Computer Viruses

Viruses Spyware PDA virus Prevention Hoaxes Security Cookbook

New Computer:   An unprotected computer has about 4 minutes before it is hacked from the Internet. Before you connect your computer to the Internet for the first time, read our Spyware information. Before you send emails to all your friends, please check the "text" against our Hoax directory.

Malicious Software that can Damage your Computer

• COMPUTER VIRUS - malicious software that can infect (get into) other computer programs. When an infected file is run or accessed, the virus is triggered, and can cause damage to your files. You can even transfer a virus to your handheld (Palm) computer.
• COMPUTER WORM - a self-contained malicious program that is able to spread copies of itself, usually over a company network or the Internet.
• TROJAN HORSE - malicious software that appears to be fun or useful but actually does something nasty. It's often hidden in games and emails. More recently a virus is downloaded without your knowledge just by visiting a hacked website. It then steals your banking ids and passwords and proceeds to drain your account. (Trojans are notoriously hard to identify.)
• E-MAIL BOMB - an Email message that can allegedly cause harm to your computer simply by opening and reading the message and usually a variant of one of the above. (Some of the warnings about these are "myths" or "legends".)
• CLICKJACKING - a web page link with hazardous buttons that are "floated" behind the actual buttons that you see. When you click the button, the browser is routed to the bad guy's hidden link. This can download software, disable security, and steal your information. (Best protection is to enable JavaScript, ActiveX controls, and plugins ONLY for 'trusted' sites. Firefox browser with addon "NoScript" protects you from bad scripts.)
• ADWARE - software which is stored on your computer and bombards you with pop-up windows full of adverts as you try to view internet pages. Often lumped in with Spyware.
• SPYWARE - malicious software which collects information from your computer without your knowledge and passes it on to the software's creators - which can be criminals who steal your personal data, which puts you at risk of identity theft. More about spyware...
• RANSOMEWARE - malicious software that infects your computer and restricts your access to it until a ransom is paid to unlock it. Paying the ransom does not guarantee your access will be restored.

There's some overlap among these definitions. For example, some types of "malware" is all three: it infects and ruins files on your system, so it's a virus. It uses Email to move itself from system to system through the Internet, so it's a worm. And it arrives disguised as a letter from someone you know, so it's also a Trojan.

Symptoms of Malware Infection

Viruses can infect your computer without opening any email attachment - sometimes just by visiting a malicious Web sites.

You might see odd messages appearing on your screen, unexplained slowdowns, missing files, mangled files, a complete hard disk wipeout so you cannot start your computer, etc.

If you are on a network or LAN, download files from the Internet, or use Microsoft software (such as Word, Excel, or Outlook Express), your computer will get infected sooner rather than later. Viruses can cause serious damage to a single computer or an entire network.

The worst symptoms include a computer that won't start or a message from your bank saying your account is empty!

Repairing a Malware Infection

If you suspect you have an infected computer, proceed carefully. Malware can cause the loss of your operating system and your files. Copy all the files, documents or photos you have stored on your hard drive since your last backup to a removable or write-only disk if possible. Run antivirus software and malware cleaners. Even better, reboot from an external bootable disk if you have one (that does NOT use the operating system on the infected drive) to run antivirus software. You can try a "Windows Restore Point" to return your computer to a previous working state.

Use another computer to help by downloading antivirus software and spyware removers that can be run from a disk without using your computer's operating system. Search online for the virus or its symptoms.

You can start your computer from an original Windows installation disk and choose the repair option (get help from Microsoft for using this.) This allows you to repair the operating system without losing your data and installed programs. This may not work if you have made upgrades (such as SP3), you might try to borrow an installation disk that matches your SP level.

Restore your computer hard drive using a backup of your system if you have one. Start from an external system disk or write-locked floppy to run the restore software. As a last resort reinstall your entire operating system. If any of this sounds complicated, turn it off and take it straight to a computer repair shop for testing and repair.

Prevention

Using unpatched and unsupported software may increase the risk of proliferation of computer security threats of all kinds. No single tool is perfect; and there are no tools that can't be defeated, broken, or disabled in some way, under the right circumstances. To protect a computer connected to the Internet, use more than one method of protection.

