Bug Watch: Each week vnunet.com asks a different expert from the IT security world to give their views on recent virus and security issues, with advice, warnings and information on the latest threats. This week's expert is Ian McManus, technical manager at Panda Software.
When a destructive computer virus gets to work on your PC's hard drive, the effects are usually all too clear to see - visible signs of infection include on-screen messages, graphic effects or, worst of all, loss of data.
But what PC users often fail to realise is that many viruses lay dormant on their machine's hard drive for days, weeks or even months before 'attacking' - known in the antivirus industry as 'triggering their payloads'. So how can you identify the presence of a virus that is lying dormant and waiting to attack?
Detecting the presence of a latent virus is a difficult task. They secretly infect systems behind users' backs, and often employ techniques that are specifically designed to conceal their presence. It therefore becomes necessary to be on the lookout for anything suspicious. Some of the symptoms of latent viral activity include:
- An increase in the size of files, which could indicate that a virus has added its code to that of the original
- An unusual or impossible date or time; for example, a minute or second value higher than 59. These values are often used by viruses to mark the files they have already infected
- A slowing down of computer activity
- Programs that cease to work correctly
- Continuous system crashes
- Duplicated files
Combined with a high quality antivirus software package, awareness will go a long way to protecting your system from latent viruses, but even the most vigilant PC user can become a victim, with the virus triggering its payload before being spotted.
In the event of identifying an unknown virus, i.e. one that was not identified and blocked by your antivirus software, you should always try to get a sample of a potentially infected file and send it to your antivirus company's laboratory for analysis. Remember that most viruses attack executable files or documents. Boot sectors may also come under attack, although incidences of this kind have been greatly reduced through the use of the Windows operating system.
If you were infected while working on a document, like writing a letter in Microsoft Word, for example, you should try to send that document to the virus lab. If this is not possible, then send in a document of the same type that you have used recently. If, on the other hand, the virus effect was produced while running a program or initialising the system, then you are probably up against a binary virus. As with infected files, try to get a sample of the same file that produced the effect.
In extreme cases, viruses can destroy all the data stored on your hard disk. In this situation, try to find a potentially infected document or executable file on a floppy disk you have used recently.
These are some basic indications on how to report the presence of an unknown virus. However, your antivirus vendor's technical support service should let you know exactly what action to take in each type of situation.
Found by calculating the strength of the material deep inside the crust of neutron stars
Can highlight in real-time the relevant regions of an image being described
Double legal trouble for Musk as he also faces civil lawsuit over renewed British pot-holer 'paedo' claims
Battery development could help boost performance of smartphones