Defending your PC against the attack of the
killer code Portable Computing July, 1998
Viruses are a major problem for computer
users, especially users of microcomputer systems.
Multi-user computers, generally are not prone to viruses because the executable
protected from writing by the operating system. Even if a virus does infect
a program, its powers
are limited because other aspects of the system are protected. Single-user
systems, do not have
such protections and, as a result, a virus has free run.
Like worms, viruses are designed to spread into other
programs and can wreak havoc in
a system, including modifying or destroying files, and causing system
crashes and program
malfunctions. Unlike a worm, which is structured as a complete standalone
program, a virus is a
fragment of code embedded in a legitimate program.
The way viruses attach themselves to the system determines
their classification: “program”
viruses link to executable files, “boot” viruses infect the
boot record, and “multipartite” viruses infect
both the programs and boot sections. Common symptoms of infection are:
changes in program size,
programs taking longer to load, strange or modified file names, unexpected
files that suddenly appear
on your computer, and false file-modification dates.
Viruses usually spread through the Internet: upon downloading
viral programs from public
bulletin boards, opening e-mails with or without an attachment, or exchanging
floppy disks containing
an infection. Contrary to popular opinion, viruses can not infect a computer
downloading an infected program or popping a floppy into a diskette drive.
The virus can only be
activated when the infected program is run or the boot record is read.
The first line of defense against viruses is to keep
a write-protected backup copy of your
system disks. This procedure won´t stop a virus from infecting the
system, but it will make the
restoration process much easier. Actually, the best protection against
computer viruses is prevention,
or the practice of safe computing. Purchasing unopened software from vendors
and avoiding free or
pirated copies from public sources or floppy-disk exchange is the safest
route to preventing infection.
Another safeguard, while not preventing infection, does
permit early detection. Antivirus
programs work by searching all the programs on a system for the specific
pattern of instructions
that make up the virus. When they find a known pattern, they remove the
“disinfecting” the program. However, since new viruses are
being constantly developed, these
troubleshooting programs are only useful if they are continually updated.
There are solid antivirus
programs that scan new acquisitions and watch the system for signs of
virus infestation, adding the
new data to the list of clues they scan for.
So don’t double click or run anything until your
antivirus program scans it. If it finds a virus,
exit any programs you are running (other than the antivirus program).
If it recognizes the virus, it
should be able to easily remove it from your system. But, if the virus
is newer than your scanning
program, this one won’t recognize it and you will get a false negative.
If you update your antivirus
program regularly and let it scan everything before you run it, you will
probably never get a virus.