Computer Viruses: Repel, Reveal, and Remove

Close-up of a masked dentist leaning in for an exam

Virus pre­ven­tion is a lit­tle like den­tal clean­ings.

Maybe you put it off longer than you should, even though deep down you know that’s a mis­take. Then when some­thing final­ly goes real­ly, painful­ly wrong you smack your­self in the head for not tak­ing care of it soon­er.

I’ll try to make this as pain­less as pos­si­ble.

When time and mon­ey are tight—say you’re a small or medi­um-sized non­prof­it with no IT staff—it’s an awful­ly easy thing to let slide.

But please don’t, for your own sake.

Real­ly.

Pret­ty please.

Who this is for.

Any­one with a com­put­er.

What to expect.

A scary sto­ry.

A prob­a­bly-hap­py end­ing.

Sug­ges­tions on pre­vent­ing infec­tions.

Sug­ges­tions on find­ing and fix­ing infec­tions.

A list of anti-mal­ware tools to con­sid­er.

Cautionary Tale: When Bad Things Happen to Good Computers

Recent­ly a client’s web­site was hacked. Some­one used his login to con­nect to the web­site and upload a file with evil soft­ware, hop­ing oth­ers would be infect­ed upon vis­it­ing his site.

For­tu­nate­ly his web host­ing com­pa­ny quick­ly noticed the prob­lem, restored the non-evil ver­sion of his site, and emailed him with the scary news. If they hadn’t, besides infect­ing oth­er peo­ples’ com­put­ers his site could have end­ed up on the black­list for one or more search engines. While that’s not the end of the world, it’s a bit of a nui­sance to get off of the black­lists.

How could some­one get his pass­word to hack his site?

Maybe they grabbed his pass­word as it flew around the Inter­net or a wire­less net­work. But the more like­ly expla­na­tion made me ner­vous: maybe some­body got the pass­word by using some kind of virus or oth­er mali­cious soft­ware (mal­ware) and pulled it right off of his com­put­er.

So I advised him in how to aggres­sive­ly scan his com­put­ers for mal­ware, clean them if need­ed, and min­i­mize the risk of future infestations—much of the infor­ma­tion that I’m pro­vid­ing in this arti­cle.

Yep, maybe some­one used mal­ware to pull the infor­ma­tion off of his com­put­er.

Or… wait a minute… maybe they pulled it off of my com­put­er.

Uh-oh.

An Attack of e-pochondria

Now, I am pro­found­ly risk-averse. I’m a very wary Inter­net user, and I reli­gious­ly scan, update, back­up up, clean, and main­tain all my com­put­ers. Like the car buff who cleans her vin­tage Camaro’s dash­board with a tooth­brush, except that I’m clean­ing my oper­at­ing sys­tem with a tooth­brush.

In fact, some­one look­ing at my behav­ior from out­side my head might use words like “com­pul­sive” or even “para­noid”. And I was okay with that: as far as I knew it had been at least a decade since any kind of mal­ware had dark­ened my doorstep.

But as I thought about it…

Close-up of an eye

Who’s watch­ing my data? (Cred­it: the-g-uk)

Lots of lit­tle imper­fec­tions in my com­put­er start­ed look­ing less like annoy­ances and more like tell­tales of evil soft­ware lurk­ing in the shad­ows. Slow start­up? Prob­lems with shut­downs? Inter­mit­tent hangs? My hard dri­ve grind­ing away for no appar­ent rea­son? Maybe it was just Win­dows being Win­dows. Or maybe not.

The idea that his site might have been hacked because of mal­ware on my com­put­er seri­ous­ly wor­ried me besides gen­er­al­ly weird­ing me out me out.

I just know that right now Win­dows is the Val­ley of the Shad­ow of Death, so that’s where this arti­cle will walk.

What fol­lowed was the geek equiv­a­lent of com­pul­sive hand-wash­ing: end­less­ly scan­ning my com­put­ers with a wide vari­ety of tools, read­ing up on the lat­est sys­tem hacks and patch­es, and gen­er­al­ly think­ing too much about my com­put­er instead of just work­ing with my com­put­er.

Alien Virus from the Future

The upshot of all this fren­zied scan­ning? I’m clean.

Image of Norton security showing computer is clean

Whew—clean!

