating system). This is helpful, because when you need to reinstall your operating system, you can just use the Nero Disk to get to the "A" prompt, then switch directories to the partition of the uninstalled OS ,and install from there (Use d:\win98se\win98...then type "setup" for instance if you are using windows 98SE, and you put the uninstalled version on the D drive.) This will give a smoother installation.

HOW TO USE A BOOT DISKETTE Once the bootable diskette has been successfully created, following the below steps you will be able to boot from the diskette. 1. Place the diskette into write-protect mode (in case a virus is on the computer, this will not allow the virus to transfer itself onto the diskette). 2. Insert the diskette into the computer and reset or turn on the computer to begin the boot process. 3. As the computer is booting, answer the questions prompted (if any). 4. Once at the A:\> take the appropriate actions depending upon the situation of the computer.

SOME COMMON COMMANDS IN DOS ATTRIB - Modifies or displays the attributes of a file or directory. CALL - Calls another batch file and then returns to current batch file to continue. 5

CD - Changes the current directory. CHOICE - Provides a prompt so you can make a choice while a batch program is running. CLS - Clears the screen. COMMAND - Opens up command prompt. COPY - Copies files. DATE - Displays and/or sets the date. DEL - Deletes (erases) files. DELTREE - Deletes a directory including all files and subdirectories that are in it. DIR - Displays directory of files and directories stored on disk. ECHO - Displays messages or turns on or off the return of information in a batch file. EDIT - Starts the MS-DOS editor, a text editor used to create and edit ASCII text files. EXIT - Exits the current DOS window or batch file. FOR - Performs repeated execution of commands. FORMAT - Formats a disk to a DOS or Windows file system. GOTO - Jumps to a label in a batch file. IF - Allows conditional operations in batch file processing. LABEL - Creates, changes, or deletes a volume label for a disk. MEM - Displays detailed memory statistics. MD - Creates a new subdirectory. MORE - Displays information one page at a time. MOVE - Moves the specified file or directory. PATH - Sets directories that will be searched for programs not in the current directory. PAUSE - Pauses the current batch file.

PING - Pings an IP address. PROMPT - Changes the DOS command prompt. REM - Used to insert comments. (text that is not executed) RD - Removes a subdirectory. SCANDISK - Opens up scandisk. SET - Inserts strings into the command environment. SHIFT - Allows you to use infinite parameters. SYS - Restores the IO.SYS file to the specified drive. TIME - Display and/or set the current time.

SOME COMMON & IMPORTANT COMMANDS IN DOS o o o o o o o o Searching for directory or folder DIR DIR *.doc Change directory by using the cd command. C:\ CD\ C:\ CD.. Create directory by using the md command. C:\ MD NAME

o Delete directories by using the rd command. o C:\ RD NAME o Change drives by specifying the drive letter followed by a colon. o C:\ D: o Copy files by using the copy command. o copy source destination o C:\ COPY C:\123\abc.doc D:\456 SELECTED ITEM o C:\123>COPY *.* D:\456 COPY ALL o Rename files by using the ren command. o Ren oldname newname o C:\ 123>REN a.doc b.doc Renaming a document o C:\REN 123 ABC Renaming a folder o Delete files by using the del command. o C:\DEL C:\123\a.doc deleting a document o C:\123>DEL *.* Deleting all files

FDISK Tutorial The Basics of Fdisk: Primary partitions are the only one that are bootable. They're always the C: drive when active. Normally you can only have one (more with some special tricks etc.) Extended partitions are needed when you want more than one partition. You can only have ONE Extended partition. Logical Drives come into the Extended partition. They are handy since you know that you can only have one Primary and one Extended so you can get more than only two partitions. They would be your D:, E:, etc. drives. First you need to reboot your system with the Boot Disk inserted. 1.At the A: prompt start "FDISK." 2.If asked to use Large Disc support say Yes. 3.The first screen looks like this: Create Dos Partition or Logical Drive Set Active Partition

