A computer virus is a program designed to spread itself by first infecting
executable files or the system areas of hard and floppy disks and then
making copies of itself. Viruses usually operate without the knowledge or
desire of the computer user.
2.What kind of files can spread viruses?
Viruses have the potential to infect any type of executable code, not just
the files that are commonly called 'program files'. For example, some
viruses infect executable code in the boot sector of floppy disks or in
system areas of hard drives. Another type of virus, known as a 'macro'
virus, can infect word processing and spreadsheet documents that use
macros. And it's possible for HTML documents containing JavaScript or other
types of executable code to spread viruses or other malicious code.
Since virus code must be executed to have any effect, files that the
computer treats as pure data are safe. This includes graphics and sound
files such as .gif, .jpg, .mp3, .wav, etc., as well as plain text in .txt
files. For example, just viewing picture files won't infect your computer
with a virus. The virus code has to be in a form, such as an .exe program
file or a Word .doc file, that the computer will actually try to execute.
3.How do viruses spread?
When you execute program code that's infected by a virus, the virus code
will also run and try to infect other programs, either on the same computer
or on other computers connected to it over a network . And the newly
infected programs will try to infect yet more programs.
When you share a copy of an infected file with other computer users,
running the file may also infect their computers; and files from those
computers may spread the infection to yet more computers.
If your computer is infected with a boot sector virus, the virus tries to
write copies of itself to the system areas of floppy disks and hard disks.
Then the infected floppy disks may infect other computers that boot from
them, and the virus copy on the hard disk will try to infect still more
floppies.
Some viruses, known as 'multipartite' viruses, can spread both by infecting
files and by infecting the boot areas of floppy disks.
4.What do viruses do to computers?
Viruses are software programs, and they can do the same things as any other
programs running on a computer. The actual effect of any particular virus
depends on how it was programmed by the person who wrote the virus.
Some viruses are deliberately designed to damage files or otherwise
interfere with your computer's operation, while others don't do anything but
try to spread themselves around. But even the ones that just spread
themselves are harmful, since they damage files and may cause other problems
in the process of spreading.
Note that viruses can't do any damage to hardware: they won't melt down your
CPU, burn out your hard drive, cause your monitor to explode, etc. Warnings
about viruses that will physically destroy your computer are usually hoaxes,
not legitimate virus warnings.
5.What is a Trojan horse program?
A type of program that is often confused with viruses is a 'Trojan horse'
program. This is not a virus, but simply a program (often harmful) that
pretends to be something else.
For example, you might download what you think is a new game; but when you
run it, it deletes files on your hard drive. Or the third time you start
the game, the program E-mails your saved passwords to another person.
Note: simply downloading a file to your computer won't activate a virus or
Trojan horse; you have to execute the code in the file to trigger it. This
could mean running a program file, or opening a Word/Excel document in a
program (such as Word or Excel) that can execute any macros in the document.
6.What's the story on viruses and E-mail?
Disable ActiveX for safer Web browsing
ActiveX controls were developed by Microsoft to provide an interactive
Web experience. They allow Web pages to respond to your input. They
also allow pages to act more like a program than a static document.
Unfortunately, ActiveX controls are ideal tools for those who would
attack your computer. Over the years, Internet Explorer has been their
favored vehicle. It was built to take advantage of ActiveX controls.
These controls pose a serious security threat that outweighs their
benefits. So it's important to take steps to protect your computer and
data from these threats.
You probably have encountered ActiveX controls on the Internet. Web
pages that play music probably use them. ActiveX controls can also open
Windows media movies or Word documents inside a browser window.
These small programs can do virtually anything. Thousands of ActiveX
controls are available. And when Internet Explorer downloads them from
a Web site and runs them, they have access to your computer.
Other technologies, such as Java, can also run code within a browser.
But by design, Java programs have little access to Windows.
Problems with ActiveX have been a big contributor to the poor safety
reputation of Internet Explorer. Firefox (www.mozilla.org), a free
alternative Web browser, has captured a significant share of the
browser market. One reason is its reputation for safety, because it does
not accept ActiveX controls.
Unfortunately, you'd find life without ActiveX inconvenient. Windows
Update, for instance, requires ActiveX. You can't use Firefox to update
Windows; you have to switch to Internet Explorer. That is occasionally
true of other Web sites, too.
I use Firefox for safety reasons. I have installed a plug-in, IEView,
that allows me to switch to Internet Explorer when necessary. This
might happen when a page is optimized for Internet Explorer, and
doesn't work properly in Firefox. That could be because of ActiveX, or
it might be another feature.
To find IEView,
7. What can I do to reduce the chance of getting viruses from E-mail?
Treat any file attachments that might contain executable code as carefully
as you would any other new files: save the attachment to disk and then check
it with an up-to-date virus scanner before opening the file.
If your E-mail or news software has the ability to automatically execute
JavaScript, Word macros, or other executable code contained in or attached
to a message, I strongly recommend that you disable this feature.
My personal feeling is that if an executable file shows up unexpectedly
attached to an E-mail, you should delete it unless you can positively
verify what it is, who it came from, and why it was sent to you.
The recent outbreak of the Melissa virus was a vivid demonstration of the
need to be extremely careful when you receive E-mail with attached files or
documents. Just because an E-mail appears to come from someone you trust,
this does NOT mean the file is safe or that the supposed sender had anything
to do with it.
click Tools>>Extensions in Firefox.
Click Get More
Extensions.
To use IEView, right-click the page you want to open in
Internet Explorer.
Select View This Page in IE.
ActiveX Controls should be set to a safe level in Internet Explorer.
You can do that by using the factory settings. Click Tools>>Internet
Options. Select the Security tab. Be sure the Internet zone is
selected. Click Default Level.
If you want to continue using Internet Explorer, you can turn ActiveX
off altogether. To do that, click Tools>>Internet Options. Again, be
sure the Internet zone is selected. Click Custom Level. You'll find
seven settings for ActiveX. Disable them all. You could set them back
to Default Level when you need them.
I still prefer Firefox. It has had security concerns, but it has one
big security advantage. It is not part of Windows. Internet Explorer is
an integral part of Windows, making you more vulnerable. So I only use
Internet Explorer on sites where I have an expectation of safety.
ActiveX is typical of older Microsoft products. Internet Explorer, and
its ActiveX components, was built to maximize convenience and pleasure
in surfing the Web. Less thought was given to security. Internet
Explorer 7, which is under development, should certainly be safer.
In the meantime, we all have to use common sense with today's Internet
Explorer. When you use it, stay away from questionable sites, and don't
download things you don't understand. Use a firewall and pay attention
to its prompts. Keep your anti-virus and anti-spyware software updated.
That should keep you out of trouble.
You can't get a virus just by reading a plain-text E-mail message or Usenet
post. What you have to watch out for are encoded messages containing
embedded executable code (i.e., JavaScript in an HTML message) or messages
that include an executable file attachment (i.e., an encoded program file or
a Word document containing macros).
In order to activate a virus or Trojan horse program, your computer has to
execute some type of code. This could be a program attached to an E-mail, a
Word document you downloaded from the Internet, or something received on a
floppy disk. There's no special hazard in files attached to Usenet posts or
E-mail messages: they're no more dangerous than any other file.