OK, Let's Buy A Computer

Let's talk about PC Viruses

RIVER BENDER - December, 2001

What is a virus anyway? It's a program that runs in your PC that does bad things. Programs are shown as "application" type of files in a listing of filenames and usually end with the suffix ".exe" or ".com." If you receive an e-mail attachment with either suffix it should raise a red flag. When you click on it it's going to run as a program that could be a virus. There are other attachment suffixes to be cautious of but these are the two main ones.

Three virus attachments recently arrived in e-mail messages sent to me. They were CVTAPLOG.EXE, EVENT.COM and INFINST.EXE. By scanning these files with my Norton antivirus program I determined that they were MAGISTR viruses and informed the senders that they were infected. I then deleted the attachments by right clicking on them.

Unless something starts going quirky in one's PC a victim often doesn't know he's infected with a virus. Clicking on an innocent looking attachment is what usually causes infection although the virus could come in software that's downloaded and run. Once activated, the virus often seizes the victim's address book and sometimes harvests e-mail addresses from incoming messages. When the victim dials into his ISP to check e-mail the virus sends itself to others. It's important to try finding who sent the virus and to inform the sender that he's infected.

When the dreaded day finally arrives and somebody calls to inform you that you have a virus what should you do? Here are some scenarios:

You don't have a virus: The calling party may be wrong. Your anti-virus program is up-to-date, it stays enabled and you never click on attachments unless you know where they came from and what they are. As a precaution, you scan your entire hard drive again for viruses and find nothing. You're OK.

How could you have a virus since you have an anti-virus program? Sure you have an anti-virus program but did it come with your PC that you bought over a year ago? Did you update it to get the latest virus definitions since new viruses come out every week? No. Did you renew your annual subscription for updates? No. Then your antivirus program is probably worthless. The first year of online updates for Norton antivirus software is free. After the year is up you must send in a few dollars to extend the updates for another year, otherwise, there's little point in having the program. By the way, if you have an updated antivirus program but never enable it then it's not working. Actually, it's OK to leave it disabled but you must then remember to have it scan suspicious files before you open them. I leave mine disabled all the time only so I can see who sends the message to me and what the attached filename is because I want to inform the sender if he has a virus and alert others receiving his message.

You confirm that you do indeed have a virus: Your problem now is to get rid of it. Some viruses can be cleaned out (repaired) by an anti-virus program but that seems to be the exception. Ordinarily it gets a bit messy. If the virus screwed up your PC so you can't start Windows or your desktop freezes or you can't run any application programs then you're probably going to need professional help. You might as well expect that you're going to lose data and programs in the cleanup process. But if your PC still works and you can access the Internet there's hope that you can get rid of the virus yourself. Here's what I do: Go to http://www.google.com and enter the name of the virus, like "Magistr" or "Kak." or keywords in the virus message. You'll find a listing of web sites discussing the virus. Read everything you can and look for a removal tool for the virus that you can download and run. Print out any manual removal instructions. Symantec owns Norton AntiVirus so check out their web site at http://www.symantec.com/avcenter. Sometimes they have a free removal tool and instructions to remove a particular virus. If you're really lucky, Symantec might just tell you that scanning your hard drive with Norton would clean out the virus.

Want a free virus? Yep, go to http://www.eicar.org/, which is the web site for the European Institute for Computer Antivirus Research, and download a tiny file called "eicar.com." This file is a perfectly harmless fake virus that you can use to test your anti-virus program. But the alert is still scary!

Who creates viruses? Nobody knows and yet there are over 50,000 viruses now. It is believed that the typical writer is young, smart, male and usually someone trying to buck the system. It is estimated that businesses will lose $266 billion this year to viruses and hackers. For example, the NIMDA virus recently hit upscale Fairfax County's network and shut down 9000 PCs and 300 servers. This has got to stop. We must stop coddling virus writers and hackers and come up with severe punishments instead of making them head of security at some company after they're caught.