My Virus Information Page

A computer virus is a program designed to spread itself by first infecting executable files or the system areas of hard and floppy disks and then making copies of itself. Viruses usually operate without the knowledge or desire of the computer user.

2.What kind of files can spread viruses?

Viruses have the potential to infect any type of executable code, not just the files that are commonly called 'program files'. For example, some viruses infect executable code in the boot sector of floppy disks or in system areas of hard drives. Another type of virus, known as a 'macro' virus, can infect word processing and spreadsheet documents that use macros. And it's possible for HTML documents containing JavaScript or other types of executable code to spread viruses or other malicious code. Since virus code must be executed to have any effect, files that the computer treats as pure data are safe. This includes graphics and sound files such as .gif, .jpg, .mp3, .wav, etc., as well as plain text in .txt files. For example, just viewing picture files won't infect your computer with a virus. The virus code has to be in a form, such as an .exe program file or a Word .doc file, that the computer will actually try to execute.

3.How do viruses spread?

When you execute program code that's infected by a virus, the virus code will also run and try to infect other programs, either on the same computer or on other computers connected to it over a network . And the newly infected programs will try to infect yet more programs. When you share a copy of an infected file with other computer users, running the file may also infect their computers; and files from those computers may spread the infection to yet more computers. If your computer is infected with a boot sector virus, the virus tries to write copies of itself to the system areas of floppy disks and hard disks. Then the infected floppy disks may infect other computers that boot from them, and the virus copy on the hard disk will try to infect still more floppies. Some viruses, known as 'multipartite' viruses, can spread both by infecting files and by infecting the boot areas of floppy disks.

4.What do viruses do to computers?

Viruses are software programs, and they can do the same things as any other programs running on a computer. The actual effect of any particular virus depends on how it was programmed by the person who wrote the virus. Some viruses are deliberately designed to damage files or otherwise interfere with your computer's operation, while others don't do anything but try to spread themselves around. But even the ones that just spread themselves are harmful, since they damage files and may cause other problems in the process of spreading. Note that viruses can't do any damage to hardware: they won't melt down your CPU, burn out your hard drive, cause your monitor to explode, etc. Warnings about viruses that will physically destroy your computer are usually hoaxes, not legitimate virus warnings.

5.What is a Trojan horse program?

A type of program that is often confused with viruses is a 'Trojan horse' program. This is not a virus, but simply a program (often harmful) that pretends to be something else. For example, you might download what you think is a new game; but when you run it, it deletes files on your hard drive. Or the third time you start the game, the program E-mails your saved passwords to another person. Note: simply downloading a file to your computer won't activate a virus or Trojan horse; you have to execute the code in the file to trigger it. This could mean running a program file, or opening a Word/Excel document in a program (such as Word or Excel) that can execute any macros in the document.

6.What's the story on viruses and E-mail?

Disable ActiveX for safer Web browsing ActiveX controls were developed by Microsoft to provide an interactive Web experience. They allow Web pages to respond to your input. They also allow pages to act more like a program than a static document. Unfortunately, ActiveX controls are ideal tools for those who would attack your computer. Over the years, Internet Explorer has been their favored vehicle. It was built to take advantage of ActiveX controls. These controls pose a serious security threat that outweighs their benefits. So it's important to take steps to protect your computer and data from these threats. You probably have encountered ActiveX controls on the Internet. Web pages that play music probably use them. ActiveX controls can also open Windows media movies or Word documents inside a browser window. These small programs can do virtually anything. Thousands of ActiveX controls are available. And when Internet Explorer downloads them from a Web site and runs them, they have access to your computer. Other technologies, such as Java, can also run code within a browser. But by design, Java programs have little access to Windows. Problems with ActiveX have been a big contributor to the poor safety reputation of Internet Explorer. Firefox (www.mozilla.org), a free alternative Web browser, has captured a significant share of the browser market. One reason is its reputation for safety, because it does not accept ActiveX controls. Unfortunately, you'd find life without ActiveX inconvenient. Windows Update, for instance, requires ActiveX. You can't use Firefox to update Windows; you have to switch to Internet Explorer. That is occasionally true of other Web sites, too. I use Firefox for safety reasons. I have installed a plug-in, IEView, that allows me to switch to Internet Explorer when necessary. This might happen when a page is optimized for Internet Explorer, and doesn't work properly in Firefox. That could be because of ActiveX, or it might be another feature. To find IEView,
click Tools>>Extensions in Firefox.
Click Get More Extensions.

To use IEView, right-click the page you want to open in Internet Explorer.
Select View This Page in IE.
ActiveX Controls should be set to a safe level in Internet Explorer. You can do that by using the factory settings. Click Tools>>Internet Options. Select the Security tab. Be sure the Internet zone is selected. Click Default Level. If you want to continue using Internet Explorer, you can turn ActiveX off altogether. To do that, click Tools>>Internet Options. Again, be sure the Internet zone is selected. Click Custom Level. You'll find seven settings for ActiveX. Disable them all. You could set them back to Default Level when you need them. I still prefer Firefox. It has had security concerns, but it has one big security advantage. It is not part of Windows. Internet Explorer is an integral part of Windows, making you more vulnerable. So I only use Internet Explorer on sites where I have an expectation of safety. ActiveX is typical of older Microsoft products. Internet Explorer, and its ActiveX components, was built to maximize convenience and pleasure in surfing the Web. Less thought was given to security. Internet Explorer 7, which is under development, should certainly be safer. In the meantime, we all have to use common sense with today's Internet Explorer. When you use it, stay away from questionable sites, and don't download things you don't understand. Use a firewall and pay attention to its prompts. Keep your anti-virus and anti-spyware software updated. That should keep you out of trouble. You can't get a virus just by reading a plain-text E-mail message or Usenet post. What you have to watch out for are encoded messages containing embedded executable code (i.e., JavaScript in an HTML message) or messages that include an executable file attachment (i.e., an encoded program file or a Word document containing macros). In order to activate a virus or Trojan horse program, your computer has to execute some type of code. This could be a program attached to an E-mail, a Word document you downloaded from the Internet, or something received on a floppy disk. There's no special hazard in files attached to Usenet posts or E-mail messages: they're no more dangerous than any other file.

7. What can I do to reduce the chance of getting viruses from E-mail?

Treat any file attachments that might contain executable code as carefully as you would any other new files: save the attachment to disk and then check it with an up-to-date virus scanner before opening the file. If your E-mail or news software has the ability to automatically execute JavaScript, Word macros, or other executable code contained in or attached to a message, I strongly recommend that you disable this feature. My personal feeling is that if an executable file shows up unexpectedly attached to an E-mail, you should delete it unless you can positively verify what it is, who it came from, and why it was sent to you. The recent outbreak of the Melissa virus was a vivid demonstration of the need to be extremely careful when you receive E-mail with attached files or documents. Just because an E-mail appears to come from someone you trust, this does NOT mean the file is safe or that the supposed sender had anything to do with it.