Virus (computer), a self-duplicating computer program that spreads from computer to computer, interfering with data and software. Just as biological viruses infect people, spreading from person to person, computer viruses infect personal computers (PCs) and servers, the computers that control access to a network of computers. Some viruses are mere annoyances, but others can do serious damage. Viruses can delete or change files, steal important information, load and run unwanted applications, send documents via electronic mail (e-mail), or even cripple a machine’s operating system (OS), the basic software that runs the computer.
HOW INFECTIONS OCCUR
A virus can infect a computer in a number of ways. It can arrive on a floppy disk or inside an e-mail message. It can piggyback on files downloaded from the World Wide Web or from an Internet service used to share music and movies. Or it can exploit flaws in the way computers exchange data over a network. So-called blended-threat viruses spread via multiple methods at the same time. Some blended-threat viruses, for instance, spread via e-mail but also propagate by exploiting flaws in an operating system.
Traditionally, even if a virus found its way onto a computer, it could not actually infect the machine—or propagate to other machines—unless the user was somehow fooled into executing the virus by opening it and running it just as one would run a legitimate program. But a new breed of computer virus can infect machines and spread to others entirely on its own. Simply by connecting a computer to a network, the computer owner runs the risk of infection. Because the Internet connects computers around the world, viruses can spread from one end of the globe to the other in a matter of minutes.
TYPES OF VIRUSES
There are many categories of viruses, including parasitic or file viruses, bootstrap-sector, multipartite, macro, and script viruses. Then there are so-called computer worms, which have become particularly prevalent. A computer worm is a type of virus. However, instead of infecting files or operating systems, a worm replicates from computer to computer by spreading entire copies of itself.
Parasitic or file viruses infect executable files or programs in the computer. These files are often identified by the extension .exe in the name of the computer file. File viruses leave the contents of the host program unchanged but attach to the host in such a way that the virus code is run first. These viruses can be either direct-action or resident. A direct-action virus selects one or more programs to infect each time it is executed. A resident virus hides in the computer’s memory and infects a particular program when that program is executed.
Bootstrap-sector viruses reside on the first portion of the hard disk or floppy disk, known as the boot sector. These viruses replace either the programs that store information about the disk’s contents or the programs that start the computer. Typically, these viruses spread by means of the physical exchange of floppy disks.
Multipartite viruses combine the abilities of the parasitic and the bootstrap-sector viruses, and so are able to infect either files or boot sectors. These types of viruses can spread if a computer user boots from an infected diskette or accesses infected files.
Other viruses infect programs that contain powerful macro languages (programming languages that let the user create new features and utilities). These viruses, called macro viruses, are written in macro languages and automatically execute when the legitimate program is opened.
Strictly speaking, a computer virus is always a program that attaches itself to some other program. But computer virus has become a blanket term that also refers to computer worms. A worm operates entirely on its own, without ever attaching itself to another program. Typically, a worm spreads over e-mail and through other ways that computers exchange information over a network. In this way, a worm not only wreaks havoc on machines, but also clogs network connections and slows network traffic, so that it takes an excessively long time to load a Web page or send an e-mail.
Preparation and Prevention
Computer users can prepare for a viral infection by creating backups of legitimate original software and data files regularly so that the computer system can be restored if necessary. Viral infection can be prevented by obtaining software from legitimate sources or by using a quarantined computer—that is, a computer not connected to any network—to test new software. Plus, users should regularly install operating system (OS) patches, software updates that mend the sort of flaws, or holes, in the OS often exploited by viruses. Patches can be downloaded from the Web site of the operating system’s developer. However, the best prevention may be the installation of current and well-designed antiviral software. Such software can prevent a viral infection and thereby help stop its spread.