Safe Internet Practices

The best malware protection is YOU! Safe-computing procedures will save you hundreds of dollars of cure. #1 and #2 are the most important:

1. Never click on links and attachments that arrive in email or instant messages.
2. Backup your operating system to an external storage drive. Computer malware can destroy everything on your computer system instantly! First get an external drive, then cleanup your computer storage (Ccleaner), then run backup software (Macrium Reflect), which can take 20-30 minutes. Store the backup file on your external drive (could be over 50 GB if you keep video files on the C drive), then disconnect the drive from your computer to keep it safe! Repeat this procedure on a regular basis. You won't be sorry.
3. Be cautious of any newly acquired software.
4. Don't fall for Phishing, an email or website that try to convince you to provide personal information, passwords or bank account information. Cybercrooks are stealing millions this way. [More]
5. Update your anti-virus software on a schedule (min. weekly) to detect new viruses. Run your virus software to scan *all file types*.
6. Don't rely on "anti-virus" software!
7. Never open an Email attachment from anyone without virus-checking it first. Tell your friends to email only text and photos, that you delete everything else. They can upload and send you the URL for movies, documents and photo albums.
8. Whey paying for anything online, use a low-limit credit card that is only used for online purchases, or use a payment service such as Paypal, which prevents the seller from seeing your banking information.
9. Use disposable email addresses for all online forms, applications or purchases, to stay off junk mail lists. If your ISP doesn't allows you to create as many addresses as you need, try Hotmail.com or Gmail.com.
10. Turn on macro virus protection in Microsoft WORD and beware of viruses in WORD documents.
11. If someone unexpectedly sends you a file ending in .EXE, delete it immediately.

See our Internet Security Cookbook.

Microsoft Windows Security Vulnerabilities

Since Internet Explorer is so closely integrated into the Windows operating system, the truth is that *EVERYONE* who uses Windows 98 or 2000 or Microsoft Office 2000 is affected by viruses that affect Internet Explorer. You must check for and install software updates for all your Internet software. Security updates are issuged for Microsoft Windows, Internet Explorer, Outlook Express, various audio players, office software, and even PDF readers!

You can download Windows patches online with "Microsoft Update" (Click the "Start" button, then "Search" if you can't find it.) Don't forget to look for Microsoft Office updates. To check for security updates for everyone on your computer that might cause a problem, use the Secunia Software Inspector to scan your computer, then provides a list of security problems with links to updates and help. Before you start, quit all other programs, as the scan can take up to an hour depending on how much software you have installed.

• microsoft.com
• Microsoft Security bulletins: microsoft.com/protect/computer/updates/bulletins
• Secunia Software Inspector

Email Viruses

According to a 1997 survey by the National Computer Security Association, Email is one of the leading methods of transmitting viruses.

Some of the ways an Email message could lead to virus infection on your computer:

1. You open an email "file attachment" that is an executable program capable of running on your particular computer system. File extensions are usually for PCs (EXE, COM, BAT, VBX), but there are viruses that run on Macintosh and Unix computers, etc.
2. You open an email "file attachment" that is a Microsoft WORD formatted document with a Word macro that can damage your files. If you run a MS-WORD program and "open" an infected document file without checking it first for viruses (using a good virus checking program), you unleash the virus. File extension is usually DOC. Macro viruses affect all operating systems. (Read more about Email and MS-Word viruses)
3. You open an Email in Outlook Express with Internet Explorer versons 4 or 5 installed on the computer - the attachment does not have to be opened or run!
4. Online fraud known as phishing is being exploited by cybercrooks. More about phishing...
5. You clicked on a text link in an email message. Typically, you must download and open the attachment to be infected with a virus. Not with this one. It says something like: "Congratulations! [Company] has successfully charged $175 to your credit card. Your order tracking number is ... To see details please click this link." If you click on that link, your computer will become infected with the Mydoom virus.

A computer virus called Melissa inside Email attachments took down networks around the world in 1999. It sounded like a hoax, but it wasn't. (Melissa Virus, Happy99, MS-Word, Love Bug)

Image files and plain text files are safe to open. Graphics are normally opened in your mail or browser program (GIF JPG PNG) or graphics program like Paintbrush (BMP). Plain text file normally open in NotePad (TXT ASC). Don't open any other attachment. Following the rules for safe computing!

And another side of email usage problems - a growing number of companies are firing workers for violating their email policies.

• Links:
• PDQ Library: Free Software Links
• PDQ Library: Famous Viruses:  Melissa,  Happy99,  Love Bug...
• US-CERT Computer Emergency Readiness Team (U.S. Homeland Security) - computer security & reporting
• Symantec Security Center & Security Warnings
• McAfee Virus threats - free virus repair tools.
• Online virus scanners (free)
  1. Trend Micro Housecall online scanner
  2. F-Secure Online Scanner
  3. Norton/Symantec Security Check
  4. McAfee Freescan (McAfee Inc.)
  5. VirusTotal (viruses, worms, trojans, malware)
• Check your computer instantly for DNS Changer malware: DNS-OK.CA
• Google search engine is your friend - search for "XYZ virus" and you can usually locate information.
• Top 20 (2007) Security Risks from the SANS Institute (computer security training)
• Windows Secrets Newsletter sends weekly news to help you get the best use of your Windows system.
• StopSpamHere.ca is the Canadian Coalition Against Unsolicited Commercial Email by government, industry, NGOs & CAUCE.ORG (coordinates the fight against spam, phishing & malware)