Or if I’m not clean, I have some alien virus from the future that’s smart enough to fool me and a bunch of major and minor secu­ri­ty ven­dors, in which case (and I’m writ­ing this to the virus, which I’m sure is read­ing this)—I give up. You win. Take what you want from my hard dri­ve, just don’t dis­in­te­grate my car or steal my house.

Are You At Risk? Mac vs. PC vs. That Other One

Near­ly all the world’s per­son­al com­put­ers (desk­tops and lap­tops) are using one of three oper­at­ing sys­tem: Microsoft Win­dows, Apple Mac OS, and the free open source Lin­ux.

How Risky Are They?

Lin­ux. Your risk is very low.

Mac. Your risk is pret­ty low, but you might want to con­sid­er anti-mal­ware soft­ware.

Win­dows. You’re a prime tar­get for every hairy-eyed hack­er on the plan­et and it’s a minor mir­a­cle if you haven’t at some point expe­ri­enced a mal­ware infec­tion, even if you weren’t (or aren’t) aware of it.

Is that because Win­dows is poor­ly made, or just because Win­dows is a bet­ter tar­get, rep­re­sent­ing 85% to 90% of the com­put­er mar­ket?

I use all three oper­at­ing sys­tems, I’ve seen the argu­ments, and I’ve come to this con­clu­sion: I don’t care. I just know that right now Win­dows is the Val­ley of the Shad­ow of Death, so that’s where this arti­cle will walk.

Repel, Reveal, and Remove

Goals

1. Keep nasty soft­ware off your com­put­er.

2. If nasty soft­ware gets through, min­i­mize the dam­age it can do.

3. If nasty soft­ware gets through, find and remove it.

Method

1. Keep Win­dows up to date with fix­es from Microsoft.

2. Keep oth­er soft­ware up to date too.

3. Browse Wise­ly

4. Let secu­ri­ty soft­ware con­tin­u­al­ly pro­tect you.

5. Do peri­od­ic scans for mal­ware.

Defense #1. Keep Windows up to date with fixes from Microsoft

Tired of tak­ing flak for all the Win­dows mal­ware out­breaks, Microsoft has become much more assertive about auto­mat­i­cal­ly installing updates on our com­put­ers. It does this through the Win­dows Update ser­vice, and in par­tic­u­lar through Auto­mat­ic Updates.

Windows Update screenshot

Win­dows Update

This ser­vice runs on your com­put­er and con­tin­u­al­ly mon­i­tors for patch­es and advi­sories from Microsoft, down­load­ing and installing them as need­ed.

Some peo­ple find that intru­sive and annoy­ing. Those peo­ple are over­look­ing the fact that a mal­ware infec­tion is even more annoy­ing.

Microsoft pro­vides good infor­ma­tion on auto­mat­ic updates, includ­ing instruc­tions on how to enable them. I strong­ly rec­om­mend using Microsoft’s rec­om­mend­ed set­tings, which will auto­mat­i­cal­ly down­load and install updates with­out you need to do any­thing.

Pushy? You bet. Safer? Dit­to.

Defense #2. Keep other software up to date too.

Besides Win­dows, oth­er pro­grams you use might acci­den­tal­ly let mal­ware run on your com­put­er. For exam­ple, in the last year or two Adobe Acro­bat Read­er has been the tar­get of numer­ous attacks.

Most major soft­ware ven­dors make patch­es avail­able if you go to their web­sites and down­load them. How­ev­er, in the last few years many ven­dors have start­ed doing the same kind of proac­tive check­ing that Win­dows does.

For exam­ple, Adobe, Apple, Google, and Microsoft all have sys­tem to auto­mat­i­cal­ly check for updates to their soft­ware, and gen­er­al­ly you don’t need to do any­thing to make these ser­vices check for updates, though you can usu­al­ly request updates on demand (often via the Help menu). In fact, you can check for updates to Microsoft Office using Win­dows Update.

An example of a software updater (Adobe Photoshop)

An exam­ple of a soft­ware updater (Adobe Pho­to­shop)

Defense #3. Browse Wisely

That mal­ware has to come from some­where, and more often than not it comes from the Inter­net, whether through email or brows­ing.

We’ll deal with email in the next sec­tion.

As for brows­ing, yes it’s pos­si­ble for bad things to hap­pen just by vis­it­ing a web­site. Nev­er down­load a file from a site unless you have good rea­son to trust the site is safe, and gen­er­al­ly avoid vis­it­ing sites unless you know them to be safe.

