What is a computer virus?
A computer virus is a self-replicating computer program loaded onto your computer without your knowledge. Computer viruses are not created by bugs in regular programs, or spontaneously by machines. They are deliberately created by a person.
Computer viruses range from the mildly annoying to very destructive, and come in new and different forms. Typical viruses are made to interfere with computer operation, record, corrupt, or delete data. A simple computer virus that can make a copy of itself over and over again, spreading to other computers and throughout the Internet, is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all your computer resources and bring your computer to a halt.
The good news is that with prevention, and a little knowledge, you are less likely to fall victim to viruses.
How Does a Computer Virus Work?
Most viruses spread through computer users who inadvertently share or send them to other computers – without knowing it. Some viruses that are more sophisticated, such as worms, can replicate and send themselves automatically to other computers by controlling other software programs, such as e-mail. Viruses called Trojans (named after the Trojan horse) get loaded by computer users because they seem like a useful program. But, once a Trojan is loaded, it will quietly damage your computer or other computers you’re connected with.
Although it’s good to be aware of these different types of viruses and how they work, what is most important is that you keep your computer current with the latest updates and antivirus tools, and that you follow a few basic rules when surfing the Internet – downloading files, and opening attachments. Once a virus is on your computer, what type it is or how it got there isn’t as important as removing it and preventing it from spreading further.
Anti-Virus Software
Anti-Virus software is a program that searches your hard drive for any known or potential viruses. It will then try to identify, stop, and remove computer viruses. Antivirus software typically uses two different techniques to accomplish this:
- Scanning files to look for known viruses matching definitions in a virus dictionary.
- Identifying suspicious behavior from any computer program which might indicate that it’s infected with a virus.
Most commercial antivirus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Dictionary
In the virus dictionary approach, when the antivirus software examines a file, it refers to a dictionary of known viruses. If something in any file matches a virus identified in the dictionary, then the antivirus software will attempt to repair, quarantine (make unusable), or delete those files.
In order to keep this dictionary of viruses up to date, and to keep new viruses out of your computer, periodic updates are necessary. These updates are usually done online over the Internet.
Suspicious behavior
The suspicious behavior approach doesn’t attempt to identify known viruses, but instead monitors the behavior of all programs. If one program does anything suspicious, the antivirus software can alert a user and ask what to do.
Unlike the dictionary approach, the suspicious behavior approach will provide protection against brand-new viruses that not well known. However, this approach requires a bit more user-interaction since it will give “false positives” (alerting the user of suspicious behavior when there is no problems).
