Is Your PC Sick?
In the last year, ITS has seen more virus infections at our clients than all previous years combined. Now might be a good time to check your system for viruses! As you may know, computer viruses are tiny software programs that, when run, copy themselves (just like biological viruses) into other programs or systems. This is how they spread from system to system.
Historically, the most common way of spreading viruses is by sharing floppy disks with co-workers, or bringing disks back and forth from home. These disks are sometimes accidentally left in the disk drive when the PC is turned off for the night. The next morning, when it is turned on, the PC attempts to boot from the floppy drive since it finds a disk there. If a boot sector virus is on the disk, it can then copy itself to the hard drive-and yet still display the same "Non-system disk" error message that should normally appear. The virus then loads into memory once the PC is rebooted from the hard drive. Once activated, it typically infects ALL disks which are put into the PC from that point on! This happens regardless of whether or not the floppy disks in question are intended to be bootable. So you can see how a virus can quickly infect many disks. Unfortunately those disks can sit on the shelf for years and still infect (or re-infect) a PC down the road when they are used.
Virus Evolution
Until recently it was impossible for viruses to infect data files. However, some individuals discovered that it is possible to use the powerful new macro capabilities in newer versions of Microsoft Word and Excel to create viruses that in fact CAN and DO infect Word and Excel data files! These macro viruses also can infect Macintosh Word and Excel documents since the Windows and Macintosh versions of those programs are compatible. Many sources claim the new Winword.Concept virus is now the most commonly found virus. It is easy to see why, since once a PC is infected, all documents opened on that PC are infected as well. This virus therefore quickly spreads across networks.
Contrary to popular belief, downloading software from an electronic bulletin board (BBS) or the Internet is generally fairly safe, if the source of the files is a reputable company. Those companies generally scan files for viruses before making them publicly available, due to the potential negative publicity of making virus-infected files publicly available. Still, the only way to know for sure is to scan the files yourself.
Symptoms
How can you tell if you have a virus? Without using a virus scanner program, it can be pretty difficult. Most viruses try to hide themselves to escape early detection, so they can spread themselves to even more systems. We have found that most viruses are discovered when the user finds unintended side-effects when running normal programs, rather than by having the virus actually "trigger" and erase data.
Symptoms might include unexplained program errors and excessively long waits when accessing floppy disks (while the virus copies itself to the disk). Most viruses remain dormant until a specific length of time or a specific day (such as the well-known but over-hyped "Michelangelo" virus, or the "Happy Birthday Joshi" virus). Boot sector viruses sometimes render a hard drive unusable unless the PC is booted from an infected floppy disk.
Windows 95 users are likely to have a boot sector virus if their PC defaults to "MS-DOS Compatibility Mode" for the file system. To check this, right-click My Computer and choose Properties, then click the Performance tab. If the File System line reads "32-bit" you are in the clear. If not, you still do not necessarily have a virus since a few legitimate device drivers can force Windows 95 into this mode.
Good Times
A common question is whether e-mail messages can be infected. Until recently, the answer was no. In fact, one widespread hoax in the form of an e-mail message warns users not to read any e-mail with a subject of "Good Times." It is not possible to have a virus infect your system by reading email. However, you definitely should beware of any messages you receive that have attachments. Executable files can be sent as attachments, and unwary users can easily run them without first checking them for viruses. As a rule, you should always save attachments to a temporary directory and scan the files before running them. Also, consider the source of the message. Never blindly run a file that is sent to you by someone you do not know. It is easy to write a program that will not appear to be a virus to anti-virus software but will delete all the files on your hard drive, for example.
Anti-Virus Protection
By now you are undoubtedly wondering how to protect yourself from viruses. We feel the best way is to purchase and regularly use a virus scanning program. Make a special point of scanning each and every floppy disk that enters or leaves your office. ITS recommends using VirusScan, by Network Associates (formerly McAfee Associates), to scan for viruses as well as to remove them. Alternatively, use another highly-rated virus scanner such as Symantec's Norton Anti-Virus.
Once you purchase a scanner program, you are not finished! It is vital to obtain regular updates to the program to keep up with newly released viruses. According to some sources, anywhere from dozens to hundreds of new viruses are released every month. Any anti-virus software more than a year or so old cannot detect and remove the new macro viruses mentioned above. Most anti-virus vendors offer a period of free updates when you purchase their software. For example, multi-user versions of VirusScan come with two years of free updates which you can download from the Internet or have mailed to your door for an annual fee.
February 1998
Send this article to a friend!
Subscribe to The ITS Connection
Related articles
Links of Interest