|
What
is a computer virus?
A computer virus is a program designed to spread itself by first
infecting executable files or the system areas of hard and floppy disks
and then making copies of itself. Viruses usually operate without the
knowledge or desire of the computer user.
What
kind of files can spread viruses?
Viruses
have the potential to infect executable code, not just program files.
Some viruses infect executable code in the boot sector of floppy disks
or in
system areas of hard drives. Another type of virus, known as a 'macro'
virus, can infect word processing and spreadsheet documents that use
macros. And it's possible for HTML documents containing JavaScript or
other executable code to spread viruses or malicious code.
Since
virus code must be executed to have any effect, files that the computer
treats as pure data are safe. This includes graphics and sound files
such as .gif, .jpg, .mp3, .wav, etc., as well as plain text in .txt
files. For example, just viewing picture files won't infect your computer
with a virus. The virus code has to be in a form of an .exe program
file or a Word .doc file, that the computer will actually try to execute.
How
do viruses spread?
When
you execute infected program code, the virus code will run and attempt
to infect other programs, either on the same computer or on other computers
connected over a network . The newly infected programs will then try
to infect yet more programs, and the pattern repeats itself.
When you
share a copy of an infected file with other computer users,running the
file may also infect their computers; and files from those computers
may spread the infection to yet more computers.
If your
computer is infected with a boot sector virus, the virus tries to write
copies of itself to the system areas of floppy disks and hard disks.
Then the infected floppy disks may infect other computers that boot
from them, and the virus copy on the hard disk will try to infect still
more
floppies.
Some viruses,
known as 'multipartite' viruses, can spread both by infecting files
and by infecting the boot areas of floppy disks.
What
do viruses do to computers?
Viruses
are software programs, and they can do the same things as any other
programs running on a computer. The actual effect of any particular
virus depends on how it was programmed by the person who wrote the virus.
Some viruses
are deliberately designed to damage files or otherwise interfere with
your computer's operation, while others don't do anything but try to
spread themselves around. But even the ones that just spread themselves
are harmful, since they damage files and may cause other problems in
the process of spreading. Note that viruses can't do any damage to hardware:
Warnings about viruses that will physically destroy your computer are
usually hoaxes, not legitimate virus warnings.
What
is a Trojan horse program?
A type of program that is often confused with viruses is a 'Trojan
horse' program. This is not a virus, but simply a program (often harmful)
that pretends to be something else. For example, you might download
what you think is a new game; but when you run it, it deletes files
on your hard drive. Or the third time you start the game, the program
E-mails your saved passwords to another person. Note: simply downloading
a file to your computer won't activate a virus or Trojan horse; you
have to execute the code in the file to trigger it. This could mean
running a program file, or opening a Word/Excel document in a program
(such as Word or Excel) that can execute any macros in the document.
What
about viruses in E-mail?
You
can't get a virus just by reading a plain-text E-mail message or Usenet
post. What you have to watch out for are encoded messages containing
embedded executable code (i.e., JavaScript in an HTML message) or messages
that include an executable file attachment (i.e., an encoded program
file or a Word document containing macros). In order to activate a virus
or Trojan horse program, your computer has to execute some type of code.
This could be a program attached to an E-mail, a Word document you downloaded
from the Internet, or something received on a floppy disk. There's no
special hazard in files attached to Usenet posts or E-mail messages:
they're no more dangerous than any other file.
What
can I do to reduce the chance of getting viruses from E-mail?
Treat any file attachments that might contain executable code as
carefully as you would any other new files: save the attachment to disk
and then check it with an up-to-date virus scanner before opening the
file. If your E-mail or news software has the ability to automatically
execute JavaScript, Word macros, or other executable code contained
in or attached to a message, we strongly recommend that you disable
this feature. If an executable file shows up unexpectedly attached to
an E-mail, you should delete it unless you can positively verify what
it is, who it came from, and why it was sent to you.
The recent
outbreak of the Melissa virus was a vivid demonstration of the need
to be extremely careful when you receive E-mail with attached files
or documents. Just because an E-mail appears to come from someone you
trust, this does NOT mean the file is safe or that the supposed sender
had anything to do with it.
Some
general tips on avoiding virus infections:
1. Install anti-virus software from a well-known, reputable company.
Update it regularly, and use it regularly. New viruses come out every
single day; an a-v program that hasn't been updated for several months
will not provide much protection against current viruses.
2. In
addition to scanning for viruses on a regular basis, install an 'on
access' scanner (included in most good a-v software packages) and configure
it to start automatically each time you boot your system. This will
protect your system by checking for viruses each time your computer
accesses an executable file.
3. Virus
scan any new programs or other files that may contain executable code
before you run or open them, no matter where they come from. There have
been cases of commercially distributed floppy disks and CD-ROMs spreading
virus infections.
4. Anti-virus
programs aren't very good at detecting Trojan horse programs, so be
extremely careful about opening binary files and Word/Excel documents
from unknown or 'dubious' sources. This includes posts in binary newsgroups,
downloads from web/ftp sites that aren't well-known or don't have a
good reputation, and executable files unexpectedly received as attachments
to E-mail or during an on-line chat session.
5. If
your E-mail or news software has the ability to automatically execute
JavaScript, Word macros, or other executable code contained in or attached
to a message, I strongly recommend that you disable this feature.
6. Be
extremely careful about accepting programs or other files during on-line
chat sessions: this seems to be one of the more common means that people
wind up with virus or Trojan horse problems. And if any other family
members (especially younger ones) use the computer, make sure they know
not to accept any files while using chat.
7. Do
regular backups. Some viruses and Trojan horse programs will erase or
corrupt files on your hard drive, and a recent backup may be the only
way to recover your data.
Ideally,
you should back up your entire system on a regular basis. If this isn't
practical, at least backup files that you can't afford to lose or that
would be difficult to replace: documents, bookmark files, address books,
important E-mail, etc.
Dealing
with virus infections:
Just
because your computer is acting strangely or one of your programs doesn't
work right, this does NOT mean that your computer has a virus. Drastic
measures such as formatting your hard drive or using FDISK should be
avoided. They are frequently useless at cleaning a virus infection,
and may do more harm than good unless you're very knowledgeable about
the effects of the particular virus you're dealing with.
1. If
you haven't used a good, up-to-date anti-virus program on your computer,
do that first. Many problems blamed on viruses are actually caused by
software configuration errors or other problems that have nothing to
do with a virus.
2. If
you do get infected by a virus, follow the directions in your anti-virus
program for cleaning it. If you have backup copies of the infected files,
use those to restore the files. Check the files you restore to make
sure your backups weren't infected.
For assistance,
check the web site and support services for your anti-virus software.
Back to top...
|
