A computer virus, according to Webster's Collegiate Dictionary, is "a computer program usually hidden within another seemingly innocuous program that produces copies of itself and inserts them into other programs or files, and that usually performs a malicious action (such as destroying data)". Two categories of viruses, macro viruses and worms, are especially common today. Computer viruses are never naturally occurring; they are always man-made. Once created and released, however, their spread is not directly under human control. One example of a virus is the Anna Kournikova virus, which comes in the form of a picture sent through e-mail.
Worms are very similar to viruses in that they are computer programs that replicate functional copies of themselves (usually to other computer systems via network connections) and often, but not always, contain some functionality that will interfere with the normal use of a computer or a program. The difference is that unlike viruses, worms exist as separate entities; they do not attach themselves to other files or programs. Because of their similarity to viruses, worms are often also referred to as viruses. A well-known example of a worm is the ILOVEYOU worm, which invaded millions of computers through e-mail in 2000.
Named after the wooden horse the Greeks used to infiltrate Troy, a Trojan horse is a program that does something undocumented which the programmer intended, but that the user would not approve of if he or she knew about it. According to some people, a virus is a particular case of a Trojan horse, namely one which is able to spread to other programs (i.e., it turns them into Trojans too). According to others, a virus that does not do any deliberate damage (other than merely replicating) is not a Trojan. Finally, despite the definitions, many people use the term "Trojan" to refer only to a non-replicating malicious program. An example of a Trojan horse is W32.DIDer. This virus has been found on the computers of users who have downloaded the popular file-sharing program Grokster.
Boot sector viruses infect or substitute their own code for either the DOS boot sector or the Master Boot Record (MBR) of a PC. The MBR is a small program that runs every time the computer starts up. It controls the boot sequence and determines which partition the computer boots from. The MBR generally resides on the first sector of the hard disk.Since the MBR executes every time a computer is started, a boot sector virus is extremely dangerous. Once the boot code on the drive is infected, the virus will be loaded into memory on every startup. From memory, the boot virus can spread to every disk that the system reads. Boot sector viruses are typically very difficult to remove, as most antivirus programs cannot clean the MBR while Windows is running. In most cases, it takes bootable antivirus disks such as Symantec's Norton AntiVirus rescue set to properly remove a boot sector virus.Some common boot sector viruses include Monkey, NYB (also known as B1), Stoned, and Form.
A boot sector virus can cause a variety of boot or data retrieval problems. In some cases, data disappear from entire partitions. In other cases, the computer suddenly becomes unstable. A common problem is the infected computer's failure to start up or to find the hard drive. Also, error messages such as "Invalid system disk" may become prevalent.
Boot sector viruses are usually spread by infected floppy disks. In the past, these were usually bootable disks, but this is no longer the case. A floppy disk does not need to be bootable to transmit a boot virus. Any disk can cause infection if it is in the drive when the computer boots up or shuts down. The virus can also be spread across networks from file downloads and from e-mail file attachments. In most cases, all write-enabled floppies used on an infected PC will themselves pick up the boot sector virus.In the past, setting the computer to boot first from the C: (hard) drive and then the A: (floppy) drive, or never to boot from the A: drive at all, was a reasonable precaution against boot sector viruses. This is no longer the case, as viruses are now more dangerous and spread in more ways.You can configure some CMOS setups to prevent writing to the boot sector of the hard drive. This may be of some use against boot sector viruses. However, if you need to reinstall or upgrade the operating system, you will have to change the setting back to make the MBR writable again.
Prevention is usually a matter of vigilance and avoiding contact with unknown disks. The following suggestions will help keep your systems and data safe:
When reformatting a disk, the boot sector is not affected. The best option is to use an antivirus emergency disk set to remove the virus. This feature is available in any antivirus system. Alternatively, you could format the Master Boot Record (MBR). To do this, boot from a Windows startup disk and at the A:\ prompt type "fdisk /mbr" (without the quotes). This will format the MBR. This procedure, however, in not adviseable on NT based systems, such as Windows NT, Windows 2000 or Windows XP especially when using NTFS. It should also not be attempted with SCSI disks. The antivirus option is the safest one, and the one I would recommend.