Vandals and Viruses

A computer vandal or virus is an element of executable code, created by people of a very strange mental disposition, that can damage your software and documents. Unfortunately, such material can be easily attached or built into applications or other files that appear to work normally. Although in some instances they don’t cause any real harm, others pose a serious risk to your computer.

A vandal frequently damages the machine that receives it and sometimes sends itself to other computers connected via a network. The worst kind of code, known as a virus, reproduces itself within files, the computer’s system memory, boot sectors and disk drives, eventually destroying your documents and filling up memory. These can also be transferred to others machines over a network.

Know your Enemy

The most common forms of damaging code are:-

1. Trojan Horses

Those who know their Greek mythology should be able to work this one out. Such a file looks like a useful utility, but in reality harbours a particularly nasty kind of vandal. Unlike viruses, such a program doesn’t infect other files, although it can cause tremendous damage to your machine.

2. Viruses

Viruses work by infecting other files. They usually operate in the following ways:-

Destructive Virus: usually doesn’t act until a specified date or before a given event

Encryption Virus: uses encryption to conceal itself

Stealth Virus: hides itself by intercepting the computer’s ‘interrupt’ commands

Resident Virus: installs itself in memory, then infects boot sectors and other files

Viruses come in two basic groups:-

File Viruses

This kind of virus attaches itself to executable programs, often modifying the program each time it’s launched. All standard Windows executable files, usually of the .com and .exe variety, are prone to this kind of infection, whilst Word .doc files can also convey such a virus. Fortunately, a Windows virus doesn’t normally infect a Mac OS machine, or vice versa, since different computer code is employed. However, Java-based code can pose a risk to all kinds of computers.

Boot Viruses

This variety hides in a computer’s startup disk. A master boot virus lives in the Master Boot sector (MBR) of the drive in a Windows computer, which is the first physical sector and normally inaccessible to the user. A DOS boot virus is similar, but resides in the sector used for loading DOS. Once again, such viruses don’t usually travel across different operating systems.

Receiving Dangerous Code

There are several ways in which your computer can be exposed to a vandal or virus. The greatest risk, however, comes from the Internet, as described below:-


Since email messages contain pure text, they can’t convey executable code. However, any files sent as attachments to such messages can contain almost anything, which makes them a serious hazard.

Dubious attachments can often be identified by their filename extensions. If you’re running Windows, you should be particularly aware of files containing matching code, such as those with .cmd, .com, .exe, .pif or .scr extensions. Similarly, documents produced using Microsoft Word, which normally have an extension of .doc, can contain macros with harmful code. And remember, archives can also contain any of these files.

World Wide Web

Modern Web pages frequently contain executable code in the form of Java or ActiveX, which is used to enhance the browsing experience. Unfortunately, it can also damage your computer or network. Although you can disable these features in your browser, this can limit the usefulness of the Web.

Regrettably, things are getting even more dangerous. For example, the newer MIME 2 standards allow code to be activated automatically, allowing all sorts of viruses to be received, while similar risks have been introduced with the latest generation of browser plug-ins.

File Transfer Protocol (FTP)

FTP is usually less of a problem than the Web, since you normally select the required files by hand. However, even experienced users can fail to check all the files that they’re downloading.


This recent technology uses a small client application to check a provider’s server for the latest information of interest to the user. Unfortunately, such an automatic Internet update can also supply you with files that contain damaging code.


eSafe Protect (PC) User’s Manual, eSafe Technologies and EliaShim Ltd, 1997

©Ray White 2004.