Skip to main content

Some Common PC-DOS Viruses and What They Mean To You

1.10 Lessons

All the viruses discussed here have a few features in common; all load themselves into system memory when first executed, and later infect other objects as they are used. All are relatively simple and well-understood, and all are easily protected against with any of a number of available anti-virus programs. On the other hand, all are still circulating in the computing community; an indication that anti-virus measures are still underutilized. Protecting a single machine has become relatively easy; protecting all the machines in a community or an organization is still difficult. Before computer viruses were widespread, [White et al, 1989] contained the following advice on the subject:
  • Put a knowledgeable group in place to deal with virus incidents.

    • The group may be a formal part of the organization, or may be an informal collection of knowledgeable people.

    • The group should be responsible for educating users about the threat of viruses, providing accurate information about viruses, responding to reports of viruses, and dealing with viral infections when they occur.

    • Make sure each employee who works with a computer knows how to contact this group if they suspect a viral infection.
  • Develop a plan to deal with viruses before there is a problem.
    • Decrease the risks of an initial infection, from internal and external sources.
    • Put mechanisms in place to detect viral infections quickly.
    • Develop procedures to contain an infection once one is detected.
    • Know how to recover from a viral infection.
  • Test the plan periodically, as you would test a fire evacuation plan.

    • But do not use a real virus to test the plan!
This advice is still applicable today. The primary caution that needs to be added is that, since computers viruses are now a very real possibility for every popular microcomputer, the employment of anti-virus software (including detectors for known viruses as well as more general protections) is highly recommended, especially at key points such as shared machines and LAN servers. While most virus infections are caused by a comparatively old, well-known virus, not all are. Particularly critical systems should be equipped with both a good known-virus detector and a more general change-detector. A combination of the right anti-virus software, advance planning, and general safe practices (don't, for instance, forget write-protect tabs where possible) can reduce the chance of becoming infected with a virus, and ensure that any infection that does occur will be quickly detected, contained, and recovered from. See [White et al, 1989] for more general advice on the subject.

[ Top of Page | Previous Page | Next Page | Table of Contents ]

 

  back to index