What is a virus?
A virus is a self-replicating software that usually lends itself to other computers via email or the Internet. It does not require human intervention. Its purpose is to either replicate, cause computer damage, or both. It typically comes from infected emails or documents and can either do its damage right away. Give Sun Light or be like a ticking time bomb waiting for the special day to activate.
Examples of viruses:
Boot viruses such as Michelangelo and Disk Killer load when the computer reads the disk. This type of virus is complicated to get rid of.
Program viruses attach themselves to the executable programs on the computer and replicate themselves to all executables on the. Again, these are very difficult to remove. Examples include the Sunday Virus and Cascade Virus.
Stealth viruses manipulate file sizes to avoid detection. Examples include the Whale virus and the Frodo virus.
Polymorphic viruses change when replicating, so they don’t look identical to antivirus software or humans attempting to find them. Examples include the Stimulate virus and Virus 101.
Macro Viruses infect Microsoft Office documents (and others) and infect the normal.dot file (the template that opens with Word when you don’t open a file). These viruses infect every document opened in the program and replicate other computers when infected files are shared. Examples include the DMV and Nuclear viruses.
RELATED ARTICLES :
- Do You Know How to Be an Engaging and Highly Effective Educator?
- How to Manage a Great SEO Team
- Damian Green was compelled to resign in a computer porn row.
- How Are the Apples IOS 6 Passbook App Going to Alternate the Digital Wallet International?
- Global Warming Debate: How Can Computer Models’ Predictions Be Wrong?
Viruses also got good at doing something else: turning off antivirus software. Not only could this particular virus do its dirty deeds after this event, but other malware could also infect the computer without fear of being caught. On many routine service calls, I would observe that the little antivirus software icon near the clock disappeared, and the computer user never even noticed the difference (at least until I pointed it out!).
What is Spyware?
Spyware is a general term for malware installed on a computer by infected pages on the Internet or comes from software and other packages installed on the computer by the user. Incorrectly labeled as viruses, spyware has increased over the last 8-10 years (since about 2000) and has caused many computer users to have major headaches, causing computer reformats and file loss. This type of software is what this document is going to concentrate on.
Spyware can come in Adware, Hijackers, tracking cookies (although not all tracking cookies are wrong), rogue security software, ransomware (an advanced rogue security software), and keyloggers. New types of spyware include rootkits, which can be very difficult, if not impossible, to remove from a computer system. I will speak more about that later. However, the primary point of spyware is that it is a piece of software installed on a computer system without the user’s consent or knowledge and is typically very difficult (or seemingly difficult) to remove.
Many spyware programs are installed by Trojans, where a piece of software is installed on the computer from the Internet. The spyware is installed unknowingly by the user simultaneously as the “software,” giving the malware-free reign of the computer. Software that installs this way includes free screensavers, games, torrent programs, file-sharing programs (such as Limewire), and other rogue software. Other spyware programs are established by way of infected web pages. If you see a page with a popup that comes up and says something like “Warning: Your computer is infected with 99999 viruses. Click here to perform a scan of your computer,” you are witnessing an infected web page and rogue software that is trying to get on your computer.
Adware includes popups, pop-unders, and other advertisements that appear on a computer using software that is unknowingly installed on the system. The primary purpose of adware is to get users to click on ads that earn money for the person that made the software.
Hijackers (browser hijackers) hijack a web browser and take users to places other than where they want to go. Most of the time, even the homepage gets hijacked. Again, the purpose of a hijacker is money – when users click on the hijacked page links, the malware maker receives a payout. Hijackers operate technically at several levels, including registry changes, Host file changes, browser add-on changes, LSP (Layered Service Protocol) Hijacks, and homepage changes. Removing browser hijackers can result in browser connectivity loss, which requires additional (and more experienced) diagnostics and cleaning.
Keyloggers can determine what the user is doing on the computer and record the user’s keystrokes while logging into banking pages, eBay, Paypal, and other websites important to the user. The keylogger software then transmits this information to the “Home” server (also known as “calling home”), where the bad guys can decipher the data and use it to gain user credit cards, banking, and other identity-stealing information.
Rogue security software and its more dangerous cousin, ransomware, are the latest types of malware that cause computer users problems. The rogue security software pretends to be useful. It is generally installed through infected web pages in the form of a popup that states the computer is infected with so many thousands of viruses (also known as a drive-by download). This scares the user into clicking on Scan Now or OK, which installs the malware. The software doesn’t detect anything, even though it says it does. It then offers to clean the computer for the price of the software. Paying for the software changes the routine a bit, with the software stating it cleaned all of the infections. Examples of this malware include Spy Sheriff (one of the originals), Antivirus 2009, Antivirus 2010, Security Tool, and Security Essentials 2010.