Delete Partitions or Logical DOS Drives Display Partition Information Change current fixed drive. (In case you have two or more Hard Drivess) So, to prepare you hopefully did a backup from your data. You did, didn't you ?! 4.Next we need to remove the existing partitions. So go to 3. 5.Next screen like this: Delete Primary DOS Delete Extended DOS Delete Logical Drives Delete Non-DOS Delete always in the following order Logical (All) > Extended > Primary (Last) 6.Go back to first screen after all partitions have been removed. 7.Now we need to setup our new partitions. Go to 1. This screen looks like this: Create Primary DOS Create Extended DOS Create Logical DOS Drives Here we create in the following order Primary > Extended > Logical Drives. 8.First create the Primary. If asked to use all space say No and enter the amount you wish for the C: drive. It should be set automatically to be the (only) Active partition. If not it may ask you or you have to select "2. Set active partition" from the main menu. 9.Next create the Extended Partition. Use all space left. It probably advances automatically to the next step, creating the Logical DOS Drives. 10.Enter the amount you wish for the D: partition and than the rest for the third partition. Think first about the size for the partitions. OK now we're finished with FDISK so just exit it. Next you need to reboot with the disc still inserted and Format all partitions (the C: partition might need to be formatted with "format c: /s", check the Win95 tip). Another reboot and you can go ahead and install Windows.

When your system supports booting from CD just insert the Windows CD and reboot. The setup will start. If not, follow these steps: Win98: insert Boot Disk and CD, reboot, choose "2. boot with CDROM support" and once you're at the prompt change to your CD-drive letter (depends on your partition setup) and enter "setup". Win95: You must format the C: partition with "Format C: /s"!. Next install your CDROM driver, reboot, insert the Win95 CD, change to the CD-driveletter, enter "setup". INSTALLATION OF OPERATING SYSTEM Topics: What is Operating System? Different kinds of Operating System History of Windows What will you need in installing the O.S.? Reformatting FAT32 vs NTFS Compatibility Issue How to install Windows 98? How to install Windows Me? How to install Windows XP? What is the next procedure after installing the O.S.? Frequently Asked Questions about Installing O.S.

10

 What is Operating System? Operating system (OS) is the system software responsible for the direct control and management of hardware and basic system operations. Additionally, it provides a foundation upon which to run application software such as word processing programs, web browsers and others. Different kinds of Operating System

1. 2. 3. 4. 5. 6. 7. 8. 9. 10. 11. 12. 13. 14. 15. 16. 17. 18. 19. 20. 21. 22. 23. 24. 25. 26. 27. 28.

Windows XP Windows 2000 Windows NT Windows ME Windows 98 Windows 95 Windows 3.11 MS-DOS PC-DOS MXS Mac OS X Classic Macintosh OS/2 Linux FreeBSD NetBSD OpenBSD GNU Hurd Solaris SunOS HP-UX OpenVMS Tru64 Unix ULTRIX IRIX NeXT Rhapsody AIX 11

29. 30. 31. 32. 33. 34. 35. 36.

MVS NetWare BeOS AmigaOS SCO OpenServer SCO UnixWare Pyramid BSDi

 History of Windows In 1973, a man named GARY KILDALL wrote the first PC operating system (Using the PL/M program language he invented) called CONTROL PROGRAM for MICROCOMPUTER (or CP/M). Initially CP/M ran on the Intel 8008 chip, and later translated to the 8080 chip. IBM entered the personal computer market in 1981, initially licensing an operating system rather than developing an supporting one of their own. IBM approached Kildall to discuss licensing terms for his CP/M operating system. When Kildall missed that appointment, the IBM executive went on to his next appointment with a company named Microsoft. (Kildall denies the accuracy of the missed-appointment story) Microsofts Bill Gates seized the licensing opportunity immediately. The rest Gates licensing DOS to IBM is History. The QUICK AND DIRTY OPERATING SYSTEM, or Q-DOS first developed by Tim Patterson of Seattle Computer Products, was purchased by Microsoft for $100,000. Microsoft then refined Q-DOS and named it MSDOS, short for Microsoft Disk Operating System. Since Microsoft licensed IBM to use the MS-DOS operating system rather than selling it outright, Microsoft was able to license MS-DOS to other companies as well. As a result, the two most prevalent disk operating systems became IBM PC-DOS and MS-DOS. PC-DOS is the version installed on IBM computers, MS-DOS is the version used on the most other PCs. Both MS-DOS and PC-DOS are Essentially identical, except that Microsofts Version 6 system contains different add-on utilities. 1. 2. 3. What will you need in Installing the O.S.? Start-up Disk Windows 98 CD Computer with CD-ROM Access

Configuring your BIOS for the Install: To find out how to access the BIOS please refer to your motherboard manual or the manufacturer of your computer. (The system BIOS can usually be entered on boot, usually by pressing the F1, F2, F8, F10 or DEL key. Make sure you save the settings before exiting. Reformatting 1. Start up Disk is needed

Set the Boot Sequence on CMOS/BIOS If you are using a Bootable Disk, (Start up Disk) you must follow this setting... 1st Boot Device 2nd Boot Device 3rd Boot Device Floppy CDROM IDE-0

2.

