Viruses fall into the broad category of malicious program code. Most software is written to serve a useful purpose for the user, but programs have also been written that attempt to breach security, damage data, or display unwelcome messages.

Most of the code in this very wide category is designed to achieve its goal by being executed by an unwitting user. For example, a program for grabbing user passwords on a network might be called LOGIN.EXE; the user attempts to log on using this program, which behaves like the real LOGIN.EXE except that it also writes the user's ID and password to a file for later use by an intruder. Programs of this type are called trojan horses or "trojans" after the wooden horse of Troy, the classic example of getting your opponent to breach their own defenses for you by pretending to be something which you are not!

Viruses fall into the broad trojan horse category of malicious code. What distinguishes viruses from other types of trojan horse is their ability to reproduce themselves. All viruses are trojan horses; they can propagate only if their code is executed by a person who is not aware of their existence. The converse is not true, of course, not all trojan horses are viruses. A password grabbing program is malicious and dangerous, but it cannot propagate itself.

You will of course want to protect your system against all trojan horses, not just viruses. Many of the protective measures described later will help to protect against all trojan horses, viruses and non-viruses alike, but for information more directly relevant to non-virus trojan horses, refer to the Symantec Anti Virus website

Virus code must execute to propagate. The most direct way to achieve this is for a virus to attach itself to a genuine executable program file such as an e-mail message or an Internet download. The virus can then attach itself to other executables, from which in turn it spreads to still more. Not all virus code needs to be attached to a file, however. Boot sector virus code copies itself from disk to disk as your computer boots up but without attaching itself to any files.

Every computer virus in circulation was written by someone who wanted it to infect other people's computer systems. In some cases, that was all they wanted: the knowledge that their code was passing from computer to computer, fanning out across the world over time. Many viruses have no direct effect on the computers that they affect other than the resources (disk space and memory) needed to propagate. These are not to be considered harmless though; virus code is complex and viruses can contain serious bugs that cause the virus to do things not intended by their author.

Some viruses are designed to propagate without the explicit intent of causing harm. These should also be considered as malicious. Any code that executes on your system without your knowledge or consent represents, as a minimum, a breach of security and a potential risk to your data.

If viruses did no more than replicate, they would not represent a very serious problem. But the fact that they replicate means that they can in theory carry out any task that can be programmed on a large number of computers across the world. This is what seems to attract virus writers to the arcane art of low-level programming: The ability to gain temporary control of someone else's computer at a safe remove in time and space. This allows the virus writer to corrupt data, hang systems, display obscene or irritating messages on-screen, or whatever else they decide to program with little fear of having to account for their actions. As a social activity, virus writing fits in somewhere among the arts of mooning, graffiti, defacing banknotes, and the kind of actual vandalism that results in prosecution.

Such activity by a virus, actions other than propagation or avoiding detection, are referred to as the virus' "payload." Most viruses have a malicious "payload" of one kind or another. The payload is usually activated after the virus has been propagating for a time. If it were to activate every time the virus made a copy of itself, it would be noticed quickly and would not get beyond the first infection or two.

Prevention is certainly a good deal better than cure in the case of virus infections. It may not be possible to fully recover data damaged by a virus, and even if it is, the cost in time and computing resources may be high. In any case, prevention is relatively straightforward if appropriate measures are introduced and adhered to by all concerned.

Unsafe Practices

There are a number of computing practices that increase your exposure to viruses. While not directly related to virus activity, avoiding these practices can help to reduce the incidence of viruses:

• Make sure you have adequate backups at all times. These are essential for recovering from virus infections as well as from other disasters.
• Don't use pirated software. There have been some cases of software distributors supplying infected disks, but these are given undue publicity and they are far outweighed by the enormous number of cases of infection by pirated software.
• Don't leave a disk in the floppy drive unless you are sure you want to boot from it. You may re-boot the computer, or it may crash and reboot by itself (during a temporary power-out, for example), giving any boot-sector virus on the disk all the opportunity it needs to infect your computer.
• Be aware of e-mail messages you receive - if you get an e-mail with a strange or out of character subject and message from somebody you know, it could be infected. Also be VERY careful about opening file attachments - even from people you know. Always check with the sender to confirm that they did send the attachment.

Get the right anti-virus software

After an awareness of safe computing practices, your best line of defence against viruses is a reliable anti-virus program. There is a choice of programs. We recommend Inoculate IT.