Is That Site Safe? How to Tell.

Search engines. Search engines like Google, Yahoo, and Bing keep tabs on sites and will flag ones that are known to be infect­ed with mali­cious soft­ware. Don’t count on them to catch every­thing, but they’re bet­ter than noth­ing.

Secu­ri­ty soft­ware. Most high-end secu­ri­ty soft­ware (dis­cussed in the next sec­tion) includes some form of web­site mon­i­tor­ing. These sys­tems keep a data­base of known evil sites and will warn you if you’re about to vis­it one.

Web of Trust. There’s a great, free com­mu­ni­ty-dri­ven sys­tem called Web of Trust that lets com­mu­ni­ty mem­bers rate sites on four cri­te­ria: Trust­wor­thi­ness, Ven­dor Reli­a­bil­i­ty, Pri­va­cy, and Child Safe­ty. WoT pro­vides add-ons for all major browsers. These add-ons will warn you if you’re about to vis­it a sketchy site. Not every site is rat­ed, but an amaz­ing num­ber are. For extra pro­tec­tion I run WoT in addi­tion to my paid secu­ri­ty suite.

Web of Trust (Firefox Plugin)

Web of Trust (Fire­fox Plu­g­in)

Defense #4. Let security software continually protect you.

Keep­ing Win­dows and oth­er soft­ware updat­ed, and brows­ing wise­ly: that’s a good start. But it’s not enough. You need soft­ware that can pre­vent, detect, and elim­i­nate mal­ware infec­tions.

If you can afford it, a paid, com­mer­cial secu­ri­ty suite is a good invest­ment. A secu­ri­ty suite is a col­lec­tion of soft­ware tools that pro­tect you in many ways: auto­mat­i­cal­ly scan­ning your down­loads and email, auto­mat­i­cal­ly updat­ing the list of mal­ware they fight, pro­tect­ing you while you browse the web, and more.

Automatically scanning a file for malware

Real-Time Pro­tec­tion

In just the last 2–3 years these pro­grams have got­ten much bet­ter, not only at detect­ing prob­lems but at get­ting in your face as lit­tle as nec­es­sary. Through­out the year I often read mag­a­zine arti­cles and author­i­ta­tive web­sites that review and com­pare secu­ri­ty suites. If you want to be sure you’re get­ting the cur­rent cham­pi­on, find a recent com­par­a­tive review from this kind of source.

Besides online sources like CNET.com, the fol­low­ing mag­a­zines run secu­ri­ty roundups about once a year and will give you good infor­ma­tion:

- Con­sumer Reports
PC World
— Max­i­mum PC

If you’re less con­cerned about the cur­rent cham­pi­on (it does vary from year to year) and just want a sol­id secu­ri­ty pack­age, these gen­er­al­ly rate well:

Paid Secu­ri­ty Soft­ware Exam­ples

Nor­ton

Kasper­sky

ESET

Bit­De­fend­er

McAfee

Qual­i­fied non­prof­its can get secu­ri­ty tools like Nor­ton very inex­pen­sive­ly through Tech­Soup. For exam­ple, as of this writ­ing Nor­ton Inter­net Secu­ri­ty, gen­er­al­ly rat­ed very high­ly among secu­ri­ty suites, will run you just $6. Upgrad­ing to Nor­ton 360, which adds some nice back­up fea­tures, only push­es the tab to $8.

But if you can’t afford a com­mer­cial suite, there are some very good free options too.

These typ­i­cal­ly don’t rate quite as well as the high­ly-rat­ed com­mer­cial pack­ages, though some rate bet­ter than low-rat­ed com­mer­cial pack­ages.

They also offer few­er fea­tures; for exam­ple, some will scan your hard dri­ve when you ask them to, but won’t auto­mat­i­cal­ly scan in the back­ground, scan your email, or warn you of risky web­sites. Most free secu­ri­ty pack­ages are “freemi­um” soft­ware: you can down­load the free ver­sion, but get a more pow­er­ful or con­ve­nient ver­sion by pay­ing.

Free Secu­ri­ty Soft­ware Exam­ples

Microsoft Secu­ri­ty Essen­tials

AVG

Avi­ra

Impor­tant: Update Your Soft­ware

Secu­ri­ty soft­ware is only as good as its knowl­edge. New mal­ware is being invent­ed at a fero­cious rate, and the peo­ple invent­ing try to make it smarter than last week’s secu­ri­ty soft­ware.

