What are computer viruses?

By: Alan Davy

Despite our awareness of computer viruses, how many of us can define what one is, or how it infects computers?
A computer virus must piggyback on top of some other program or document in order to be run. But the difference between a computer virus and other programs is that viruses are designed to make copies of themselves. Viruses often contain actions that can vary from printing a silly message on the screen to erasing all of the data on your computer's hard drive.

Viruses can be hidden in programs available on floppy disks, CDs, email attachments or in material downloaded from the web. If the virus has no obvious action, a user without anti-virus software may not even be aware that a computer is infected. The most common types of viruses are E-mail viruses, Worms, and Trojan horses.

An e-mail virus moves around in e-mail messages, and usually copies itself by automatically mailing itself to dozens of people in the victim's e-mail address book.

A worm is a small piece of software that uses computer networks and security loopholes to copy itself. A copy of the worm scans the network for another machine that has a specific security loophole. It copies itself to the new machine using the security loophole, and then starts copying from there as well. A Trojan horse is simply a computer program. The program claims to do one thing (it may claim to be a game) but instead causes damage when you run it. For example, it may erase your hard disk). Trojan horses have no way to copy themselves automatically.

Most of these viruses affect the computer in different ways. The most widespread types are Macro viruses, Boot sector viruses, and parasitic viruses.
Macro viruses are the most common type of viruses. A macro is an instruction that carries out program commands automatically. Many common applications such as word processing, spreadsheet, and slide presentation applications make use of macros. Macro viruses are macros that copy themselves. If a user accesses a document containing a viral macro and unwittingly runs this macro virus, it can then copy itself into that application's files. After that any document on that machine that uses the same application can then become infected. If the infected computer is on a network, the infection is likely to spread rapidly to other machines on the network.

Moreover, if a copy of an infected file is passed to anyone else (for example, by email or floppy disk), the virus can spread to the recipient's computer. This

process of infection will end only when the virus is noticed and all viral macros are eradicated.

The boot sector is the first software loaded onto your computer, this is needed to start the operating system. This program resides on a disk, and this disk can be either the hard disk inside the computer, a floppy disk or a CD. A boot sector virus infects computers by modifying the contents of the boot sector program. It replaces the legitimate contents with its own infected version. A boot sector virus can only infect a machine if it is used to boot-up your computer. For example, if you start your computer by using a floppy disk with an infected boot sector, your computer is likely to be infected. A boot sector cannot infect a computer if it is introduced after the machine has started running the operating system.

Parasitic viruses attach themselves to programs. When a user launches a program that has a parasitic virus, the virus is surreptitiously launched first. To cloak its presence from the user, the virus then triggers the original program to open. The parasitic virus, because the operating system understands it to be part of the program, is given the same rights as the program to which the virus is attached. These rights allow the virus to copy itself, install itself into memory, or carry out its action. In the absence of anti-virus software, only this action might raise the normal user's suspicions. A famous parasitic virus called Jerusalem has an action of slowing down the system and eventually deleting every program the user launches.

We can take precautionary measures to avoid being infected be a virus by:

* Paying attention to the material you download from the web. For example, don't open attachments to e-mails if you're not sure what they contain or who sent them to you.
* Keeping anti-virus software installed and regularly updated on your computer.
* And in case of infection by a virus, making backups of all important files and software so you can retrieve safe copies of them when needed.