Insert the Bootable Disk/Start-up Disk

If you are using a NFTS format on your current Windows setup, expect to see this message.

3. A:\ Just type : A:\ Format C: Message: WARNING, ALL DATA ON NON-REMOVABLE DISK DRIVE C: WILL BE LOST! Proceed with Format (Y/N)? Just press: Y Congratulation you complete the reformatting process.

 FAT32 vs NTFS FAT NTFS File Allocation Table New Technology File System

First of all, the terms. FAT stands for File Allocation Table, and it dates way back to DOS days, when the operating system fit on a single 360k floppy. I wonder how many of those floppies it would take to boot Windows XP today? Beginning with Windows 95 SR-2, FAT was upgraded from 16 bit to 32 bit, and so when we refer to FAT, we are actually talking (these days) about FAT32, not FAT16. FAT32 overcame some of the inherent limitations of FAT16 disk and volume sizes, as well as directory entry restrictions, long filename restrictions, and large cluster sizes, which wasted large amounts of disk space when storing small files. FAT32 volumes, in theory, can range in size from less than 1 MB up to 2 TB (TeraBytes). However, when used with Windows XP/2000, the maximum size of a volume is 32 GB. Also, the maximum individual file size is 4 GB. FAT32 is the native file system of Windows 98 and Windows ME, although it is supported by Windows XP/2000. NTFS, or New Technology File System, is the native file system of Windows NT Windows 2000, and Windows XP. NTFS is a "journaling" filing system, which means that it is less likely to become corrupt, and will recognize errors or bad sections of disk and correct itself automatically. NTFS volumes can only be accessed (directly, not through shares) by Windows NT/2000, without the aid of third-party products. Because of the larger overhead, NTFS cannot be used on floppy disks, and the minimum recommended size for an NTFS volume is 10 MB. However, the maximum supported volume size is 2 TB, and there is no limit on the file size. NTFS also supports file encryption, file compression, file permissions and auditing, as well as many fault-tolerant disk configurations such as mirroring and RAID 5. NTFS vs FAT Criteria Operting System NTFS5 Windows 2000 Windows XP NTFS Windows NT Windows 2000 Windows XP Limitations 2TB FAT32 Windows 98 Windows ME Windows 2000 Windows XP FAT16 DOS All versions of Microsoft Windows

Max Volume Size Max Files on Volume Max File Size Max Clusters Number Max File Name Length

2TB Nearly Unlimited Limit Only by Volume Size Nearly Unlimited Up to 255

2TB

2GB ~65000 2GB 65535 Standard - 8.3 Extended - up to 255

Nearly Unlimited Nearly Unlimited Limit Only by Volume Size Nearly Unlimited Up to 255 4GB 268435456 Up to 255

File System Features Unicode Character Unicode Character System Character Unicode File Names System Character Set Set Set Set System Records MFT Mirror File MFT Mirror File Second Copy of Second Copy of FAT

Mirror Boot Sector Location File Attributes Alternate Streams Compression Encryption Object Permissions Disk Quotas Sparse Files Reparse Points Volume Mount Points First and Last Sectors Standard and Custom Yes Yes Yes Yes Yes Yes Yes Yes First and Last Sectors Standard and Custom Yes Yes No Yes No No No No

FAT First Sector Standard Set No No No No No No No No First Sector Standard Set No No No No No No No No

Built-In Security Recoverability Performance Disk Space Economy Fault Tolerance

Overall Performance Yes Yes No Yes Yes No Low on small Low on small High on small volumes volumes volumes High on Large High on Large Low on large Max Max Max Max Average Minimal

No No Highest on small volumes Low on large Minimal on large volumes Average

How to install Windows 9x? For Windows 9x 1. Insert the Windows CD and restart your PC. 2. Once the Windows 98 Setup Menu comes up choose option #2 (Boot from CD-ROM) 3. Then the Windows 98 Startup Menu will come up. Select Option #1. (Start Windows 98 Setup from CDROM) 4. Now your computer will install some drivers so please wait for a few moments. 5. Now a blue setup screen will come up. Press Enter. 6. Setup then wants to do some system tests. Just press Enter. 7. Scandisk will now run, please wait. 8. After ScanDisk completes, Windows will copy a few important files for setup. 9. Now the graphical Windows 98 Setup Screen will come up. 10. Click Continue and wait for the setup wizard to complete.

