My worst nightmare: the virus I catch on the Net

You can pick up all sorts of unpleasant things when you're surfing. Andrew North explains how to avoid infection
Click to follow
Indy Lifestyle Online
"Aaagh!" I wailed, in best comic-book fashion, as everything on my Powerbook screen started to disintegrate, icons and windows melting into little dots. Furious pounding of the keys had no effect. My computer had been taken over by some foreign force.

Within 30 seconds, the screen was blank. Then a disk icon popped up, sporting a flashing question mark. The whole operating system, not to mention two years' worth of pithy prose, had been destroyed by a computer virus that I had unknowingly triggered when I launched a piece of software I had found on the Internet. Total, utter disaster, every computer user's worst nightmare.

Fortunately, that was just a bad dream. I have yet to be menaced by one of these hi-tech nasties, but it is something I often worry about, particularly when I try out software I have downloaded from the Net. New viruses emerge almost every month; there are now thought to be between 6,000 and 7,000 infecting the world's computers.

The most virulent of these electronic plagues are often created by bitter ex-employees of computer firms. But the average virus maker is the idle student, says Mark Drew, IBM UK's computer security expert and a veteran virus buster.

A computer virus is a "piece of self-replicating code", says Mr Drew. That does not make them sound very dangerous but, as he explains, "It depends on what the author has made them do." Most do nothing more than make a screen icon flash once a year. Many people never discover their machine is infected.

In the past, floppy disks carrying beta, or test, versions of new software have been the main source of infection. But the Net is becoming the main carrier, according to Mr Drew.

Viruses work by attaching themselves to executable files (such as software and system extensions) and then spring to life when those files are activated. Once active, viruses load into a computer's memory and copy themselves into other applications. In many cases, such as the notorious Michelangelo virus, which could erase the hard disk on PCs, the trigger is a particular date.

As the virus threat has grown, however, so have the rumours. This is a world in which no one, not even the virus makers, knows what is happening, where even companies that produce protection software have been accused of whipping up fear.

Thousands of people worldwide were fooled earlier this year by a hoax called "Good Times", which was supposed to spread via e-mail and wipe out hard disks when people read their messages. But e-mail messages cannot carry viruses because they are not executable files.

None the less, such is the havoc some viruses cause that any organisation relying on computers would be "irresponsible not to be prepared", says Mr Drew. Viruses such as ONEHALF, which appeared earlier this year, will gradually encrypt entire PC hard disks if they are activated and are immune to conventional virus-removal programs. Most viruses are aimed at PCs, but with so many in circulation it is almost impossible to judge which ones are likely to attack a given user.

It is not such a problem for Mac users, though. Surprisingly, there are fewer than 40 known Mac viruses. However, infection rates have always been much higher among Mac users because they tend to share software and other files more than other computer communities.

As if these viruses were not enough to cope with, computer users also have to guard against so-called "Trojan horses". They are more sophisticated than viruses because they are programs that appear to serve some useful purpose, but which contain another program or virus designed to damage your machine. Definitely the nastiest example of a Trojan horse is "Virus Info". This is a piece of software that purports to provide you with information on viruses, but once inside your computer it destroys its disk directory. Fortunately, Trojan horses do not replicate like viruses. Standard anti- virus programs will deal with them (see right).

Life for a virus-buster such as Mark Drew is one of constantly running just to stay in one place. As soon as a virus has been spotted and software written to combat it, another one appears. Like their biological cousins, computer viruses are changing all the time, except that in this case human ingenuity is the agent of change rather than evolution.

The latest virus to hit the headlines, which exploits the macro commands in Microsoft's Word 6.0 application, illustrates this perfectly. Known as Prank Macro by PC users, it is the first known virus to infect different computer platforms. Until now, all viruses have been platform-specific: a Mac virus will not infect a PC, and vice versa. Symptoms of a Prank Macro infection include the appearance of alert windows containing the digit "1", or files saved as templates rather than normal documents. IBM has published its research into Prank Macro on the Web.

So how can you protect yourself against these cyber plagues? "Don't trust anybody," is Mr Drew's first piece of advice. Do not load any software into your machine if you are not sure where it has come from or if it has been shared around. Just as important, protect yourself with an anti- virus program, even if you are cynical about the companies that produce them.

IBM installs virus detection software on most of its machines and Windows 95 includes an anti-virus utility. PC users should also get hold of Anti- viral Toolkit Pro or Solomon, which spot and destroy viral infections. Virex, Symantec's SAM and Disinfectant are the common Mac equivalents and are available on the Net. Make sure you get the latest versions configured to deal with new strains. Updates are published several times a year.

If you have taken all precautions and think your machine is infected, don't panic. Do not immediately wipe your hard disk clean, counsels Mr Drew. If your anti-virus software cannot "disinfect" the machine, contact the supplier. The folklore surrounding viruses tends to make people overreact, says Mr Drew, causing more harm than a virus could ever do. He cites the case of a City dealing room that shut down its trading system after "detecting" a viral infection, losing millions of pounds' worth of business. In fact, there was no virus. Someone running a disk management program had caused an unusual but easily solved system error.

It is this kind of reaction that encourages virus creators to continue. To see a company brought to its knees by the fear of a virus makes them try ever harder to make it happen with a real one. The bigger the prey, the better. So if you are a multinational using lots of computers, watch out.