Information About Computer Viruses and what steps to take to fix them

About Computer Viruses

How they work, and what to look for.

Dreaded computer viruses, you hear all about these nasty nasties, but do you really know what they are and what havoc they can wreak? The mere thought conjures up devastation and turmoil and can get your imagination rolling. Tall tales, such as the Good Times Virus and other hoaxes, have made it hard for most of us non-anti-virus researchers to determine fact from fiction.

The following description seeks to get to the bottom of just what viruses are, how to avoid infestation, how to determine if you've caught one, and what to do if you have.

In the simplest of terms, a virus is a computer program that reproduces itself and attaches that copy to other computer programs. It does so in such a way that its instructions (viral code) are carried forward when the infected program is launched or when an infected disk is left in the disk drive and allowed to boot. The most troubling part about this is that it is done without the consent or knowledge of the computer user.

Viruses can be as benign as a minor case of acne, such as those that display pleasant or annoying messages, or as malignant as a full spread disease, such as those that destroy your data files and system.

Rest assured, only a small percentage of viruses are of the latter type. In fact, there are nearly 20,000 known viruses for the PC (There are a lot less Mac viruses.) of which only 500 are currently "in the wild" (circulating on unsuspecting computers). Of that, only 20-50 are known to cause serious damage. For more information on the prevalence of viruses, visit http://www.virusbtn.com/WildLists.

All viruses follow pretty much the same course of action. When the virus code is run it reproduces and infects other programs. When it starts to spread is usually a characteristic of that particular virus. Some infect each time they are run. Other more tricky ones infect when triggered by a certain time, date, function, or other external event.

Then some have an attack phase, otherwise known as a "payload," associated with them. A payload is the damaging effect of the virus that runs the gamut from deleting files or randomly changing data on your disk to playing music or creating messages or animations on your screen. When the virus inflicts its damage is also characteristic of the particular virus.

But most delay doing so only until after they've had time to spread. Some are written to spread only which is bothersome as well because they take up space and slow down your system.

A graduate student at MIT, as part of a controlled experiment he was conducting, wrote the first virus in 1986. A year later, hackers caught on and began writing and spreading viruses. By 1990-1991 the number of viruses found in the wild started to flourish. There are several types of viruses: Boot Sector, File, Macro, Polymorphic, Stealth and Resident viruses. Some viruses can possess characteristics of more than one of these types. (Please look for future Netspeak columns for a description of each.)

Prevention

Like sexually transmitted diseases (STDs), computer viruses existed prior to the popularity of the Internet, but as with the sexual revolution of the '70s, viruses have flourished with the widespread sharing of information. And, much like the efforts to control STDs, controlling computer viruses is to be done through education and practicing safe hex (a play on words which means to perform certain measures to protect your computer).

Here are some important preventative measures suggested by Bruce Burrell, AntiVirus Team Leader for the University of Michigan(His e-mail is bpb@umich.edu or visit his site athttp://www.umich.edu/~ wwwitd/virus-busters/.) that you can take to keep your data safe from viruses:

1. Be sure do a full back up of your system on a regular basis. The best way to clean up an infected file is to replace it with an original non-infected file. Not to mention the grief a current back up will save if a virus takes your system completely down. It's also a good idea to keep more than one set of backup in case the current one is infected before the virus is detected.

2. Always use an anti-virus software program, one with both an on-demand and an on-access scanner. You'll want to look for one that has a fairly complete database of viruses and that is updateable. New viruses are produced daily, so it's important to have software that can detect the latest threat.

Be sure to read the manual and follow the directions of the software program to ensure it's protecting you properly. Also, consider buying and using two different brands to be doubly protected. For an independent review of anti-virus programs check out these sites: http://www.virusbtn.com,http://www.west coast. com, http://www.uta.fi/laitokset/virus, or http://agn-www.inform atik.uni-hamburg.de/vtc/naveng.htm.

3. Update the virus database in your anti-virus program regularly (each month or by the direction of the manufacturer).

4. On a PC, change the CMOS setting of your boot up process from booting first on the A drive (floppy) and then on the C drive (hard drive) to just booting on the C drive. This will not only speed up your boot up process but also completely eliminate the risk of infecting your hard drive with an infected floppy disk.

If you should need to boot from a floppy you can easily change the settings back and reboot from the A drive. Please note: an infected non-bootable floppy disk can just as easily infect your hard drive as would an infected bootable one.

5. Don't allow your web browser to automatically run programs, such as MS Word or other programs through its e-mail program. Configure your browser to launch WordPad or Notepad instead. One of the biggest and growing threats is the macro virus, which is spread through data processing and spread sheet programs

6. Configure your web browsers to disable ActiveX, Java, and Javascript. You'll lose some of the fun the Web's been known for, but you'll save your computer from contracting a virus and speed up your connection.

7. Know that the only way a virus spreads is either by launching an infected file or by booting an infected disk. You can not get a virus by simply being online or by reading e-mail. You have to download and launch an infected file before it will spread. Therefore, do not launch any unsolicited executable files sent via e-mail.

8. Using an updated anti-virus program, scan all new software for viruses before installing them on your hard drive. Even shrink-wrapped software from major publishers has been known to contain viruses.

9. Be aware of hoaxes. To increase mass hysteria, there have been many stories conjured up and spread by unknowledgeable users. For a list of known hoaxes check out the following site:http://www.symantec.com/avcenter/hoax.html.

Viruses are not the only type of programs that are written solely to cripple computer systems or to use a computer in an unauthorized way. Other malicious programs are Logic Bombs, Trojan Horses, and Worms.