# Computer Corner - Computer Viruses



## Bob Hubbard

*[font=Verdana, Arial, Helvetica, sans-serif]Computer            Corner : Computer Viruses
           by Bob Hubbard [/font]*​         [font=Verdana, Arial, Helvetica, sans-serif]With            the ever-growing increase in email traffic, viruses are a constant threat            to the computer user. In the old days, viruses were limited to those            who shared infected software. Today, with around 1/5th of the worlds            population online, and the ever-growing dependence on the Internet as            a communications medium, viruses are a major threat.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]So,            what is a virus? Weve all heard the terms virus,            worm, trojan horse, and more, but what are            they exactly? Arent they all the same thing? Not really. In this            column, Ill define what a virus is, what the differences between            a virus and a worm are, why you should care, and what you can do to            protect yourself.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*1.            What is a computer virus?*[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]The            word virus is often used very generally when we normal computer users            talk about unwished programs we have got into our computers. What we            often carelessly call a virus is actually a trojan or worm. A real computer            virus is a (hostile) program, that is capable to reproduce it self and            infect other programs. 

           The victim of these infections usually doesnt care what they            are called; the important question is how to get rid of it, preferably            without losing any data. Knowing a bit about them however can ease the            panic, and speed the safe recovery of your system. Panic reactions often            cause the bigger part of the costs of virus infections.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]            Viruses are little programs. They have to be executed to be able to            make harm. A virus that is not executed is not an immediate risk. Therefore,            it is very important to not allow e-mail programs to automatically open            attachments.

           Not all viruses are dangerous to the computer. Some of            them just play music, show text or a picture. But although the virus-writer            didnt mean to make any harm, these innocent joke-viruses            might be malicious. Most virus-writers are no stars of programming,            and bugs in their code can cause trouble when the virus is executed.            [/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*2.            What is a Worm?*[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Unlike            a virus, a worm doesnt need to infect other programs. It reproduces            itself and spread mostly via e-mail. Some worms use different means            to work their way around the Internet. In the late 1980s, the            infamous Morris Worm brought the Internet to a virtual            standstill by exploiting holes in the Unix operating system. Worms will            often scan the system they are attacking for email addresses and use            that information to launch the next phase of their attack. Because of            this, worms can spread very quickly. 

           Many worms attach a document from the infected computer when they send            themselves to various addresses. Recent worms include Code Red, SoBig            and Blaster.

           Some worms, including Klez H, inactivates the anti-virus program in            the infected computer, and destroys the ant-virus program file system.            Often a worm will take an address from either the address book or from            another source on the system and use that as the sender            address when it attacks other systems. Forged and falsified sender information            is a common trick used by the current worms. If it also takes a document            from the computer, it may be very difficult for the recipient to separate            it from a normal mail with attachment. This increases the risk that            the attachment is opened and another computer infected. 

           Its very common that worms use a bug in a mail program, some            version of Outlook Express for example, that makes the attachments open            automatically. The receiving computer then will be infected as soon            as the message is read. [/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*3.            What is a Trojan?*

           The Trojan horse is well known from Greek history. The            Trojan Horse was an instrument of war used by the Greeks to gain access            to the city of Troy. The horse appeared to be a gift, but in fact had            an enemy hidden inside. In safety of darkness the Greek soldiers could            beat the guards and let their army in to town, and the Greeks won a            great victory.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]            In the computer world the word Trojan stands for something similar,            but more technical. A trojan is a program, hidden in something looking            friendly or useful. When installing the nice program, game or whatever            it is, you also install the trojan. This makes it possible for a malicious            hacker to take full control over your computer and all that is in it.

           You can get a trojan into your system together with a program you install.            Trojans can be a part of a virus or worm, they can be a component of            an other trojan. A site-owner might place them in your computer when            you visit a website, by making it be a part of a Java applet, a ActiveX            control or something else, that is executed on the visitors computer.

