by Josh Lewis / Torre Lasley (January 6, 2001)

As computer use becomes more widespread, so does the rate of virus transmissions. Although nearly every computer virus can be detected using modern virus protection software, sometimes anti-virus software alone is not enough.

Q: What is a virus?
Torre: A virus is any program which can replicate itself and spread to other computers without the user's permission or knowledge. A virus can be spread many different ways, and the payload, or outcome of execution, is not always destructive. Some virii are content with simply replicating themselves. These virii are called worms. Worms usually do not directly harm a computer, but they can slow down a service (such as email) much like a traffic jam. Another program commonly confused with a virus is a trojan. A trojan, named after the legendary Trojan Horse, is a backdoor program which normally allows another user the ability to control the infected computer. A virus can also come in the form of a macro. Macros are prerecorded commands that perform a specific function. Macro virii are commonly spread through Microsoft Office documents. Microsoft Office has built-in macro virus protection. It is not 100% effective, so it is a good idea to keep your anti-virus software up to date!

Q: Why are virii so widespread these days?
Josh: A large percentage of computer users do not know what a virus is or how it spreads and they also usually use the same Operating System (Windows 95/98, etc.). Thus, it is easy for a virus writer to make a virus able to work on millions of computers.

Q: Can I get a virus from downloading files from a website?
Torre: When downloading files from the Internet, try to avoid sites you do not trust. If you are downloading from a large corporate site such as www.microsoft.com, chances of virus transmission are limited. When receiving files from personal websites, keep in mind that programs are usually not scanned routinely for the latest virii. Although the site in question may not intentionally spread a virus, the likelihood of infection is increased with smaller sites. So, when in doubt, try to download files from a trusted provider and avoid personal sites.

Q: What do I do when someone sends me a program through email?
Josh: Always be cautious when receiving files through email. Email trasmission is the means in which most modern virii are spread. Make sure you know and trust the person sending you the file before executing it. Even though you know the person, there is no assurance that the file does not contain a virus; the person may have unknowingly sent you a virus or the person might be infected with a virus which sent itself to everyone in their email list. Second, if you are not expecting the file and do not know what it is, be very cautious. If you are ever uncertain about a file, scan it with a virus scanner first, before you run it.

Q: What about virus transmission through removable media (floppy disks, Zip disks, etc)?
Torre: Floppy disks and other forms of removable media greatly increase the chances of accidental infection. Unlike most virii where infection occurs upon execution of the file, floppy disk virii can be spread through more covert methods. On every floppy disk there is a physical portion of the disk which is allocated for system use. When a floppy disk is accessed, even to simply inspect its contents or when using it to boot your computer, a virus can be unleashed. Always ensure that your virus definition files are up to date and be cautious of personal disks. If the disk is provided by a manufactuer, make sure the write protection tab has not been removed because a virus cannot attach itself to a disk if it cannot write to it.

Q: What if someone sends me a file in an online chat room?
Josh: Internet chat rooms are another means in which many virii and trojans spread. You should be very cautious when you are in a chat room and use the same precautions as you would with email.

Q: What do I do if I suspect I have a virus?
Josh: First, get the latest virus definition files for your virus scanner. Next, run your virus scanner and see if it detects a virus. If it does find one, have the virus scanner remove and try to clean any files that are infected with the virus. Sometimes virus scanners are not able to clean files that are infected with certain malacious virii, resulting in a loss of data. Although most can be removed from your system, there are still many that cannot and your data may be corrupted. If this were to occur, it would require you to completely re-install your operating system and software. Thus, it is always a good idea to keep a backup of all important files.

I want you to know I did my homework for this column: I contracted a virus. No, not a computer virus. The other kind--that little bit of free-floating DNA that invades your cells, takes over the machinery, and replicates itself. (I wanted my reporting to be authentic.)

A computer virus is similar: a renegade bit of computer code that invades computers and typically replicates itself by sending itself to every person in your e-mail address book. The difference, of course, is that the latter kind is the product of malicious intent.

Many of you dear readers now have first-hand knowledge of viruses of the computer kind, thanks to the most virulent outbreak ever that occurred in September. The culprit was "W32/Swen.A". The unlucky victims, which was just about everyone, received a very official-looking e-mail message that purported to be from Microsoft about a security patch. Attached was an executable file. Clicking on that brought disaster.

Which brings us to lesson #1. NEVER click on an attached file unless you personally know the sender and are expecting the file.

Good old "W32/Swen.A" spread like wildfire. I must have received it well over a hundred times. I'm still receiving it today. It not only sent itself to everyone in the address book but also scanned the hard drive for e-mail addresses. It also attempted to turn off any security measures on the infected system.

Microsoft hastened to remind users that while it does indeed send out security messages on occasion, it would never send out an attached file. You might want to check this helpful page on Microsoft's site that explains how you can tell if a Microsoft security-related message is genuine.

Also available on Microsoft's site is a helpful page on security and privacy that includes a guide on how you can make sure your PC is protected.

Lesson #2 is that you must protect yourself. It's not enough to be careful about opening attachments. You really need to have some sort of virus protection software on your computer and to update it regularly.

For one thing, not all viruses arrive via e-mail. The recent "Blaster" virus that spread around the Internet in August did so by accessing computers directly via the network. Actually, properly speaking this wasn't a virus but a worm, which, unlike a virus doesn't infect other programs, but simply sends copies of itself to other computers on a network, such as the Internet.

Two of the more widely used commercial antivirus programs are made available by McAfee and Symantec. There are also some freeware solutions. A version of AVG antivirus software is free for personal use and has gotten some good reviews. Avast is also free for home users for noncommercial use.

To get an overview of virus software, a good place to start is our old friend About. The Antivirus Software section gives information about the latest outbreaks, has links to free and commercial antivirus products for a variety of platforms, and even includes information about virus hoaxes and myths. Also, a good site for tracking the latest infestations is the Internet security center operated by Carnegie Mellon University.

Unfortunately, viruses and worms aren't the only thing you need to worry about. If you have a direct connection to the Internet such as DSL or cable modem, you need to also be concerned about people breaking into your computer. The solution is a firewall.

Again you can find a good introduction to firewall security on About. And again there are links to freeware and commercial products.

So what antivirus software do I use? Ah, well, um . . .

Your computer geek uses no antivirus software. I actually have Norton Antivirus installed but haven't kept it up to date since my annual subscription expired and I had trouble with the company's web site when I was trying to renew it.

I've got to get that taken care of. Meanwhile, my e-mail provider (Lisco) uses Postini, which is quite effective in blocking e-mail borne viruses. And my University has solid firewall protection for the campus network.

In addition, I use a Macintosh. The latest version of the Mac operating system is fairly immune to viruses, in part because it's based on the Unix operating system, which is more secure.

Unlike Windows Mac OS X comes with its ports shut and locked; it asks for a password if a program tries to install itself; it has a core OS that not even an administrator can alter; etc., etc.

Now if my body were so immune . . . . Achoo!