Login Form
Advertisement
Virus Management PDF Print E-mail
Written by Bernie Vincent   
Wednesday, 12 July 2006

No matter who you are…
No matter how much you spend on Information Technology…
No matter how many instructions you give to those who use your computer…
 
A virus will hit you.
 
We do not seek to be alarmist. Nor do we wish to put you off using your computer. But forewarned is forearmed; sensible safeguards can be taken which will save you much anguish and money.
 
What is a Virus?
 
A virus is a small computer program that is designed to copy itself to a computer disk or attach itself to a computer file without the knowledge of the computer user. Not all viruses inflict serious damage, but rather cause inconvenience.
 
Viruses most frequently come in through files attached to e-mail messages or infected files downloaded from the Internet.
 
Types of virus
 
Boot Sector or Partition Sector Viruses:
 
This type of virus is probably one of the most common, and “hides” on the area of a computer hard disk or diskette that is read by the computer when it is started.
 
The Boot sector contains all the information needed to load the disk operating system, and the Partition sector contains information about the sectors or divisions within which data is contained on the disk. A typical time that an infection occurs is when a disk is left in the A:drive overnight.
 
When next starting the PC the computer first attempts to read from the drive. If the disk contains a Boot sector or Partition sector virus, it is loaded into memory, then moves the Boot sector and Partition sector information to another part of the hard disk, replacing it with its own code. When the PC is next restarted this new information is read and any disk used will also be infected.
 
File Viruses:
 
These viruses infect files that are run (program files - usually with a .com or .exe file extension). When such a program file is run, the virus runs first, copying itself to other files or even other disks, replicating itself. It then passes control back to the original program file to continue executing. Being resident in the memory, the virus can then infect any other program that is subsequently run.
 
Multi-Partite Viruses:
 
A multi-partite virus is a virus that can infect both boot sectors and files, hence causing the most possible damage.
 
Macro Viruses:
 
This type of virus infects macros, which are small programmes designed to automate repetitive tasks in applications such as Word Version 6.0.
 
Other Sources of Infection
 
Trojans:
 
A Trojan (sometimes called a "Trojan Horse") is a malicious program that hides inside a legitimate program, as in the soldiers in the wooden horse of Troy. There are lists of programs known to contain Trojans, but the best protection is to be very careful to obtain all your software from reputable sources.
 
Worms:
 
A worm is a program that has been written to replicate through a network of computers and unlike a virus, does not need a carrier program in order to multiply. The main difference between a worm and a virus is that a worm actively tries to infect other computers, whereas viruses rely on the users to spread them, albeit inadvertently.
 
Hoaxes:
 
A hoax is a simple message, typically distributed via email that is written to deliberately spread fear, uncertainty and doubt. Hoaxes prey on the lack of technical knowledge of all those that receive a hoax.
 
They tend to look a bit like these examples:
 
"Subject: Fw: NEW VIRUS ANNOUNCED BY IBM. PASS THIS ON TO ANYONE YOU HAVE AN E-MAIL ADDRESS FOR."

…if you receive an e-mail titled "Lets watch TV" DO NOT OPEN IT. It will erase everything on your hard drive. This information was announced yesterday morning from IBM.
 
....it has been designed to work with Netscape Navigator and Microsoft Internet Explorer. It destroys Macintosh and IBM compatible computers...
 
The use of the names of some of the very big companies, such as IBM, Microsoft and AOL is typical of a hoax. These names tend to catch the eye and lead us to believe that this must be a serious warning before they have made an announcement.
 
So, if all of us send this message on to everyone in our address book, then there would be thousands, or even millions, of these messages sent across the Internet, possible slowing it down to a snails pace as all the e-mail systems tried to cope. In effect, the hoax would have the same effect as some of the viruses.
 
Virus Protection - What to do
 
There are anti-virus programmes available that are capable of scanning a computer system, detecting viruses and cleansing the infection. However, it is essential that the use of such applications is only part of an all-embracing contingency policy to protect your information. The key elements are:
 
Education:
 
Be honest with yourself. If you don’t fully understand the issues, read about them or ask your fellow members. Start by making sure the importance of safeguards is fully conveyed to others using your computer; make the message simple – not scary.
 
Back-up Procedures:
 
There must be a clear back-up procedure to ensure that data is regularly backed up onto disk(s), tape cartridges or other devices. Back-up copies should then be stored off-site, preferably in a protected environment.
 
Prevention:
 
Put in place preventative measures that are aimed at ensuring that your computer does not become infected in the first place.
 
- Implement stringent procedures to ensure that all disks and files are scanned before being loaded onto your computer system.
 
- If possible, arrange to have the PC reset such that it only boots from the hard disk (C:drive), rather than the A:drive.
 
- Avoid leaving disks in the A:drive when switching off the PC.
 
Detection:
 
Select a reputable anti-virus application. There are a number available on the market, such as McAfee, Dr. Solomon’s, Symantec, Sophos. The better applications include options for regular (monthly or quarterly) updates so that any new viruses can be detected and eradicated.
 
Some people have used anti-virus software for many years, thinking that they are adequately protected. However, since these applications check each file for the “signature” of many thousands of viruses, it is essential that the list of recognised viruses is kept current. Virus software included in manufacturer's operating systems is not reliable unless updated regularly.
 
Recovery:
 
Check your recovery procedures. Ensure that the back-up copies of your data can be restored in the event of failure. Make random checks by restoring files from tape onto the computer system, ensuring that you are familiar with the restore process and options available. In an emergency this could be critical.
 
Use any verification option available with the back-up software used. This backs up each file, then verifies the original against the copy on the tape. This process lengthens the time to take the back-up, but avoids any possibility of data corruption during the back-up process.
 
Other Potential Problems
 
If something strange is happening to your PC, such as not saving documents properly, or file sizes are becoming very large, then suspect that you have a virus. But there are other causes of problems that should also be considered.
 
Bugs:
 
These are errors in the program that may cause it to malfunction and potentially damage data. Most sophisticated software has bugs, which are unintentional, but almost impossible to detect.
 
Software Crashes:
 
These are often caused by utility type programmes that communicate directly with the disk hardware rather than via the operating system e.g. disk compression software and disk defragmentation utilities. Used individually they do not normally cause problems. However running multiple utilities simultaneously can cause a conflict resulting in a system crash. Closing and re-starting the computer usually clears the problem.
 
Human Error:
 
This is the most common cause of lost files or data, for example, by pressing the Delete key after highlighting files. Remember that hardware and programs can be replaced, but if you haven’t taken back-ups, your data will be lost.
 
Our Golden Rules
 
1. Implement and test back-up procedures (testing rarely happens). If your system fails or you get hit with a virus, the cost can be enormous.
 
2. If your PCs are behaving strangely be aware of the potential for virus infection. Don’t panic, but do seek assistance as early as possible before the problem spreads too far.
 
3. Don’t have a witch-hunt. (It might have been you who introduced the problem!). The cause will be (a) the lack of good procedures, (b) misunderstanding of the problem, or (c) malicious intent. The first two are by far the most common.
 
4. Purchase good virus detection software with monthly or quarterly upgrades.
 
5. Don’t stint on the licence cost – it’s a false economy.
 
< Prev
[ Back ]
© 2010 Wrinklies
Joomla! is Free Software released under the GNU/GPL License.