BEGPAN2.CVP 931015
1.1 Power
Let us assume the worst possible case. You have reason (maybe good,
maybe bad, we'll cover that later) to believe you have a virus. What
do you do first?
Most people would tell you to immediately shut the power off. That
*might* be a good idea - but it might not. Shutting the power off
will definitely keep a virus from operating. If the power already
*is* off, don't turn it back on - at least not until you're a bit
more comfortable with what might be going on. However, if the power
is on and the virus is active, what is it going to do? Infect your
computer? It's already done that. Erase files? Format your disk?
Well, yes. There are viral programs that will do that. You
probably don't have to worry about that happening, though.
With some few, possibly debatable, exceptions, no virus is
beneficial. You don't need anything randomly adding itself to
programs, you don't need to lose the extra disk space and you don't
need to lose the memory and interrupts. Most common viral programs,
though, are termed "benign". This means that they carry no overtly
damaging code, and that any damage they do is unintentional.
"Malicious" code tends to draw attention to itself, and thus be
destroyed, or to destroy itself when it formats the drive to erase
everything else. Therefore, the odds are in your favour that if you
do have a virus, it won't be doing any damage.
If you *do* happen to have an infection by one of the malicious
viral breeds, you still might not be in trouble. Most malicious
payloads require some sort of trigger event. Sometimes this can be
a specific time of day, but not very often. The Michelangelo virus,
for example, triggers on March 6th - but only when the computer is
booted up on March 6th. If you leave the computer on all day March
6th, nothing will happen. (This is not to say that leaving the
computer on all day on March 6th will avoid Michelangelo. There is
too much risk of an accidental reset, and far better ways of dealing
with the infection.) Therefore, your chance of any damage happening
while the computer is on is reduced further.
If, of course, you have just seen, "Ha, ha! I, the Disk Head Crash
Virus have just erased your disk," then you're in trouble. You
probably won't, however, get into any more trouble by leaving the
computer on. In fact, if you don't panic, and calmly leave the
machine on, there can be a better chance of recovering something.
Some of the system information is still in memory, and if that can
be written back to the disk the chances of recovery may be improved.
To conclude, then: if it's off, leave it off. If it's on, leave it
on. If, of course, the printer is going nuts, there is one too
bright dot in the middle of the monitor and the disk drive is in a
constant spin cycle while making rattling noises - turn it off.
copyright Robert M. Slade, 1993 BEGPAN2.CVP 931015
==============
Vancouver ROBERTS@decus.ca | "Don't buy a
Institute for Robert_Slade@sfu.ca | computer."
Research into rslade@cue.bc.ca | Jeff Richards'
User p1@CyberStore.ca | First Law of
Security Canada V7K 2G6 | Data Security