11. Now it will ask you in which directory to install Windows too. The default directory is just fine so click Next. 12. Setup will now prepare the directory, please wait. 13. Setup will now check for installed components and disk space, please wait. 14. Setup will now prompt you to choose the type of installation. Choose Typical if you have a desktop computer or Portable if it is a laptop. 15. Windows will prompt you to install components, just choose Continue. 16. If a network card is detected a network information screen will appear. Type in the required information and click Next 17. Select your country settings, United States should be chosen by default. 18. Now finally the main part of Setup is here. Setup will start copying files. This could take some time, please be patient. 19. Once setup is done copying files, Windows will restart automatically. 20. The Windows 98 Startup Menu will now appear. Select option #1 (Boot from Hard Disk) 21. The Windows 98 booting screen will appear! 22. Now Windows will prompt you for user information, enter it and click Continue. 23. Now the License Agreement. Read it and if you agree click on "I accept the Agreement" and click Next. If you select "I don't accept the Agreement" then setup will end. 24. Now input your product key or certificate authenticity code. This is 16 digits and is located on the back of your CD case or on the Windows 98 Book. If you have an OEM computer then it could be on the side or back of your computer. Click Next to continue. 25. Click Finish. 26. Setup will now finalize the hardware and install settings. 27. Setup will now install plug and play devices. 28. Your computer will restart automatically. 29. The Windows 98 Startup Menu will appear. Select option #1 (Boot from Hard Disk) 30. Windows will start booting for the second time. 31. Setup will continue installing hardware. 32. Now setup will prompt you to enter in your time, date, and time zone. Once selected click on Apply and then OK. 33. Windows will continue to setup Windows items. 34. The computer will restart automatically once again. 35. The Windows 98 Startup Menu will appear. Select option #1 (Boot from Hard Disk) 36. Windows will boot for the third time. 37. Windows will update system settings. 38. Now finally you have reached the Windows Desktop! 39. You also may need to install your hardware drivers. If everything is working properly then you shouldnt worry about them.

How to install Windows XP? For windows XP(Whistler) Insert your Windows XP Installation CD. If Windows automatically detects the Installation CD, you will soon be prompted with a "Press any key to boot from CD" message. You will have 5 seconds to hit any key. If you've delayed too long, your computer will continue to start from the hard disk.

Once you have pressed any key, files will begin to load from the installation CD. You will soon be asked what type of installation you wish to perform:

New Installation Repair an existing installation this tutorial teaches a clean installation, choose "New Installation".

Since

You will then be prompted to agree to the End User License Agreement (EULA). You cannot continue without accepting. Press F8 to continue. Feel free to read the EULA if you want, but make sure you take breaks every hour or so. The next screen will show the available partitions where you can install XP. Here you have the ability to create/delete partitions or just allocate the available space to one partition. If you choose to create multiple partition for whatever purpose, be sure to create them with sufficient size. I recommend partitions between 4-10 GB of size depending on what your plans are. If you plan to install a second Operating System, then an 8 to 10 GB partition would be best, but if your plans are merely to use a partition for backup purposes, then 4 to 6 GB may work fine. Once your have chosen the partition you wish to install XP on, you will now need to format it to a file system. The choices are:

Fat32:

A new version of the file allocation table (FAT) available in Windows 95 OSR 2 and Windows 98. FAT32 increases the number of bits used to address clusters and also reduces the size of each cluster. The result is that it can support larger disks (up to 2 terabytes) and better storage efficiency (less slack space).

NTFS:

Short for New Technology File System, one of the file system for the Windows NT operating system (Windows NT also supports the FAT file system). NTFS has features to improve reliability, such as transaction logs to help recover from disk failures. To control access to files, you can set permissions for directories and/or individual files. NTFS files are not accessible from other operating such as DOS. The most common file system for a single operating system installation is NTFS.

