Computer Crime Research Center

Viruses Explained
(By Jack Karp)

With 10 to 15 new viruses discovered per day, information about them could save you a lot of time, money, and hassle. Here's all you need to know.

Antivirus firm McAfee claims there are more than 58,000 virus threats currently in existence, and antivirus company Symantec estimates that 10 to 15 new viruses are discovered each day. So what is a virus, and how can you avoid becoming infected by one? Find out below from "CyberCrime's" virus overview.

What is a virus?

A virus is any computer program that can "self-replicate" or make copies of itself and spread itself from one machine to another without the help of the user.

Viruses are often programmed to carry out other actions separate from replication. These actions, or payloads, vary from the annoying (altering a computer's homepage) to the damaging (deleting files). Because viruses are computer programs, they can do anything a normal program can do, including deleting files, formatting hard drives, and overwriting the BIOS. But though many viruses do carry such payloads, a program does not need to have a payload in order to be considered a virus. Some viruses do nothing at all.

How do viruses spread?

Viruses can be spread via floppy disks or CDs, email attachments, or in material downloaded from the Web, although the majority of viruses that are currently a threat are spread by email. These viruses are usually hidden inside of attachments emailed to computer users, and the emails are usually labeled with intriguing subject lines -- "I Love You" or "Anna Kournikova Naked" -- designed to tempt users into opening them. When the attachment is opened, the virus is activated, and the user's computer becomes infected.

Often, viruses are programmed to spread themselves by emailing a copy of the attachment in which they're hidden to all the other email addresses in an infected computer's address book. So once your computer is infected, all your friends and contacts are at risk as well.

How do I avoid getting a virus?

The best way to avoid getting a computer virus is to never open attachments. Since most viruses are spread via email attachments, refusing to open such attachments will keep you from getting many viruses.

If you must open an attachment, contact the person who sent you the attachment to make sure they sent it. Because viruses often spread themselves via an infected computer's address book, emails from people you know aren't automatically safe.

Also, check the type of attachment before opening it. Attachments that end with the .vbs extension (Visual Basic script) or the .exe extension (program files) pose a real danger and are often how viruses are spread.

Finally, make sure to install and update antivirus software. Companies such as Norton, Symantec, and McAfee offer many kinds of antivirus programs, some of which are downloadable from the companies' websites. You can use this software to scan attachments for viruses before you open them.

You can also run an antivirus program that utilizes "on-access" scanning. This type of scanning takes place constantly, automatically checking every file, program, or document every time it is opened or used.

How does antivirus software work?

Antivirus software keeps a database of "fingerprints" -- a set of characteristic bytes from known viruses -- on file. It searches files and programs on your computer for that pattern, and when it finds a fingerprint it recognizes as belonging to a virus, the antivirus software notifies the user that that virus is present. There are also heuristic programs that look for virus-like behavior in programs, allowing the software to detect completely new viruses.

Antivirus software needs to be updated regularly so that it can search a computer for new viruses. Be sure to check with the company that produces your antivirus software package for periodic updates.

What do I do if I suspect my computer has become infected?

There could be many reasons for your computer to act strangely. If you think your computer may have a virus, the first thing you should do is find out for sure by running a virus scan of your machine. If you have antivirus software, have it search your computer for the latest viruses. If you do not have such software, many antivirus companies, including Symantec and McAfee, offer free virus scans on their websites.

Once you know for sure which virus you're dealing with, you can find a removal tool for that specific virus on some of these antivirus sites. Follow the instructions on the site carefully. Afterward, you may have to repair whatever the virus did.

It may also be a good idea to disconnect your computer from the Web or from your network once you realize it has been infected in order to keep the virus from sending itself to other machines via your email.

What are some of the most dangerous viruses to look out for?

It is estimated that there are more than 58,000 viruses currently in existence. Some are more dangerous or more widespread than others. Here is a short list of the most dangerous ones to look out for:

1. LoveLetter or ILOVEYOU
2. CIH or Chernobyl
3. Melissa
4. Magistr
5. Code Red
6. Resume
7. Nimda

These are just some of the viruses that currently exist. But plenty more are out there, and new ones are discovered each day. So, make sure to check antivirus resources for updates about the latest new viruses on the loose.


Home | What's New | Articles | Links
Library | Staff | Contact Us

Copyright Computer Crime Research Center 2001, 2002 All Rights Reserved.
Contact the CCRC Office at 380-612-735-907

Rambler's Top100 Rambler's Top100