Avoiding Computer Viruses
This guide on avoiding computer viruses will show you how to stay alert and how to avoid getting infections on your computer. Having an updated virus scanner is only a small part of this, there are many ways that you can prevent having viruses other than a virus scanner, as it will not always save you.
Types of viruses
There are many type of viruses. Typical viruses are simply programs or scripts that will do various damage to your computer, such as corrupting files, copying itself into files, slowly deleting all your hard drive etc. This depends on the virus. Most viruses also mail themselves to other people in the address book. This way they spread really fast and appear at others’ inboxes as too many people still fall for these. Most viruses will try to convince you to open the attachment, but I have never got one that tricked me. In fact, I found myself emailing people just to make sure they really did send me something. It does not hurt to be safe.
Worms are different type of viruses, but the same idea, but they are usually designed to copy themselves a lot over a network and usually try to eat up as much bandwidth as possible by sending commands to servers to try to get in. The code red worm is a good example of this. This worm breaks in a security hole in Microsoft IIS (Internet Information Server) in which is a badly coded http server that, despite the security risks, a lot of people use it. When the worm successfully gets in, it will try to go into other servers from there. When IceTeks was run on a dedicated server at my house, there was about 10 or so attempts per day, but because we ran Apache, the attempts did not do anything but waste bandwidth and not much as I had it fixed a special way. Some worms such as the SQL slammer will simply send themselves over and over so many times that they will clog up networks, and sometimes all of the internet. Worms usually affect servers more than home users, but again, this depends on what worm it is. It is suspected that most worms are efforts from the RIAA to try to stop piracy, so they try to clog up networks that could contain files. Unfortunately, the RIAA have the authority to do these damages and even if caught, nothing can be done.
Trojans are another type of virus. They are simply like a server in which enables hackers to get into and control the computer. A trojan such as Subseven can enable a hacker to do various things such as control the mouse, eject the cd-rom drive, delete/download/upload files and much more.
Boot sector viruses are another type, they are similar to file viruses, but instead they go in the boot sector and can cause serious damage when the computer is booted, some can easily format your drive simply by booting your computer. These are hard to remove.
Most viruses have various characteristics.
For example, a worm can also be a trojan and also infect the boot sector. It all depends on how the virus is written and what it is designed to do. That’s why there are not really strong structured categories, as they can easily mix one in the other.
Know the potentially dangerous files
Like any other files, computer viruses must be opened in order to do something. Most computer viruses come through email as an attachment so try to avoid files in emails. Some will make it look like it’s someone you know, and it will try to convince you to open an attachment. Never open attachments at any cost! Some viruses will infect files in programs, so opening a program will actually open the virus, maybe the same one, or another part of it.
All files have what is called an extension;
This is the 3 last letters after the last period. For example, setup.exe has a file extension of .exe.Extensions to watch out for are .exe .com .bat .scr .pif .vbs and others, but these are the most seen. .exe .com .bat .pif and .scr are valid extensions for executables. A virus writer will simply rename it to one of these and it will work the same way. .pif is a shortcut to an ms-dos program and will have the ms dos icon, but will still execute whatever code is in it, so an .exe can be renamed to .pif and be run the same way. .bat is a batch file, which can contain instructions to do various file activities, but again, a .exe can be renamed to .bat and it will execute it! .vbs is a visual basic script. For some reason, Microsoft provides this scripting language along with the scripting host to make it more convenient to design and write viruses quickly and easily, I’ve never seen another use for this scripting language other than for writing viruses. There are programs that are written with that language, but it is compiled into an exe. Exe is the usual extension for programs, you would not have a software CD install a bunch of vbs files all over!
Bottom line is,
In avoiding computer viruses you don’t know what a file is just don’t open it. Some viruses will sometimes be named a way as to mask the real file extension to make it look like a harmless file such as a image file. This is easily noticed, but can still be missed. Simply don’t open unexpected files. If you get something that appears like something legit, just ask the person it came from if they sent it. Most viruses use a friend’s address to make it look like it comes from them. The virus does this by using the person’s address when sending itself to the address book contacts.
Email is not the only way of avoiding computer viruses; P2P (file sharing programs such as kazaa, winmx, direct connect torrents etc) is also another way to get viruses.
When downloading programs,
the main thing to watch out for is the file size. If you are downloading a program that you expect to be rather large such as a game, don’t grab a file that is 10KB, since it’s most likely a virus. However, I’ve been caught with a virus even with large files, so file size is not the only thing to watch, as an exe is still valid even if junk is added at the end, so a 64KB virus will still function even if it is turned into 650MB.
Icons are something to look for too,
fortunately, virus writers don’t take time to put icons. If your download should be a setup file, you should see the icon of a setup file. If it’s just the blank icon that typical plain or corrupted exes have, don’t open it.
Another thing to do,
which should be obvious, is to scan the file for viruses using updated virus definitions. But don’t rely on only your virus scanner, as they are not perfect, and if the virus has not been reported to them yet, they won’t know to create a definition for it!
Some viruses, mostly worms, can exploit through servers and affect other servers from servers that have been infected. A good example is the SQL slammer. This was a worm that affected SQL servers run by Microsoft IIS and Microsoft SQL Server. Once the worm gets in, that particular server starts trying to find more exploitable driving internet connections to a halt in the process. Servers running Apache were unaffected by that, except for the many hits to try to get in. IceTeks received about 100 hits per day when it was run on a dedicated home server. Most hits came from major ISPs and other big websites that had no clue they were still affected.
Removing a virus
If you get a boot sector virus, this marks some of the boot sectors as bad preventing the computer from booting up. You will need to use a special tool for the regeneration of your hard drive. You have no need to format you hard drive now and should always be able to repair your computer with the use of safe mode and backup files of your registry and system restore and image files
Viruses are out there,
don’t be one of the many infected ones! Stay alert and stay safe! Don’t open unexpected files, regularly update your virus definitions and scan downloaded files! good luck in avoiding computer viruses
I hope this article on avoiding computer viruses was useful for you!