Computer virus help

Updated: 05/21/2018 by Computer Hope
computer security

Virus ABCs

One of the biggest fears among new computer users is being infected by a computer virus or programs designed to destroy or steal personal data. Viruses are malicious programs designed by people to cause destruction and havoc on a computer and spread themselves to other computers where they can repeat the process.

Once the virus is made, it is often distributed through shareware, pirated software, e-mail, P2P programs, or other programs where users share data.

A computer virus is a program that was first written Rich Skrenta in 1982 who was a 15-year old high school student. Known as the Elk Cloner, this virus spread to other computers by monitoring the floppy drive and copying itself to any floppy diskette that was inserted into the computer. Once a floppy diskette became infected, all other computers that used the disk became infected. A computer that was infected would also display a short poem on every 50th boot.

Computer users can help protect themselves against computer viruses, malware, and other computer security threats by installing an antivirus protection program.

See the virus questions and answers section for other common questions about computer viruses.

How computer viruses are contracted

In the past, the majority of computer viruses were contracted from users sharing data using floppy diskettes. However, with the increased popularity of the Internet, most computer viruses are contracted today through e-mail and by downloading software over the Internet or P2P sharing.

Virus properties

Below is a listing of some of the different properties a computer virus is capable of having and what the particular property is capable of doing. Keep in mind that not all viruses have all of these abilities.

Your computer can be infected even if files are only copied

Because some viruses are memory resident, as soon as a diskette or program is loaded into memory, the virus is capable of infecting any file on the computer you can access.

Can be polymorphic

Some viruses have the capability of modifying their code, which means one virus could have various amounts of similar variants. Polymorphic viruses can also change how they are delivered, such as changing the subject or body of the message to help them from being detected.

Can be a stealth virus

Stealth viruses will first attach itself to files on the computer and then attack the computer; this causes the virus to spread more rapidly.

Viruses can carry other viruses

Because viruses are only code, a virus can also become infected with other viruses making it possible for a virus to infect your computer with different viruses at once.

Can make the system never show outward signs

Some viruses can hide changes made, such as when a file was last modified making the virus more difficult to detect.

Can stay on the computer even if the computer is formatted

Some viruses have the capability of infecting different portions of the computer such as the master boot record. Also, if a computer is completely erased and the virus is on a backup, it can re-infect the computer if the backup is restored back onto the computer.

How viruses may affect files

Viruses can affect any files; however, usually attack .com, .exe, .sys, .bin, .pdf, .pif or any data files

Viruses have the capability of infecting any file including executable files or data files, such as Microsoft Word documents or Excel spreadsheets. Most viruses target files that are used frequently to help with infecting more files and computers.

Increase the files size

When infecting files, viruses will increase the file size. However, with more sophisticated viruses these changes can be hidden.

A virus can delete files as the file is run

Because most files are loaded into memory, once the program is in memory the virus can delete the file used to execute the virus to help hide its tracks.

It can corrupt files randomly

Some destructive viruses are designed to corrupt, destroy, and delete files.

It can cause write-protect errors when executing .exe files from a write-protected disk

Viruses may need to write themselves to files that are executed; because of this, if a diskette is write-protected, you may receive a write-protection error.

It can convert .exe files to .com files

Viruses may use a separate file to run the program and rename the original file to another file extension, so the exe file is run before the com file.

It can reboot the computer when executed

Numerous computer viruses have been designed to cause a computer to reboot, freeze, or perform other tasks not normally exhibited by the computer. However, keep in mind that although your computer may be exhibiting these symptoms it does not mean your computer has a virus.

What viruses may do to a computer

Below are different issues you may experience when you are infected with a virus. Keep in mind that you also may be experiencing any of the below issues by another computer-related issue and not a virus.

  • Deleted files.
  • Various error messages in files or on programs.
  • Changes volume label.
  • Marks clusters as bad in the FAT.
  • Randomly overwrites sectors on the hard drive.
  • Replaces the MBR with own code.
  • Create more than one partition.
  • Attempts to access the hard drive, which can result in error messages such as "Invalid drive specification."
  • Causes cross-linked files.
  • Causes a "sector not found" error.
  • Cause the system to run slow.
  • Logical partitions created, partitions decrease in size.
  • A directory is shown as garbage.
  • The directory order may be modified to cause files such as COM files to start before EXE files.
  • Cause hardware problems such as keyboard keys not working, printer issues, modem issues, etc.
  • Disable ports such as LPT or COM ports.
  • Caused keyboard keys to be remapped.
  • Alter the system time and date.
  • Cause system to hang or freeze randomly.
  • Cause activity on HDD or FDD randomly.
  • Increase file size.
  • Increase or decrease memory size.
  • Randomly change file or memory size.
  • Extended boot times.
  • Increase disk access times.
  • Cause a computer to make strange noises, make music, clicking noises, or beeps.
  • Display pictures randomly.
  • Unusual or undocumented error messages.

Detecting viruses

The recommended method of detecting and cleaning the computer from any computer viruses or other malware is an antivirus or antimalware protection program.

Alternatively, a user can look at various aspects of the computer and detect possible signs indicating a virus is on the computer. While this method can be used to determine some viruses, it cannot clean or determine the exact virus you may or may not have and is not recommended.

Virus myths

Below are come comments we've come across that are common misconceptions when it comes to computer viruses and other malware.

"If I download a file onto a disk, I don't have to worry about viruses." - Although you've placed a file on a diskette or moved a file from a diskette to your hard drive does not mean that your computer cannot be infected. Many viruses are memory resident and capable of loading themselves into memory once a diskette is placed in the computer.

"If I buy sealed software, I don't have to worry about viruses." or "If I buy registered software, I don't have to worry about viruses." - Even a program may be surrounded by plastic doesn't mean that it cannot be infected with a virus. When software is saved onto a diskette or disc, if that computer or program is infected, the virus will attach itself. Although this issue very rarely occurs, it is still a possibility.

"If I don't download anything off of the Internet, I don't have to worry about viruses." - Although many of today's viruses and other malware come from downloading files, it is still possible to become infected even if you don't download any files. Also, when you are on the Internet, almost everything you view is downloaded to your computer.

"If I only read my e-mail, I will not have to worry about viruses." - Not true; there are viruses out there that are distributed through e-mail; also, files can be attached with e-mail and if executed can infect the computer. Today, this is one of the most common ways computer viruses spread around the world.

"If I don't get on the Internet, I don't have to worry about viruses." - Although many viruses are spread over the Internet today, it is still possible to contract a computer virus form any diskette, disc, or USB drive you put in the computer.

"You can contract viruses from looking at web pages." - True. Although it's more common to get viruses and malware from files you download from a website, it is also possible to become infected by malware and spyware by visiting a website. If a website has a bad ActiveX or JavaScript file, it's possible to spy on your habits and infect the computer with other malware and spyware.