Computer virus help

Virus ABCs

One of the biggest fears among new computer users is being infected by a computer virus or programs designed to destroy or steal personal data. Viruses are malicious programs designed by people to cause destruction and havoc on a computer and spread themselves to other computers where they can repeat the process.

Once the virus is made, it is often distributed through shareware, pirated software, e-mail, P2P programs, or other programs where users share data.

A computer virus is a program that was first written by Rich Skrenta in 1982, who was a 15-year old high school student. Known as the Elk Cloner, this virus spread to other computers by monitoring the floppy drive and copying itself to any floppy diskette inserted into the computer. Once a floppy diskette became infected, all other computers that used the disk became infected. A computer that was infected would also display a short poem on every 50th boot.

Computer users can help protect themselves against computer viruses, malware, and other computer security threats by installing an antivirus protection program.

See the virus questions and answers section for other common questions about computer viruses.

How computer viruses are contracted

In the past, the majority of computer viruses were contracted from users sharing data using floppy diskettes. However, with the increased popularity of the Internet, most computer viruses are contracted today through e-mail and by downloading software over the Internet or P2P sharing.

• How does a computer get infected with a virus or spyware?

Virus properties

Below is a list of different computer virus properties and what each property is capable of doing. Keep in mind that not all viruses have all of these abilities.

Your computer can be infected even if files are only copied

Because some viruses are memory resident, once in memory it can infect any file or drive on the computer you can access. Even after the infected program or document is closed.

Can be polymorphic

Some viruses have the capability of modifying their code, which means one virus could have various amounts of similar variants. Polymorphic viruses can also change how they are delivered, such as changing the subject or body of the message to help them from being detected.

May be a stealth virus

Stealth viruses first attach themselves to files on the computer and then attacks the computer. This type of tactic allows the virus to spread more rapidly.

Viruses can carry other viruses

Because viruses are only code, a virus can also become infected with other viruses and infect your computer with multiple viruses.

Can make the system never show outward signs

Some viruses can hide changes made, such as when a file was last modified, making the virus more difficult to detect.

Can stay on the computer even if the computer is formatted

Some viruses have the capability of infecting different portions of the computer, such as the master boot record. Also, if a computer virus is on a backup, it can re-infect the computer when the backup is restored.

How viruses may affect files

Viruses can affect any files; however, usually attack .com, .exe, .sys, .bin, .pdf, .pif or any data files

Viruses have the capability of infecting any file, including executable files or data files, such as Microsoft Word documents or Excel spreadsheets. Most viruses target files used frequently to help with infecting more files and computers.

Increase the files size

When infecting files, viruses increase the file size. However, with more sophisticated viruses, these changes can be hidden.

A virus can delete files as the file is run

Because most files are loaded into memory, once the program is in memory it can delete the file used to execute the virus to help hide its tracks.

It can corrupt files randomly

Some destructive viruses are designed to corrupt, destroy, and delete files.

It can cause write-protect errors when executing .exe files from a write-protected disk

Viruses may need to write themselves to files that are executed; because of this, if a diskette is write-protected, you may receive a write-protection error.

It can convert .exe files to .com files

Viruses may use a separate file to run the program and rename the original file to another file extension, so the exe file is run before the com file.

It can reboot the computer when executed

Numerous computer viruses cause a computer to reboot, freeze, or perform other tasks not normally exhibited by the computer. However, keep in mind that although your computer may be exhibiting these symptoms, it does not mean your computer has a virus.

• Windows freezes or stops responding frequently.
• Why does Windows restart without warning?
• Why do computers get problems?

What viruses may do to a computer

Below are different issues you may experience when you are infected with a virus. However, keep in mind you also may be experiencing any of the below issues by another computer-related issue and not a virus.

• Deleted files.
• Various error messages in files or on programs.
• Changes volume label.
• Marks clusters as bad in the FAT.
• Randomly overwrites sectors on the hard drive.
• Replaces the MBR with own code.
• Create more than one partition.
• Attempts to access the hard drive, which can result in error messages such as "Invalid drive specification."
• Causes cross-linked files.
• Causes a "sector not found" error.
• Cause the system to run slow.
• Logical partitions created, partitions decrease in size.
• A directory is shown as garbage.
• The directory order may be modified to cause files such as COM files to start before EXE files.
• Cause hardware problems such as keyboard keys not working, printer issues, modem issues, etc.
• Disable ports such as LPT or COM ports.
• Caused keyboard keys to be remapped.
• Alter the system time and date.
• Cause system to hang or freeze randomly.
• Cause activity on HDD or FDD randomly.
• Increase file size.
• Increase or decrease memory size.
• Randomly change file or memory size.
• Extended boot times.
• Increase disk access times.
• Cause a computer to make strange noises, make music, clicking noises, or beeps.
• Display pictures randomly.
• Unusual or undocumented error messages.

Detecting viruses

The recommended method of detecting and cleaning the computer from any computer viruses or other malware is an antivirus or antimalware protection program.

• What are the currently available antivirus programs?
• How do I remove a virus and malware from my computer?

Alternatively, a user can look at various aspects of the computer and detect possible signs indicating a virus is on the computer. While this method can determine some viruses, it doesn't determine the exact virus you may or may not have and is not recommended.

Virus myths

Below are some comments we've come across that are common misconceptions when it comes to computer viruses and other malware.

"If I download a file onto a disk, I don't have to worry about viruses."

A file on a diskette or another drive can still be infected. Many viruses are memory resident and capable of loading themselves into memory once a diskette is placed in the computer it could become immediately infected. Anywhere you can save or edit a file, a virus can infect.

"If I buy sealed software, I don't have to worry about viruses."
"If I buy registered software, I don't have to worry about viruses."

A program disc surrounded by plastic doesn't protect it from a virus. When software is saved onto a diskette or disc, if that computer is infected, the virus could also be saved. Although software from a developer is rarely infected, it's still possible and has happened.

"If I don't download anything from the Internet, I won't get a virus."

Although many of today's viruses and other malware come from downloading files, it's still possible to get infected without downloading. Also, when you are on the Internet, almost everything you view is downloaded to your computer.

"If I only read my e-mail, I will not have to worry about viruses."

Not true; some viruses are distributed through e-mail. Also, files can be attached to e-mail and if executed, can infect the computer. Today, this is one of the most common ways computer viruses spread around the world.

"If I don't get on the Internet, I don't have to worry about viruses."

Although most viruses spread over the Internet today, a computer virus can infect from a diskette, disc, or USB drive. Also, if the computer connects to other computers over a local network, any other computer on the network with access could infect a computer.

"You can contract viruses from looking at web pages."

True. Although it's more common to get viruses and malware from files you download from a website, it's also possible to be infected by malware by visiting a website. If a website has a bad ActiveX or JavaScript file, it's possible to spy on your habits and infect the computer with other malware and spyware.