How Do Computer Viruses Work?greenspun.com : LUSENET : TimeBomb 2000 (Y2000) : One Thread
I'm impressed with all the input on this Forum from so many computer experts, even though I don't understand much of it! On local news Friday night, they told about a virus Sunday, and suggested unplugging. The man at the store, where I got my computer, said it was a good idea. So, I did, from Saturday night til Monday morning.. Sunday afternoon, a friend called and said a TV news report stated 50% of U. of Texas computers crashed. How does this happen? Could you explain, in non-technical terms! A non-expert explained to me that a virus enters through the internet, will lie dormant, then "attack". How does anyone know when the attack will come? The TV report said this is going to happen the 26th of EVERY month! I'm just curious, and want to protect my computer. Thanks!
-- Holly Allen (Holly3325@juno.com), July 28, 1998
Well, I'm no programmer but this is what I understand about viruses (which, by the way Y2K isn't).
A computer virus is a computer program written BY someone. They are written mostly for malicious or caprious reasons, or just because someone CAN. Years ago I read about the so-called Bulgarian Virus Factory, where banks of programmers were busy writing code to inject to cause whatever they could.
A virus does not JUST enter your computer through the Internet, but since so many people are online now, I suspect that is the way most computers get infected. If a diskette or CD rom has a virus amongst the coding and you access it, and/or store it on your hard disk, you can get the bug that way too.
There are many good anti-virus programs available, both commercial and shareware versions. When you have one it is important to update the program's list of fixable/detectable viruses regularly, as hundreds and probably thousands of new viruses appear monthly.
If you take care not to download files directly onto your hard disk from the internet you will not acquire any virus that may be embedded there. Then you tell your handy virus detect program to scan the diskette,...and if it is free of virus, you're home free.
That is what I understand. I'm sure a programmer can tell you more...
-- Donna Barthuley (firstname.lastname@example.org), July 28, 1998.
Donna - Sounds like you know a lot! Actually, you can't get a virus from reading e-mail or even from downloading programs onto your hard disk. You can get them two ways: 1. From booting your computer while a disk is in your A drive (so-called boot sector viruses) 2. Executing a program (or opening a document) which harbors a virus.
You should definitely have the latest version of your virus software. Anytime you download a file or document, run your virus checker on it before opening/executing it. Similarly everytime you stick a new disk or CD into your computer, run the virus checker on it before you execute anything that is on it.
-- Amy Leone (email@example.com), July 29, 1998.
Holly - this is a timely question. Just this morning there was an article on the front page of the NY Times about a new class of viruses which can infect computers through e-mail. I'll describe that below, but first I'll describe two more common types of viruses.
Until fairly recently, all viruses consisted of programs which had to actually be executed on the infected computer before they had any effect. At first, the moron's who wrote these used a "trojan horse" technique to trick people into running them, disguising the virus to look like a game or something. As they grew more sophisticated, they would piggyback the viral code onto real programs and add features which would allow the virus to replicate itself (infect other programs) and hide (wait until some event or a particular date before doing their damage).
A newer, more popular form of virus is the Macro Virus. This consists of a set of "macro instructions" embedded into a document. When you open the document using the program used to create it (e.g. Word) the macro is executed. The effect varies, but they usually cause the host program to behave in unexpected, really annoying ways - like scewing up the formats it saves documents in. Of course, these viruses also insert themselves into any new documents that you manage to create, so anyone you pass a document to can have fun also.
Anti-viral programs work by reading the code of the programs on your computer, looking for the signature (code sequence) of known viruses. They also can scan documents looking for known macro viruses. Since people are constantly creating new viruses, it is important that you periodically get updates to any anti-viral software you are running - otherwise it will not find the new ones.
The new class of virus mentioned in the NY Times this morning is mailed to you as an attachment to a mail message. It turns out that several popular mail programs (Outlook, Outlook 98, and Netscape Mail) have a flaw which can result in the attachment being executed on the receiving computer, WITHOUT THE USER RUNNING THE PROGRAM! The article did not do a good job of explaining how this works - and I am happy they didn't. Microsoft and Netscape are both working on fixes and Semantic is trying to figure out how to modify their anti-viral software to handle this latest challenge.
Ain't progress wonderful?
-- Ed Perrault (EdPerrault@Compuserve.com), July 29, 1998.