You will need to make a choice of the different formatting options. I recommend that you perform a FULL format of whichever file system that you've chosen. Once the format is complete, the installation will continue. You will now see all of the files loading to your hard drive from the installation CD. Once the files are loaded, Windows will automatically reboot your system. When you are given the "Press any key to boot from CD" message, do not hit any key. Just let your system continue loading to your hard drive. You will be prompted from time to time to enter in specific setup information such as:

Region and Language Name and Organization Product License Key Date and Time

User Name and Password

Note: Be sure to write down and save your user name and password. Create a Password Reset Disk just in case you forget your password. Eventually, Windows will reboot your system again. It will take you directly to the Windows Activation screen. You will be given the option to activate now or within a 30 day period. I recommend you take the time to activate your copy now. If you don't, you will be bothered by on-screen reminders. Caution: Be sure to activate a firewall application or install SP2 from a disk prior to connecting to the Internet. Connecting a fresh XP installation that does not have any updates will be attacked by Spyware and Worms. VIRUS DEFINITION AND MANUAL REMOVAL Topics: What are Computer Viruses? Types of Viruses? What is Virus? What is Worm? What is Trojan Horse? What is Spam? What is Boot sector Viruses? What is Spyware and Adware? How does a virus infect your computer? Symptoms of Infected Computer FAQ

 What are Computer Viruses? Computer viruses are software programs that invade a computer system to wreck havoc with computer files or the computer users themselves. Some are benign causing nothing more than a nuisance while others can delete files or even destroy computer hardware. Typically viruses are programmed to reproduce themselves and spread from one computer system to another, just like a normal human virus spreads via human contact throughout the population. Computer viruses can be spread via diskettes or other removable media, by way of email attachments, or in some cases simply by being connected to the Internet and not protected. Types of Viruses? Computer viruses are categorized into four main types: boot sector, file or program, macro, and multipartite viruses. Boot sector viruses are usually transmitted when an infected floppy disk is left in the drive and the system is rebooted. The virus is read from the infected boot sector of the floppy disk and transferred to the master boot record of the system's hard drive. Then, whenever the computer is booted up, the virus will be loaded into the system's memory. Any floppy disk formatted as a bootable disk in the infected machine would contain the virus and spread itself to other machines. Program or file viruses are software programs that attach themselves to executable programs. Once the infected program is run, the virus is transferred to your system's memory and may replicate itself further. It may spread to all the files on a hard drive or to files of a specific type. Common viruses such as Happy99, Pretty Park, and the ILOVEYOU worm can be classified as this type. Macro viruses are currently the most commonly found viruses. They infect files run by applications that use macro languages, like Microsoft Word or Excel. The virus looks like a macro in the file, and when the file is opened, the virus can execute commands understood by the application's macro language. The infamous Melissa virus is a macro virus as well as the common Laroux Excel spreadsheet virus. Multipartite viruses have characteristics of both boot sector viruses and file viruses. They may start out in the boot sector and spread to applications, or vice versa. What is Virus? A virus is a manmade program or piece of code that causes an unexpected, usually negative, event. Viruses are often disguised games or images with clever marketing titles such as "Me, nude." In terms of sheer number of viruses, these are the most common kind. The simplest file viruses work by locating a type of file that they know how to infect (usually a file name ending in ".COM" or ".EXE") and overwriting part of the program they are infecting. When this program is executed, the virus code executes and infects more files. These overwriting viruses do not tend to be very successful since the overwritten program rarely continues to function correctly and the virus is almost immediately discovered. The more sophisticated file viruses modify the program so that the original instructions are saved and executed after the virus finishes. Just as system sector viruses can remain resident in memory and use "stealth" techniques to hide their presence, file viruses can hide this way also. If you do a directory listing, you will not see any increase in the length of the file and if you attempt to read the file, the virus will intercept the request and return your original uninfected program to you. This can sometimes be used to your advantage. If you have a "stealth" virus (such as 4096 or Dir-2), you can copy your program files (*.EXE and *.COM files) to files with other extensions and allow the virus to automatically

