Dragonfly Technologies
Dragonfly Technologies
Viruses: The mutating threat

What are viruses?

When the IBM PC first came into popular use (almost 20 years ago), the threats of viruses, while potentially devastating, were relatively simple to combat. One could buy a piece of software to look after the files on one computer that were subject to "infection" by a virus, and update the software occasionally. In the '80s, and into the early 1990s, virus authors/writers/programmers had to be relatively skilled to actually get their viruses to do anything. Up to that time, viruses on PCs had to be "executable files"-files that actually did something, independent of any software that may be on a victim's computer.

When Microsoft introduced "Visual Basic for Applications" and Visual Basic Scripts as part of Office 95 and Windows 95 respectively, Microsoft allowed for extensive automation of routine tasks in Microsoft Word, Excel, PowerPoint and Access. This automation could even extend to software that wasn't part of the Microsoft Office suite. Seems wonderful, right? Well, here's the big downside to that "ease of use".

With the luxury of relatively easy automation, came a great deal of potentially destructive power. Users of Microsoft Word could now create a seemingly harmless looking file that looked like a regular Microsoft Word file (such as NORMAL.DOT. How much more "normal" can one get than that?), but which could contain instructions to erase the contents of a user's hard drive after it retrieved the seemingly harmless document. Even a user with very little skill could write a "macro" or "script" that could destroy all your work in the blink of an eye, and without warning.

As Windows and Microsoft Office became bigger and more popular, the functionality of Visual Basic Scripts ("VBS files") became more powerful, and by extension, more threatening to computer safety. The most common types of viruses out there today are not executable files, but rather extensions of Windows or of Microsoft Office. The most common effect of the 55,000+ known viruses is their replacement of your Word documents or Excel spreadsheets with empty files of the same name. One fine day, if you're without up-to-date virus protection, you might see all the files you're accustomed to seeing on your office computer, only to discover that, as you went to retrieve them, and work on them, the 20 page memo on which you'd spent a week was now a single blank page.

Another common effect of script type viruses is renaming pictures on your computer's hard drive (files whose last names are JPG, TIF, BMP, GIF, and others) to VBS, and adding a little instruction to each file which can cause it to proliferate the script across other files on your computer, and to any computer into which it comes into contact.

How do viruses proliferate?

The viruses that make the news occasionally, are the ones that creep around stealthily from one computer to the next with little or no warning, until they've come into hundreds of thousands of computers. With the significant rise in the use of the world wide web and of e-mail, users have been receiving and unknowingly transmitting viruses to their friends and colleagues for a while now. One of the functions of many "scripts viruses" is to send a copy of the virus to all the e-mail addresses in user's Outlook or Outlook Express address book. Those viruses which proliferate across a single computer, and then, via e-mail address books, and file attachments are known as "worm" viruses.

If you use Outlook or Outlook Express, you must be more vigilant than those who do not in keeping your anti-virus software up-to-date.

If your computer becomes infected with a macro virus, you could inadvertently send an infected Word document to a friend, who can send it to a colleague. This is one common method by which viruses spread.

Now that handheld devices such as the Palm Pilot can store Word documents and e-mail, the Palm Pilot and other handheld devices of its ilk are now subject to viruses too.

The Symantec Anti-Virus Research Center (or SARC) has a description of a typical, contemporary virus, its symptoms, and effects here.

Another growing source of virus infections is from hostile websites. Microsoft invented a technology called ActiveX which allows a seemingly innocent file that you may be told is needed to view a given website properly to be downloaded onto your machine and to do damage once you accept it.

How do I stay protected from virus threats?

Anti-Virus Software

For starters, keep a current copy of anti-virus software running on your computer. Although we do not advocate for one anti-virus product over any other, we have had positive experience with Network Associates' McAfee VirusScan, and with Symantec's Norton AntiVirus. The best way to ensure up-to-date protection from viruses is to take advantage of the free updates available to your anti-virus software (usually weekly or bi-weekly) to keep them current. sure that before you open the attachments that you

Be careful of outside files. You don't know where they've been

File attachments to your e-mail

Next, if you receive e-mail with file attachments, make A) know who sent them, and B) have current anti-virus software running to scan your attachments. If you receive a file attachment from someone you don't know, it's safest not to open it. The file attachments that pose the clearest threats are those with the last names VBS, DOT, DOC, EXE, COM, or BAT (for PC users).

Disks from the outside

Make sure that before you use a diskette, a zip disk or any storage medium from an outside source, or which has been exposed to data that could (even theoretically) be infected, that you scan it with current anti-virus software before you use it in your computer.

If you're connected to a network, make sure that all the computers on your network are equally well protected from virus threats.

If you'd like more information on keeping your anti-virus software current, contact us, and we'll be happy to help you.

Are all virus warnings legitimate?

Sadly, no. Some people get their jollies by sending messages warning of some imminent virus threat with text like "If you receive an e-mail message with the subject line "Happy New Year" don't open it. It's a virus, it will destroy your hard drive". They typically do not tell you how to fix the problems that could occur from opening such a message, nor do these "Virus hoaxes" typically give you a link to any of the popular anti-virus software developers (who almost always have a fix ready by the time legitimate virus warnings are distributed to the general public). If you're not sure if a virus warning you have received is legitimate visit www.sarc.com or http://clinic.mcafee.com. If either of those two sites make reference to the virus, it's probably legitimate. If you do not see in the e-mail message with the warning, a link to either of the above-named websites, you should ignore the virus hoax.