designmywebpage.com | Virus Updates

home | support | design | hosting | contact us

What are computer viruses?

Now before you begin, you should get some facts straight about viruses. Firstly, they are not actually living creatures. They are just a program like any other, except that they copy themselves on to other programs, they 'infect' it. They cannot actually run by themselves. To 'activate' a virus, you need to run the program which was infected. To be a classified as a virus, a program needs to be able to copy itself to another program ('replicate'), by executing its code.

This is the best definition that I have found: A computer virus is a self-replicating program containing code that explicitly copies itself and that can "infect" other programs by modifying them or their environment such that a call to an infected program implies a call to a possibly evolved copy of the virus. This comes from the comp.virus FAQ , an excellent (but lengthy) piece of information about viruses.
From all of this information, you should be able to see, that you cannot get infected by a computer virus, by just reading e-mail, or opening a word document. Unfortunately, this is not entirely true. There is a programming language, called WordBasic. This is used to write macros for Microsoft Word. It is also used, by some evil (and bored) people to write viruses. These would be started when a document, which is already infected is opened.

How do I prevent a virus?
Well the simplest solution is to always leave your computer turned off, but that might not be too useful (and then there is no point in owning a computer). Otherwise, be careful with any new things that you install on your computer, that is any floppies, and anything off the 'net.

A note on floppies, if you are just going to be reading it, it's worth putting the lock on it, to disable writing. If you read someone else's floppy on your computer, always scan it.

Another thing that you should always do, is watch anybody that uses your computer. They could bring a virus on, even if they don't mean to! Of course that is not always possible, so you should consider, using a scanner that stays in memory. It checks all files before you open them, and also scans memory when you load it.

Know your enemy!
To fully fight a virus infection, you need to now how viruses work, i.e. how they infect other files.
There are three ways of writing viruses.

The first method consists of overwriting the beginning of the file they are infecting with their own code. This method isn’t too good, as 99% of the times, the infected file will not run properly. When the computer reaches the end of the virus code, it will continue with the code that is left from before, if it doesn’t exit back to the system. However this will create lots of errors, as the start will be missing. You will usually realize very quickly something is wrong. Also, this type of virus usually causes the computer to crash, as the rest of the code is not working. However if the virus exits with an error message, you might not realize how wrong things are.

The second type of virus, works by adding a jump to the end of the program, where its code is located, and then continuing with a jump back to the beginning where it left off. If this is well written, the program shouldn’t crash, and everything should work fine (except of course the virus in memory). The only thing that you can usually detect is the drop of memory.

The third type of virus works by appending itself to the beginning without making changes to the original. This means that in some cases the original works as it used to, but in others it doesn’t. It depends on how well written it is.

Why do I see hits on default.ida, root.exe or cmd.exe, on my website's stats report?

You should not be alarmed. Servers which are infected with Code Red or Nimda Virus are attempting to search your site for the exploit. We have implemented all the necessary virus updates, security patches and removed the .ida mapping to ensure your safety and security. For more information on Code Red worm click here, For more information on the Nimda virus click here.