disinfect your files! If you "COPY *.COM *.CON", and then cold boot your PC from a known good copy of DOS and "REN *.CON *.COM", this will disinfect the renamed files. Be aware that many file viruses (such as 4096 which is also known as Frodo) also infect overlay files as well as the more usual *.COM and *.EXE files. Overlay files have various extensions, but ".OVR" and ".OVL" are common examples. Logic Bombs Just like a real bomb, a logic bomb will lie dormant until triggered by some event. The trigger can be a specific date, the number of times executed, a random number, or even a specific event such as deletion of an employee's payroll record. When the logic bomb is triggered it will usually do something unpleasant. This can range from changing a random byte of data somewhere on your disk to making the entire disk unreadable. The changing of random data on disk may be the most insidious attack since it would do a lot of damage before it would be detected. Macro Viruses There is particular type of file virus that that many people don't understand. These are the files from the MicroSoft Office applications (e.g, MS Word, MS Excel, MS Access, etc.). These programs all have their own macro languages (a BASIC like language) built in. The associated files (MS Word documents or templates and MS Excel spreadsheet files) are usually thought of only as data files so many people are surprised that they can be infected. But these files can contain programs (the macro language) that are executed when you load one of these files into the associated product. The program inside of these files is interpreted by the MS Office application. What is now a language originally began as a very simple macro language that the user could use to combine keystrokes to automate some routine function. The macro language in these products has since grown substantially and now is a fully capable language based on Visual Basic (VBA). Since anything that contains a program can potentially be infected by a virus, these files can harbor viruses. Read about the the threat of MS Word macro viruses (e.g., Concept) or MS Excel Macro Viruses. What gives these viruses a chance to execute is the fact that Microsoft has defined special macros that will automatically execute. The mere act of opening an infected MS Word document or an infected MS Excel spread sheet can allow the virus macros to be executed. (One simple prevention for this type of virus is to use the freely available (from Microsoft) viewer programs to rather than MS Word or MS Excel to view these type of files. Even MS Access database files (*.mdb files) can contain macro viruses. Read about: MS Access Macro Viruses. Macro viruses have been very successful because most people regarded spreadsheets and documents as data, not as programs (and because many anti-virus programs were very slow to address this threat). If you use a mail reader or Web browser, it is very important to use a viewer rather than the full MS Office program (i.e, MS Word or MS Excel) if you want to automatically open downloaded MS Word documents or MS Excel spreadsheets. What is Worm? Computer Worms are viruses that reside in the active memory of a computer and duplicate themselves. They may send copies of themselves to other computers, such as through email or Internet Relay Chat (IRC). Worms A worm is a self-reproducing program which does not infect other programs as a virus will, but instead creates copies of itself, which create even more copies. These are usually seen on networks and on multiprocessing operating systems, where the worm will create copies of itself which are also executed. Each

new copy will create more copies quickly clogging the system. The so called Morris ARPANET/INTERNET "virus" was actually a worm. It created copies of itself through the ARPA network, eventually bringing the network to its knees. It did not infect other programs as a virus would, but simply kept creating copies of itself which would then execute and try to spread to other machines. What is Trojan Horse? Trojans These are named after the Trojan horse which delivered soldiers into the city of Troy. Likewise, a trojan program is a delivery vehicle for some destructive code (such as a logic bomb or a virus) onto a computer. The trojan program appears to be a useful program, but when a certain event occurs, it will attack your PC in some way. A Trojan horse program is a malicious program that pretends to be a benign application; a Trojan horse program purposefully does something the user does not expect. Trojans are not viruses since they do not replicate, but Trojan horse programs can be just as destructive. Many people use the term to refer only to non-replicating malicious programs, thus making a distinction between Trojans and viruses What is Spam? Simply put, spam is Unsolicited Commercial Email. But you may ask, well, if it is actually called Unsolicited Commercial Email, where in the world did the nickname 'spam' come from? Well, if anyone is familiar with Monty Python, they may know of a skit where the waitress offers spam with each entree though the customer doesn't want it. Furthermore, there is a Viking Choir who bursts out into song about how wonderful spam actually is. Spam is pretty much like the skit. Nobody wants to have spam, but we get it anyway, just like the waitress offers spam but the customer doesn't want it. What is Boot sector Viruses? System Sector Viruses (AKA Boot Sector Viruses) These are viruses which plant themselves in your system sectors. System sectors are special areas on your disk containing programs that are executed when you boot your PC. Sectors are not files but simply small areas on your disk that your hardware reads in single chunks. Under DOS, sectors are most commonly 512 bytes in length. These sectors are invisible to normal programs but are vital for correct operation of your PC. They are a common target for viruses. There are two types of system sectors found on DOS PCs, DOS boot sectors and partition sectors (also known as Master Boot Records or MBRs). If the term boot sector is new to you, then please read the page on system sectors for more details on why system sectors are important and how they work. System sector viruses (also commonly referred to as boot sector viruses) modify the program in either the DOS boot sector or the partition sector. Since there isn't much room in the system sector (only 512 bytes), these viruses often have to hide their code somewhere else on the disk. These viruses sometimes cause problems when this spot already contains data which is then overwritten. Some viruses, such as the Pakistani BRAIN virus mark the spot where they hide their code as having bad sectors. This is one reason to be alarmed if CHKDSK or Scandisk suddenly reports additional bad sectors on your disk. These viruses usually go resident in memory on your PC, and infect any floppy disk which you access. Simply doing a DIR on a floppy disk may cause it to be infected. Some viruses will infect your diskette as soon as you close the drive door. Since they are active in memory (resident), they can hide their presence. If BRAIN is active on your PC, and you use a sector editor to look at the boot sector of an infected diskette, the virus will intercept the attempt to read the infected boot sector and return instead a saved image of the original boot sector. You will see the normal boot sector instead of the infected

