One of the biggest fears among new computer users is being infected by a computer virus or programs designed to destroy their personal data. Viruses are malicious software programs that have been designed by other computer users to cause destruction and havoc on a computer and spread themselves to other computers where they can repeat the process.

Once the virus is made, it is often distributed through shareware, pirated software, e-mail, P2P programs, or other programs where users share data.

A computer virus is a software program that was first written Rich Skrenta in 1982 who was a 15-year old high school student. Known as The Elk Cloner this virus spread to other computers by monitoring the floppy drive and copying itself to any floppy diskette that was inserted into the computer. Once a floppy diskette became infected it would infect all other computers that disk was inserted into, each computer that was infected would then infect every floppy diskettes inserted into it. A computer that was infected would also display a short poem on every 50th boot.

Computer users can help protect themselves against computer viruses, malware, and other computer security threats by installing an antivirus protection program.

Also see our virus question and answer section for other common questions about computer viruses.

How computer viruses are contracted

In the past the majority of computer viruses were contracted from users sharing data using floppy diskettes. However, with the increased popularity of the Internet most computer viruses are contracted today through e-mail and by downloading software over the Internet or P2P sharing.

See document CH001045 for additional information about how your computer could become infected with a virus.

Virus properties

Below is a listing of some of the different properties a computer virus is capable of having and what the particular property is capable of doing. Keep in mind that not all viruses will have every one of these abilities.

Your computer can be infected even if files are just copied. Because some viruses are memory resident, as soon as a diskette or program is loaded into memory, the virus then attaches itself into memory and then is capable of infecting any file on the computer you have access to.

Can be Polymorphic. Some viruses have the capability of modifying their code, which means one virus could have various amounts of similar variants. This is also true with e-mail viruses that change the subject or body of the message to help from being detected.

Can be memory or non-memory resident. As mentioned earlier a virus is capable of being either memory resident where the virus first loads into memory and then infects a computer or non-memory resident where the virus code is only executed each time a file is opened.

Can be a stealth virus. Stealth viruses will first attach itself to files on the computer and then attack the computer; this causes the virus to spread more rapidly.

Viruses can carry other viruses. Because viruses are only software programs a virus may also carry other viruses making the virus more lethal and help the primary virus hide or assist the primary virus with infecting a particular section of the computer.

Can make the system never show outward signs. Some viruses can hide changes made, such as when a file was last modified making the virus more difficult to detect.

Can stay on the computer even if the computer is formatted. Some Viruses have the capability of infecting different portions of the computer such as the CMOS battery or master boot record. Finally, if a computer is completely erased and the virus is on a backup disk it can easily re-infect the computer.

How viruses may affect files

Viruses can affect any files; however, usually attack .com, .exe, .sys, .bin, .pif or any data files - Viruses have the capability of infecting any file; however, will generally infect executable files or data files, such as word or excel documents that are opened frequently and allow the virus to try infecting other files more often.

Increase the files size - When infecting files, virtues will generally increase the size of the file; however, with more sophisticated viruses these changes can be hidden.

It can delete files as the file is run - Because most files are loaded into memory, once the program is in memory the virus can delete the file used to execute the virus.

It can corrupt files randomly - Some destructive viruses are not designed to destroy random data but instead randomly delete or corrupt files.

It can cause write protect errors when executing .exe files from a write protected disk - Viruses may need to write themselves to files that are executed; because of this, if a diskette is write protected, you may receive a write protection error.

It can convert .exe files to .com files - Viruses may use a separate file to run the program and rename the original file to another extension so the exe is run before the com.

It can reboot the computer when executed - Numerous computer viruses have been designed to cause a computer to reboot, freeze, or perform other tasks not normally exhibited by the computer.

What viruses may do to a computer

Below are possibilities you may experience when you are infected with a virus. Remember that you also may be experiencing any of the below issues and not have a virus.

• Deleted files.

• Various messages in files or on programs.

• Changes volume label.

• Marks clusters as bad in the FAT.

• Randomly overwrites sectors on the hard disk.

• Replaces the MBR with own code.

• Create more than one partition.

• Attempts to access the hard disk drive, which can result in error messages such as: Invalid drive specification.

• Causes cross-linked files.

• Causes a "sector not found" error.

• Cause the system to run slow.

• Logical partitions created, partitions decrease in size.

• A directory may be displayed as garbage.

• Directory order may be modified so files, such as COM files, will start at the beginning of the directory.

• Cause Hardware problems such as keyboard keys not working, printer issues, modem issues etc.

• Disable ports such as LPT or COM ports.

• Caused keyboard keys to be remapped.

• Alter the system time / date.

• Cause system to hang or freeze randomly.

• Cause activity on HDD or FDD randomly.

• Increase file size.

• Increase or decrease memory size.

• Randomly change file or memory size.

• Extended boot times.

• Increase disk access times.

• Cause computer to make strange noises, make music, clicking noises or beeps.

• Display pictures.

• Different types of error messages.

Detecting viruses

The recommended method of detecting and cleaning the computer from any computer viruses or other malware is an antivirus protection program. A listing of antivirus protection programs and what they help protect can be found on document CH000514.

Alternatively, a user can look at various aspects of the computer and detect possible signs indicating a virus is on the computer. While this method can be used to determine some viruses, it cannot clean or determine the exact virus you may or may not have and is not recommended.

Virus myths

Below are come comments we've come across that are common misconceptions when it comes to computer viruses and other malware.

"If I download a file onto a disk, I don't have to worry about a viruses." - This is not true, just because you've placed a file on a diskette or moved a file from a diskette to your hard drive does not mean that your computer cannot be infected. Many viruses are memory resident and capable of loading themselves into memory once a diskette is placed in the computer.

"If I buy sealed software I don't have to worry about viruses." or "If I just buy registered software I don't have to worry about viruses." - This is not always true, just because the program may be surrounded in plastic doesn't mean that it cannot be infected with a virus. When a software program is saved onto a diskette or disc if that computer or program is infected the virus will attach itself. Although this issue very rarely occurs it is still a possibility.

"If I don't download anything off of the Internet I don't have to worry about viruses." - This is definitely not true. Although most companies and web sites will scan the files for viruses before they make them available to download some may not. In addition many people create a site or a file to download with the intention of spreading a virus, spyware, Trojan horses, or other malware.

"If I just read my e-mail, I will not have to worry about viruses." - Not true; there are viruses out there that are distributed through e-mail; also, files can be attached with e-mail and if executed can infect the computer. Today this is one of the most common ways computer viruses spread around the world.

"If I don't get on the Internet I don't have to worry about viruses." - This, unfortunately, is not the case. Although many viruses are spread over the Internet today it is still possible to contract a computer virus form any diskette or disc you put in the computer.

"You can contract viruses from just looking at web pages." - Not true. However, you can contract a virus if you download and execute a file from that web page. In addition spyware and other scripts can be executed from just viewing a web page. Although these programs are not designed to delete files on your computer they should be considered a privacy violation.

Other Maintenance Categories:

• Monitor's Maintenance

• Formatting Floppy Disks

• Daily, Weekly, and Monthly Maintenance

• Deleting Unnecessary Files

• Hard Drives

• Using Scandisk

• Input Devices (Keyboards, Mouse, Joysticks)

• Peripherals

• Computer Toolbox

• Budget Web Hosting

• Defragmentation of  Your Drive