Computer Viruses

How does a computer virus disrupt software running on your PC?

It might not; you might never notice any symptoms. Or you might notice consumption of system resources. Or the virus could irretrievably erase all your files; as an unrestricted process it could do anything the virus author felt like doing. In summary, the answer is, it depends on the specific virus.

Is it true that you have to open an e-mail containing a virus for it to execute? Or are their other ways people can infect your system?

This is a “where the heck does one start” kind of question.

Seriously, the best advice here would be to go Google a few things, like Wikipedea on viruses, and come back and ask a more specific question. You have asked a question that could take a semeseter course of computer security to cover the ground of.

It isn’t that the matter is difficult, rather that there is just so much stuff to cover.

A good thing to do would be to look for a history of computer malware that looks readable at your level. Understanding the history will take you through the gamut of malware. There really is a lot to cover. Once you know about the Morris Worm, the Stoned Virus, and work though to StuxNet you should have a good idea about the range of what you ask. We can fill in the gaps and explain technical stuff. But right now the question is “how do diseases hurt me?” except for computers.

The malware (virus is just one type of malware) has to start executing to do anything to your computer. Generally, email is data that just sits there until you open it. So not opening suspicious emails will go a long way to preventing problems.

But if your email reader has a ‘preview’ function where it shows you part of the message before you open it. and you have that ‘preview’ option turned on, then your computer has already opened the email to get that preview. So you’ve lost the chance to avoid opening a suspicious email. Many people recommend that you turn previews off for more safety.

And emails sometimes show an image (a picture, or even just a logo) automatically when you open them. The email reader executes some code to display that image. Malware can be hidden in that image data. So readers usually have an option to not display embedded images automatically. Turning this option off may also make reading emails safer.

Finally, emails can have attachments. You have to click on the attachment to view it. By clicking on it, you start some code executing. It should be some benign code like opening your word processor to show you an attached document, or a viewer to show an attached picture, or opening a browser to take you to an attached webpage link. OK. But it could instead be malware code to do something bad to your computer! And the bad stuff could be happening invisibly while it is showing you the picture. Almost anything could be done in this code, much more than the limited things that embedded images or code could do.

So that’s the reason for the common advice to NEVER open attachments from people you don’t know (or people who foolishly forward ‘warnings’ to everyone they know). Be suspicious of attachments unless you are expecting them from this specific person, and you’ll be much safer.

Note that most of the safety things you can do make it a little less convenient for you: not seeing previews of emails until you open them, not seeing embedded images until you click on them, not seeing attachments until you click on them – all a bit of inconvenience. (Just like buckling up your seat belt when getting in your car is less convenient than just jumping in and going.) Each person needs to decide for themself the tradeoffs between convenience and safety.

And yes, there are other ways that malware can infect your computer.

A computer virus is just a little computer program. As such it can do whatever the creator of the virus wants it to do. One thing that distinguishes them is they are usually self replicating so they can spread to other PCs.

Not really true.
Modern operating systems are protected against rogue programs. To be successful, a piece of malware needs to exploit a defect in the OS that allows it to run without user permission. This is why so much malware these days takes advantage of “social engineering,” where the user is tricked or mislead into explicitly giving permission to the malware to install itself. Thus the proliferation of “Flash Player” update sites…

Very informative, thank you. :slight_smile:

Nasty! :wink:

I see, how sneaky. :frowning:

Oh, disappointing. :frowning:

Any sort of malware is just some piece of code that you don’t want to run, that somehow gets run anyway. I could write a program that, if it ran, would delete everything on your hard drive. Or one which constantly watched your keyboard, and whenever it detected you typing in anything that looks like a credit card number, recording it and sending the number to me online. Or one which scrambled all of your files, and told you to send money to me for an unscrambler. Or which did all sorts of other things. But why would you ever run such a program?

There are multiple ways to make that happen, which is the main distinction between different kinds of malware. For instance, I could make a program that does one of those nasty things, but which also does something else, that you might consider useful, and only tell you about the useful thing. That’s called a Trojan horse, or just “trojan”. Or I could try to trick the computer into running the program, without you knowing about it at all. Or I could try to trick you into running a program, when you think you’re doing something else, like opening a picture.

There are a number of ways of doing any of these, and there have in the past been more of them, before the computer companies improved their security to prevent them. For instance, back in the days of floppy disks, some floppies were bootable: If you started up the computer with a floppy in the drive, then instead of running the operating system on the hard drive, it would run the operating system on the floppy (in fact, before hard drives became common, this was often the only way to run an operating system). So you could distribute floppy disks that were bootable, and had some nasty program in the boot sector which did whatever it was that you wanted.

What makes it a virus is the method of distribution. If it’s just me distributing these nasty floppy disks, then it’s only a problem for people who trade floppies with me. But I can put all sorts of code in there. I can, for instance, put in code that will copy my nasty code (all of it, including the part about copying itself) on the boot sector of every floppy disk that ever gets put in the machine. Now, the people I attacked have my code, and everyone they share disks with also has my code, and the people they shared with, and so on. This is similar to how a biological virus spreads through a population, and so this kind of malware is what’s called a virus.

Bootable floppies are a thing of the past, now, but there are countless modern variations. You could have a virus, for instance, that looks through your computer for all the e-mail addresses it can find, and sends itself to all of them. It still needs some way to get those copies to be run on the new computers, though. That might involve a bug in an e-mail program that the program’s creators haven’t fixed yet, or it might involve using a feature in a way that wasn’t intended, or it might involve tricking humans.

What defines a virus is that it replicates itself by modifying an existing program. Malware that replicates by exploiting a weakness in the system is a worm. Virus is not a catch-all term for any malware. What you are describing with the fake Flash updates is a trojan, not a virus.

Here’s a pretty good explanation of different types of malware from Cisco.

Oh boy, I better not upset you cos you seem to know an awful lot about it!:wink: Thanks for the info. :slight_smile:

Yeah, duh.
Explain that to the OP, who is the one that doesn’t know the difference.

As Malware goes, viruses are essentially dead.