Viruses

Albert Lunde Albert-Lunde at nwu.edu
Sat Apr 18 01:24:36 EDT 1998


>Yes,  it is possible for the machine to get a virus from just
>saving to disk.  We had this problem before we installed McAfee's (we
>were still on a Win 3.x network then).

I'm a little skeptical of this statement.

My understanding has been that there are two common infection mechanisms
for PC code viruses: boot sector viruses, which infect your computer when
you restart with an infected floppy disk in the drive, and viruses which
infect executable files, like .EXE, .COM or .DLL files, and infect your
computer when one of those infected executables is run on your computer.

These have been joined by macro viruses, which are executed by
badly-designed Microsoft software (recent versions of Word and Excel) when
infected documents are opened.

None of these mechanisms will infect a computer just by listing the files
on a disk. (There are other varients; but I don't know of one that goes
beyond these limitations.)

Going in the _other_ direction though, is fairly easy. Many viruses modify
system files so they will be active on every reboot, and stay resident in
memory and/or patch system routines. So once a computer is infected, it can
and often will, infect every writable floppy put into the drive, even for a
directory listing, and a file infector can infect any executable, not just
those that have been run.

Until the advent of macro viruses, I think boot sector viruses were the
most common. Both can spread from people just carrying around a disk of
word-processor documents, as students and the like often do. Boot sector
viruses  are to some degree independent of the OS (any Intel box can be
infected); simple macro viruses without a code "payload" can run on Macs
and PC.

On the other hand, unless you are a specialist in anti-virus support, you
may not care about these details; commercial anti-virus software, updated
several times a year, seems to be a lot more effective than anti-virus
education: most people don't want to act paranoid enough to be safe without
it.

If you manage something like a computer lab with public users, I'd invest
in several virus scanners, and be prepared to restore systems from "clean
backups".


---
    Albert Lunde                      Albert-Lunde at nwu.edu




More information about the Web4lib mailing list