           An other way to place trojans, is to hide them in e-cards, congratulation            cards, Christmas cards, Easter cards, Happy New Year cards and so on,            sent to the victim via e-mail. Its easy to hide the trojan in            the card contents to make effects on the screen. If this is done, the            victim gives the hacker free entrance to the computer when he starts            the nice greeting. Or let out a virus or a worm...[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*Why            should you care?*
           When your computer is attacked, you run the risk of:
           · Losing all data stored on your computer
           · Information could be stolen from you or your company
           · Your computer could be used to attack other computers
           · You could be held liable in court if your network was not deemed            secure.
           · Your identity can be stolen.
           · Increased chance of lawsuits due to hacker-inflicted damages.
           · Your passwords can be stolen.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Think            about all the information you have on your system. Usernames and passwords.            Credit card numbers or bank account information. Important phone numbers.            All of this and more can be stolen or destroyed or changed when your            system is attacked successfully.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Wait            you ask, who would want to target me? Im a nobody. Well, that            may be true. But, it doesnt matter. Computers are attacked for            many reasons. A few are:
*Fun, Excitement, or Fame:*
           · Exciting and thrill-seeking for inexperienced attackers
           · Experienced attackers brag about accomplishments
           · Fame  recognized in print for their work
*Revenge: *
           · Former employees getting even with employers. 57% of security            breaches are by insiders 
*Steal Information:*
           · Companys proprietary information 
           · Companys customer information (credit cards) 
           · Personal information from home computers
           · Passwords or system information from systems other than the            one broken into 
*Denial of Service: *
           · Computer may be attacked for sole purpose of being used to            conduct denial-of-service or other malicious attacks on other computers            
*Storage Space:*
           · Attackers store pirated material on unsuspecting computers            
           · Continuously connected computers allow other pirates to download            material from systems used as storage 
*Cover Their Tracks: *
           · Make it difficult for law enforcement to track them
*Intercept Passwords: *
           · Packet sniffers record transmitted information and Keystroke            recorders record all keystrokes
*SPAM:*
           · Many compromised systems are used to send out SPAM. Much of            the junk email that we receive is sent out by these compromised systems.            The recipients often direct their anger at the owner of the pc, rather            than the real culprits.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Ok,            so how do you protect yourself?[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]As            in any battle, defense is key. In the battle against the viruses, I            recommend a multi-layered defense. This consists of good computing practices,            up to date anti virus software on your system, and a well-maintained            firewall to help block the attacks.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*Lets            look at good computing practices first.*
           · Use hard to guess passwords. Bob is an easy one.            56as34rt is much harder to guess.
           · Memorize your password
           · Dont share password with others
           · Dont write password on a sticky note stuck to monitor            
           · Disable file and printer sharing in Windows
           · Install a personal firewall such as Zone Alarm or SyGate
           · Keep programs on your system updated by installing the latest            patches
           · Regularly check your system for SpyWare. Spyware are hidden            programs installed while you websurf. [/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Installing            a quality anti virus program is also essential today. The days of Ill            just reinstall if I get hit are long past. Proper configuration            is also essential as is weekly or even daily updating of it to keep            you ahead of the enemy. An out of date anti virus package is actually            worse than not having one due to the false sense of security you can            have. Most anti virus software allows for automatic updating. I strongly            encourage you to use it, as most folks, myself included always mean            to do it, but usually forget.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]Also,            be certain to have an up to date personal firewall. Do not depend totally            on your ISP to filter for you. Most do not. Many of us run DSL or Cable            and use the $100 cable routers which come with some firewall            capabilities. These are a good first line of defense when properly configured.            For a second line, I strongly recommend the installation of a personal            firewall. The best of these will also allow you to block both outgoing            and incoming traffic. Worms are rendered impotent when they cant            get in or out.[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]In            conclusion, viruses are a major threat today, but with a combination            of knowledge, and proper defense, we can keep our systems clean, our            data safe, and our lives less stressed. I will end with a list of information            for those seeking further information. Thank you.[/font]

          [font=Verdana, Arial, Helvetica, sans-serif]*Anti            Virus Software Vendors:*
           · AVG Anti-Virus Free antivirus software. www.grisoft.com
           · F-Protect www.f-prot.com
           · Norton : www.symantec.com
           · Mcafee : mcafee.com
           · Panda Software Antivirus : www.pandasoftware.com
           ·Trend Micro: www.trendmicro.com[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]            Windows Update: windowsupdate.microsoft.com[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*FireWalls:*
           Zone Alarm: http://www.zonelabs.com[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]SyGate:            http://sygate.com/[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*SpyWare            Removal:*
           Ad Aware:http://lavasoft.de[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]SpyBot            : http://www.safer-networking.org/[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]*Further            Reading:*
           Robert Morris Worm:
http://www.swiss.ai.mit.edu/6805/articles/morris-worm.html[/font]

