Viruses, Worms, Trojans and How to Protect Your Computer!
There are two separate issues here - real viruses, described below; and fake viruses (virus hoaxes), which are described on our virus hoax page.
What are Viruses and Worms?
Viruses are tiny computer programs, bits of code that usually install without your knowledge or consent, and degrade your computer's performance, often while using your computer to accomplish some negative goal, such as destroying your files, or sending out more copies of the virus through your email. These are the two main characteristics of a virus: 1. to accomplish some goal as a program and 2. to reproduce and spread itself.
See SecurityResources.Org for the latest information on real viruses, worms and other security threats. They have a page, http://www.securityresources.org/news.htm that provides a free list of the up to date, current threats, viruses and worms.
Virus Goals: A virus generally aims to carry a payload of some kind. This may do some damage to the user's system (such as, for example, deleting certain files), may make the machine vulnerable to further attacks by opening up a "back door", or may put the machine under the control of malicious third parties for the purposes of spamming or denial-of-service attacks (this is referred to as a "zombie" see this page for more information).
The virus deliberately tries to damage your computer. In general, it cannot damage the computer hardware itself. In the worst case, you will need to reformat the hard drive, reinstall Windows, reinstall your programs and data from backups. You ARE making backups, right? You should be, at least monthly. All of this can prove expensive in terms of repair costs, lost time and productivity. Often, owners of badly spyware-infected systems purchase entire new computers, in the belief that an existing system "has become too slow." Repair technicians who hear complaints about a computer "slowing down" usually suspect virus or spyware infection.
Virus reproduction: A virus spreads copies of itself to other computers, if it can. The virus will in almost every case also seek to replicate itself onto other computers. In other words, it functions not only as a parasite, but as an infection as well. Usually, it looks for you address books in Outlook, AOL and other programs and then sends the virus to every address it finds.
How does you PC get infected?
Viruses normally installs itself through one of three methods:
- The virus is attached to an email in an .exe, .zip, .cls or .com file.
- The virus is downloaded when you go to a specific website, taking advantage of security flaws in your browser (Internet Explorer, Mozilla, Firefox, Opera, etc.).
- Internet Explorer can also install viruses on your computer either via a drive-by download with or without any prompt! A drive-by download takes advantage of easy installation via an ActiveX control (or several ActiveX components) with or without a prompt, depending on security settings within Internet Explorer. This is why many security departments tell you not to enable ActiveX components on your pc.
Many novices fear "cookies", which are a common mechanism websites use for storing information on your computers. Cookies are usually used to store your user id number for later visits to the website. Cookies and their use generally are not hidden from you. Cookies are often important and necessary to help protect your identity when you are on a password protected website.
Click on the links below for examples:
- "AT&T Payment Confirmation" - Scam email, not from AT&T, with a virus attachment
- Bank of America - "Your transaction is completed"
To avoid viruses issues altogether:
To remove viruses problems completely (but temporarily, as you can become reinfected later), follow this advice:
- Don't open any attachments, unless you know the sender, and are already expecting the email and attachment!
- Obviously, one of the most effective solutions is to block the adware and viruses from getting through to your pc. Some of the firewall programs do part of this, and viruses/adware cleanup programs can get those that slip past the fire wall. See the left side of this page for recommendations for products.
- If the computer's performance has degraded to such a state that that computer no longer functions usefully and reliably, the user may have to consider the option of a clean install. Novice users should avoid this solution! You will need a complete back up of your data along with all the setup disks that came with your PC. A clean install means erasing all the data from your hard drives, reformatting the drives and re-installing the operating system. Only advanced users or a computer technician should attempt this remedy.
- Use of automatic updates (on Windows systems), antivirus (see the recommended packages on the left side of this page), and other software upgrades will help to protect your pc. The bugs in older programs are exploited by hackers, so upgrading helps to install the corrections.
- Also stay current with patches to Windows - especially Service Pack 2 (SP2). subscribing to the automatic updates in the previous step will guide you to these, too.
- Since some viruses takes advantage of Internet Explorer weaknesses, using a less common browser such as Mozilla Firefox may also help.
- Disabling ActiveX in Internet Explorer (click on Tools - Internet Options - Advanced) will prevent some infections.
- Currently-known viruses does not specifically target non-Windows systems, such as Mac OS or Linux.
For More Information About Viruses and Adware, See:
- See Security Resources.Org for the latest information. They have a free page, http://www.securityresources.org/news.htm that has a list of the up to date, current threats, viruses and worms.
- Current list of known spyware and adware
- Scam: "Firewall Update Notification" "Please update your Firewall as soon as possible"
- The Electronic Privacy Information Center
- Report A Crime
- Takedown Assistance
- How Spyware Works, Ross Greenberg, Security Pipeline, February 28, 2005
- Spyware And Your PC: Keeping It Out, Getting Rid Of It, Ross Greenberg, Security Pipeline, January 24, 2005
- Browser Hijacking and Prevent Browser Hijacking, Mike Healan, SpywareInfo, last update was January 12, 2005.
- What's The Difference Between Spyware And Viruses? Dave Piscitello, Security Pipeline, January 4, 2005