Ransomware is similar to rogue security software, but the effects are much worse. It wants to be paid for, but it will not allow for proper computer operation until paid for. Even worse, some malware of this type also encrypts all of the data files on the computer – documents, pictures, music, everything, with a 128-bit key that only the programmer knows. Recovering the data is nearly impossible unless the data is backed up onto an external drive or the user pays the ransom. This software is installed in the same manner as the rogue security software.
Malware is created by people that understand computers, operating systems, and browsers MUCH better than the average Joe AND know how to program the computer – and they can be located anywhere in the world. They make their creations test them, and then send them out of the nest to fly (and infect) independently. The malware is tested against every browser and operating system. The bad guys can get their hands on it, and they do their best to take advantage of ANY security holes still available in the software and operating systems.
They often learn about these security holes from other hackers; sometimes, they even know about them from people who find them without intent to harm. The malware creators then advertise their infected web pages on search engines or maybe purposely misspell a famous domain name or upload (some great looking but infected software that promises the world to the user) on a website or possibly even a shareware site. The software starts to infect computers slowly.
What about the antivirus companies? Antivirus and anti-spyware companies (Norton, Mcafee, Trend, AVG, Avast, Webroot, Spybot, Ad-aware, and now Microsoft) do not know about this software. That is because no one has reported it to those companies. The bad guys are, well, evil! They don’t tell the anti-malware companies that they are releasing this new software!
However, once the antivirus companies start getting reports of the new malware, they request samples and the sources (where it came from). Then they can start taking them apart (reverse engineer) as needed and work on updating their program definitions so their software can fight the infections. Reports are the bits of code that the good-guy software uses to compare the code on the hard drive and determine whether it is bad software or not. Stories must be constantly updated so the good guys can fight the bad guys. Years ago, reports were updated about once a week. Now many companies update them once a day or even more.
Now that the malware has been “in the wild” (on the Internet) for some time, the good guys have a chance to update their definitions and possibly update their software (if necessary) to fight the malware. Does that mean that it will remove all of the infections all of the time in the future? NO! There may still be problems with the removal routines, and sometimes the removal routines do not even improve for many weeks or months. Other problems can occur because good software cannot stop harmful software from running when the computer is on (known as processes). Rootkits are especially good at hooking themselves into the operating system – they can even run in Safe Mode.
Antivirus software may not help!
Suppose the user (you or a relative, friend, etc.) gives the OK to install a program (ANY program) on your computer. In that case, your antivirus software cannot stop the installation, even if it has a Trojan. No matter what antivirus software you use, even the “rated-best” software, cannot prevent the infection from installing! Can you see how this is a never-ending, vicious cycle? Can you see how and why your antivirus software cannot protect you? Does this mean you should stop using antivirus software? No, I think not. Antivirus software CAN help protect you in some cases, and it CAN help remove infections and alert you to changes in your operating system that should not occur. But, it is NOT a cure-all for virus infections, nor can it prevent them from happening!
How do you protect yourself from these evil, nasty infections:
1) EDUCATION and Common Sense must be used on the Internet. That’s right – YOU can stop these infections dead in their tracks with no ifs, ands, or buts. If something doesn’t feel right about what you see on the screen, don’t do it!! Don’t press the button.
2) ALWAYS keep Windows and your Anti-Malware software updated – it can’t fight what it doesn’t know! Only run ONE antivirus software program. However, multiple anti-spyware scanners (like Ad-Aware and Spybot Search and Destroy, for example) may be used.
3) Use a software firewall. Windows 7 comes with an adequate firewall that monitors incoming AND outgoing connections. The Windows firewall in Vista and XP are passable but do not watch outgoing links (like when spyware tries to “call home”). Check out a free firewall like Comodo Firewall with antivirus – it’s free, and it works great. Again, only one antivirus (and one firewall), OK?
4) When browsing, avoid porn sites, hacker sites, party poker sites, and any sites with funny characters or where the domain name (such as google.com) does not make sense. When doing searches on the Internet, be careful what you click on. Don’t just click a site that looks appealing if you don’t recognize the domain. Critically think about how the environment and the rest of the URL look. If it seems scary, don’t go there. It’s the same thing with Facebook and MySpace links! Find another, safer-place to go (think of URLs as you think of a dark alley – you never know if danger lurks!). You can use a website checker (Symantec and McAfee have one with their Security Suite, and AVG uses one, even with their free antivirus software). Again, remember that nothing is 100% guaranteed.