When new mal­ware gets dis­cov­ered, secu­ri­ty ven­dors need to let their soft­ware know about the new threat by updat­ing the software’s ency­clo­pe­dia of threats and the traces they leave behind.

All paid secu­ri­ty soft­ware, and some free soft­ware, will auto­mat­i­cal­ly down­load these def­i­n­i­tions. Their fre­quen­cy varies, with some updat­ing many times a day. For most paid soft­ware pack­ages, this is their hook to keep you pay­ing: when you buy the soft­ware you get a cer­tain peri­od of free updates, typ­i­cal­ly a year. After that peri­od you’ll have to pay for your “sub­scrip­tion” to be renewed. It might feel like lar­ce­ny, but it’s worth the mon­ey to have the lat­est pro­tec­tion.

For some pack­ages, though, you have to down­load the def­i­n­i­tions man­u­al­ly. For exam­ple, some free secu­ri­ty soft­ware will make you down­load updates man­u­al­ly, enabling auto­mat­ic updates if you buy the paid ver­sion of the soft­ware.

So when you install your secu­ri­ty soft­ware, check whether it sup­ports auto­mat­ic updates. If not, it’s crit­i­cal that you cre­ate a peri­od­ic reminder (at least week­ly) to down­load the lat­est def­i­n­i­tions.

Manually updating Malware Bytes

Man­u­al­ly updat­ing Mal­ware Bytes

Defense #5. Do periodic scans for malware.

Some free soft­ware, and all paid secu­ri­ty suites, give you a good deal of auto­mat­ic pro­tec­tion by mon­i­tor­ing your com­put­er con­stant­ly.

Regard­less, you should occa­sion­al­ly do a com­plete scan of your com­put­er if your secu­ri­ty soft­ware doesn’t do this for you auto­mat­i­cal­ly. With­in your secu­ri­ty soft­ware you should find an option called some­thing like “Scan” or “Scan Now”. I rec­om­mend doing a com­plete sys­tem scan at least month­ly in addi­tion to what­ev­er auto­mat­ic pro­tec­tion your secu­ri­ty soft­ware pro­vides. I scan my own com­put­ers much more often than that, typ­i­cal­ly week­ly, to be safe.

How­ev­er, no secu­ri­ty soft­ware tool can detect every kind of mal­ware. For this rea­son, to be extra safe you might peri­od­i­cal­ly scan with a dif­fer­ent tool than your nor­mal secu­ri­ty soft­ware.

These tools aren’t ade­quate for your pri­ma­ry secu­ri­ty pro­tec­tion, but they pro­vide a reas­sur­ing (and free) sec­ond, or third, or fourth opin­ion:

Takeaways

In sum­ma­ry, doing these things will make a mal­ware attack much less likely–and if one does hap­py, you’ll be much more like­ly to catch it and fix it.

Patch and Prevent

  1. Enable Auto­mat­ic Updates Enable auto­mat­ic updates for Win­dows and any oth­er soft­ware that sup­ports it.
  2. Down­load with Cau­tion Use good sense with down­loads.
  3. Get Mon­i­tor­ing Help Don’t trust your good sense: install a tool that flags dan­ger­ous sites.

Monitor and Eliminate

  1. Install a Secu­ri­ty Suite Install secu­ri­ty soft­ware that will mon­i­tor your com­put­er con­tin­u­al­ly.
  2. Update Secu­ri­ty Soft­ware Keep your secu­ri­ty soft­ware up to date.
  3. Peri­od­ic Scan Peri­od­i­cal­ly (month­ly or more) do an ad hoc secu­ri­ty scan of your hard dri­ve.
  4. Con­sid­er a Sec­ond Opin­ion For extra safe­ty, con­sid­er occa­sion­al scans with a dif­fer­ent secu­ri­ty pro­gram.

Here’s wish­ing you good luck and good health through the con­tin­u­al virus sea­son.

Post image cred­it: heather

Registration is required to comment.

You aren't currently logged in. You can use the fields below to post a comment without logging in or registering, or you can log in or register now.




By submitting a comment here you grant Blazing Moon a perpetual license to reproduce your words and name/web site in attribution. Inappropriate comments will be removed at admin's discretion.

Blazing Moon RSS Feed