Harvard Divinity School

Harvard Divinity School
 

 
 

Information Technology and Media Services

 

 

 

  

An Introduction to Computer Viruses

  1. Virus Protection at HDS

  2. Links to Virus Information Sites

  3. What is a Virus? 

Virus Protection at HDS

McAfee VirusScan is installed on all HDS PCs. It scans for viruses whenever you attempt to open/read any file including e-mail attachments. McAfee VirusScan attempts to detect viruses by comparing information it scans to data stored in its internal Library of viruses. This Library of viruses is updated (at least) weekly by the Network Associates (distributors of McAfee VirusScan) and all HDS user PC's are configured to automatically download these 24 hours a day, every day.

Despite the protection that Anti-virus software provides there is always a small window of time between when a new virus is released and the programmers at anti-virus software companies like McAfee can create and release updated library files to protect against the new virus. For that reason, we strongly advise you not to open email attachments unless it is a file that you were expecting. Additionally, at no time should you ever open an attachment with a file extension of .EXE, .BAT, or .VBS.

Links to Virus Information Sites

If you are concerned about a possible virus or hoax, please refer to the following web pages for information (or call the IT Help Desk).

What is a Virus?*

A virus is a "parasitic" program written intentionally to enter a computer without the user's permission or knowledge. The word parasitic is used because a virus attaches to files or "boot sectors" and replicates itself, thus continuing to spread (without your knowledge). Though some viruses do little but replicate, others can cause serious damage or affect program and system performance. A virus should never be assumed harmless and left on a system. The following information will elaborate on this brief summary.

Types of Viruses

Viruses are classified by their behavior in infecting computer systems:

Program Viruses infect executable program files, such as those ending in .Com, .Exe, .Ovl, .Drv, .Sys, or .Bin. These are the files that typically start programs for you. For example, Netscape.exe starts Netscape.

Boot Sector Viruses infect your Master Boot Record, FAT and Partition Table. In plain English, this means that these Viruses attack the "table of contents" on your hard drive. With a destroyed or damaged table of contents, files can be unrecoverable without professional assistance.

Multipartite Viruses infect both programs and boot sectors. Double trouble.

Worms are virus-like programs that are primarily designed to replicate themselves, but often without infecting other files on the computer. Examples of viruses with worm-like behavior are the Melissa virus and the ILOVEYOU virus, which both made use of email programs to send themselves out to everybody in a user's address book.

Macro Viruses are transmitted in Microsoft applications that support Macros, such as Word and Excel. Macros are normally harmless little applications that a user can run in a document (say, an application that automatically calculates some values in a spreadsheet). Recently, malicious hackers have turned to using this Macro functionality to attack your computer.

How Viruses Contaminate and Spread

A virus is typically inactive until an infected program is run or the boot record is read. As the virus is activated it loads into the computer's memory where it can perform a triggered event and/or spread itself. Disks used in an infected system can then carry the virus to another machine. Programs downloaded from bulletin boards and web sites can also spread viruses. Data files can even spread viruses, thanks to the invention of the Macro Virus.

Boot Infecting Viruses should be of a special concern to users who share computers or floppy disks. Every disk contains a boot sector whether it is a bootable disk or not. When the computer is powering up looking for the Boot information and reads an infected disk in the A: drive, the virus is transferred to the computer's hard drive. Once the boot code on the drive is infected, the virus will be loaded into memory every time the computer starts up. From memory the boot virus can travel to every disk that is read, and the infection will spread. Most boot viruses could be on a system for a long time without causing problems. There are some nasty ones, however, that will destroy the boot information or erase the hard drive. Advice: do not use your floppy disk or any other storage device in a computer that does not have virus protection. You are risking your data.

How does one determine that a computer or disk is infected?

To determine whether or not a floppy disk or computer drive is infected by a virus, it is necessary to run a virus scanning utility, a program that can detect and often remove viral code. These scanning utilities constitute the core of all anti-virus software, and every computer should be loaded with some sort of anti-virus software. Some of these programs can be made to run permanently from the computer's memory, which allows for continuous virus scanning. This solution allows for more dynamic detection and removal of viruses, especially those which enter the system through the use of floppy disks. IT Services recommends that you run anti-virus software on your machine at all times, and that you keep its virus information up to date.

How can a virus be removed?

To remove a virus you will need to obtain an anti-virus software package; there are numerous programs available on the market, ranging in price from $30-60 (more depending on the number of updates included with the package). McAfee VirusScan is the package used at HDS (though this should not be taken to constitute an endorsement of the product). Another prominent program is Norton Antivirus.

Most viruses are rather innocuous and can easily be detected and removed from your computer without any subsequent damage to your system. Nonetheless, it is imperative that you scan your system frequently to minimize the chance of data loss and security compromises.

Anti-virus software is covered by copyright law and is not considered shareware, hence HDS Information Technology Services will be unable to provide you with copies of such programs. You will have to obtain your own copy through a software vendor.

IT Services can, with an appointment, attempt to clean floppy disks that are infected in our lab. Our lab is kept up-to-date with the most recent anti-virus software, so infection is not very likely, but if you find that you have a virus, please contact us for an appointment.

This primer was created with materials from the following site: Symantec, Inc. You can learn even more about viruses there.

* You may, from time to time, see the plural form of the word "virus" written as "virii" rather than "viruses." Either is acceptable.

 
 
 

directories | search hds | site map | my.hds | privacy policy | home

ABOUT HDS | MEET THE FACULTY | RESEARCH PROGRAMS | LIBRARY | PUBLICATIONS
GIVING OPPORTUNITIES | NEWS AND EVENTS

Copyright 2009 President and Fellows of Harvard College. All rights reserved.
 

 

last modified: July 18, 2007
comments about this page should be addressed to: Ben Rota