5) Here is a way to make the bad popup go away (note – this ONLY works if you have NOT clicked anything yet and the malware has not infected your computer): Press the CTRL and ALT buttons (hold them down) and press the DEL (or DELETE) button once. If Windows XP or before, Task Manager will start; if XP (with Quick Logon disabled), Vista, or 7, click “Start Task Manager.” Make sure the Programs tab is highlighted. Click all Internet Explorer programs one at a time and click End Task until the foul popup goes away, and guess what – You were saved!
6) Some techs advocate unplugging the computer from the power when they see a bad popup or if a laptop holds the power button for 5 seconds. However, one caveat to this method is a hard shutdown, which can ruin your Windows installation and possibly your hard drive. Therefore, I do not recommend this method except in a dire emergency. Know the possible consequences, however, should you decide to try it! Other kinds of attacks that the bad guys use to get your personal information have nothing to do with installing software on your computer.
Phishing attacks can come from email or a rogue web page disguised as the real thing. A couple of years ago, rogue emails were sent to millions of people who looked like they came from their stockbroker, bank, or eBay. The email stated that the account was in default, or their password had expired, or scared the user in some other way (this is known as Social Engineering in the computer security world). Not thinking about a possible scam, the user clicks on the link and freely enters their personal and banking information into the rogue web page.
Many lost a lot of money by not thinking critically about what they were doing or even looking at the entire domain. Here is an example of a rogue webpage URL: “HTTP:// www. ebay.changepassword.tki.ru”. Note that “eBay” is in the URL, but the actual domain is tki.ru – this would be a Russian website, with the page URL disguised as an eBay page. The title could even say something like “eBay – Change Password.” ALWAYS know the TRUE domain and NEVER provide personal information unless you typed the URL in yourself or used a trusted favorite (also known as a bookmark). If it came to you, run away (or close the browser window). If you went to it, you probably knew what you were doing and where you were going.
Another security risk on the Internet:
Craigslist has become hugely popular over the last few years, and for many people, it works well, but unfortunately, it is fraught with scammers as well! Here ishowy the scam usually works: You list something to sell on Craigslist.org. You get an email from someone interested (they are generally afraid to call!). The person states they are very interested in the item and want to buy it immediately, sight unseen (a definite warning flag). They offer to send you a Moneygram or cashier’s check for much more than the item is worth. They say you get to keep some extra for your trouble, but they also want you to pay the shipper an extraordinary amount to pick up the item and ship it to the “new” owner. The scam is that you pay your hard-earned money for the shipping, lose the article, and the cashier’s check turns out to be a fraud. Not a very good day in Craigslist land.
Amazingly, someone tried to scam me in the same way on Craigslist! Two people emailed me after I listed an advertisement to repair laptops that said they had seven laptops to fix, which were currently out of state. They told me to name my price, and they would ship the laptops. The scam was I would get paid with fake money, and I would spend the “shipper” on sending the computers – but I would be out of my money, there would be no real computers to fix, and the fake money would be lost. OK, now that you have this great information on what the malware is, how it gets on your computer, why antivirus software cannot protect you from it, and how to stop it if it tries to get on your computer, what do you do if you still get bit?
You could try performing a “Google” search for the symptoms and look for web pages that tell you how to remove the infection. For example, if you have a box that comes up that will not go away, and it calls itself “Security Tool,” search for that term on Google. You don’t need to go to paid techy sites such as experts-exchange.com; bleepingcomputer.com is a GREAT place to go for advice – many people on that site have tons of experience removing malware and are happy to help for free. Note that sometimes you will have to get your hands dirty and learn much more about this removal stuff if you want to try it on your own. And it’s a scary world out there.
But there is always an alternative. You can hire a professional to help you – you can look in the online yellow pages, do an online search, or look in your local phone book. Choose someone reasonably priced but not cheap – cheap always comes at a price you may not want to pay. Look for a business that has been around for a while – ask them when you call how long they have been doing this and what the success rate is. Sometimes the computer is so badly infected it needs to be wiped clean. You will want your data saved, too. The real pro will offer a flat rate to do all of that. Do not be afraid to ask questions – that is part of what you are paying for. I hope this report has been beneficial to you, and I also hope that it has helped prevent your computer from getting infected at least once or twice. We aren’t perfect, and even I have had the “opportunity” to do my damage control once or twice.