version. Viruses which do this are known as stealth viruses. In addition to infecting diskettes, some system sector viruses spread by also infecting files. What is Spyware and Adware? SPYWARE and ADWARE ISSUE Freeware is a great concept. Advertiser supported software that doesn't cost you anything, but is it really free? All you have to do is give your name, address, phone, e-mail, and some other general information. Not a bad tradeoff, right? But, what if your personal information was also stored elsewhere on your hard drive, and transmitted your personal data via the Internet back to advertisers in exchange for more advertising? Ah, now is it free or is it spyware aka adware. Advertising Supported software (adware) is the most common, however some programs (spyware) will spy on your activities as well for market research. Adware is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies Web3000, EverAd, and Aureate, just to name a few, that offer to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee. The problem with Adware is the concept of reporting your Internet surfing habits back home for data collection purposes. If this bothers you, then removing the spyware from your system might be a consideration. Go Hip and Bonzi Buddy don't necessarily tranmit data back home but they are hard to remove Internet programs that seem to find their way onto your hard drive as well. How does a virus infect your computer? Years ago, only certain types of files (generally executable files like program files) could be carriers of a virus, however with the invention of macro languages in programs like Microsoft Word or Excel, and the use of Javascript in web page building, almost any type of data could theoretically carry a virus. The most common way a computer is infected with a virus today is through the use of a floppy disk containing data from another computer, or through the use of the Internet with email, IRC, or other online communication. Because viruses are becoming more clever, no one should be using a computer that does not have anti-virus software running on it. The more you use a computer, the more likely it is you will encounter a virus. Symptoms of Infected Computer

Computer slows down without reason Unusual messages or displays on your monitor Unusual sounds or music played at random times Your system has less available memory than it should A disk or volume name has been changed Programs or files are suddenly missing Unknown programs or files have been created

Some of your files become corrupted or suddenly don't work properly.

Manual Virus Detection and Deletion

Registry File Extension Standard Procedures of Manual virus removal
What is the Registry? The Registry is a database used to store settings and options for the 32 bit versions of Microsoft Windows including Windows 95, 98, ME and NT/2000. It contains information and settings for all the hardware, software, users, and preferences of the PC. Whenever a user makes changes to a Control Panel settings, or File Associations, System Policies, or installed software, the changes are reflected and stored in the Registry.
PROCEDURE: 1. START 2. RUN 3. type REGEDIT

CREATING A SHORTCUT
1. 2. 3. 4. 5. 6.

right-clicking on a blank area of your desktop selecting New then Shortcut then in the Command line box enter "regedit.exe" and click Next then click Finish double click on the new icon to launch the Registry Editor

HKEY_CLASSES_ROOT - This branch contains all of your file association mappings to support the drag-and-drop feature, OLE information, Windows shortcuts, and core aspects of the Windows user interface. HKEY_CURRENT_USER - This branch links to the section of HKEY_USERS appropriate for the user currently logged onto the PC and contains information such as logon names, desktop settings, and Start menu settings. HKEY_LOCAL_MACHINE - This branch contains computer specific information about the type of hardware, software, and other preferences on a given PC, this information is used for all users who log onto this computer. HKEY_USERS - This branch contains individual preferences for each user of the computer, each user is represented by a SID sub-key located under the main branch. HKEY_CURRENT_CONFIG - This branch links to the section of HKEY_LOCAL_MACHINE appropriate for the current hardware configuration.