         [font=Verdana, Arial, Helvetica, sans-serif]General            Virus info:
http://antivirus.about.com            This is a great resource with more links, news and tools to help you            win the war.[/font]

[font=Verdana, Arial, Helvetica, sans-serif]            ===[/font]​ [font=Verdana, Arial, Helvetica, sans-serif]_Bob            Hubbard is an administrator of the popular martial arts portal site            MartialTalk.com and president of SilverStar WebDesigns inc., a web site            design and hosting company specializing in affordable solutions for            martial artists. A student of all the arts, he is currently studying            Modern Arnis. _[/font]​ [font=Verdana, Arial, Helvetica, sans-serif]_Bob            can be reached at kaith@martialtalk.com_[/font]​ [font=Verdana, Arial, Helvetica, sans-serif]_Originally            Published September 2003 MartialTalk Magazine
            Copyright ©2003 Bob Hubbard - All Rights Reserved _[/font]​


----------



## jfarnsworth

Question for you Bob

On my computer I still have 2 viruses that Symantec can't delete. Also, there is a w32.Rendex  "thing" that is unable to be deleted. I also get a Symantec pop up that says it found a spybot worm but this gets deleted however, it pops up quite often. The latest thing that showed up 3 days ago was a trojan horse that could not get deleted. Since that thing showed up I can't get the computer to move. Is there a program that will be able to take care of all of those problems or do I need to find 1 program that will delete each item at a time? Another thing. Could I use the system restore when I finally got it up and running when those problems didn't exist? Or will they still be there? 
Another thing whoever makes these things I think should be put behind bars! Actually for a long time.


----------



## Bob Hubbard

Turn off the restore/recovery feature in Windows
Scan for viruses and let things remove em.

That restore feature has a nasty tendency of reinstalling viruses.

For dealing with RENDEX, check these links:
http://tinyurl.com/57kfh

Also make certain you have the -LATEST- dats for your antivirus program.

For spyware, use Adaware in conjunction with SpyBot S&D (links in article), and make certain you have the latest dats for both as well.


----------



## dubljay

Kaith Rustaz said:
			
		

> Turn off the restore/recovery feature in Windows
> Scan for viruses and let things remove em.
> 
> That restore feature has a nasty tendency of reinstalling viruses.


 In short Windows is dumb and self destructive.  *sigh* I wish I knew that before I had spent all the money on my computer...I would have bought an apple.


----------



## jfarnsworth

Well after all of these _(good grief)_ hours I believe that all of the viruses, trojans, and other crap are finally gone. Hopefully. Crossing my fingers. This is the first run on the internet and it seems to be running fairly quick, pages are loading properly, lastly, no blasted pop ups.


----------



## Softix

I have tried running AVG and I think that it is a good choice for removing trojans and other viruses. Anyway do checked it out from grisoft and you will be amazed with the result.


----------



## Sukerkin

AVG is a vert good AV package, even in it's freeware incarnation.  I keep meaning to upgrade to the full package but as I hide behind both a hardware and a software firewall and run independant Anti-Spyware I don't think I'd actually gain all that much in protection.

The simplest mode of defence is to use a little caution and common sense when surfing.  Don't go to dodgy porn/warez sites, don't open mails from people you don't recognise (and get to know their mail addy's so you don't get spoofed).

At the end of the day tho', a firewall is an absolute must for an always-on system and I can't advise strongly enough that you use a hardware firewall built into a router rather than a software one on-board your PC.


----------



## MA-Caver

I currently use AVG and AdAware for protection.
Recently I had one of those bastard re-install trojans and thus eventually had to wipe the C-drive clean (thankfully the D-drive was clear of infections) and gotten everything re-installed (ironic huh?) but placing the AVG first and foremost after the OS was put back on. 
Was told that it does no good to install an anti-virus/worm-killer/trojan remover after the infection. It's written into the hard-drive and thus gonna keep popping up regardless how many times you quarantine or remove the infection. Thus having the AV on and then adding this or that program helps. 
This is what I've done now. The computer is scanned daily and especially after a  day of surfing (1-5 hours... a lot of it here!  ). In-so-far I keep getting the same comforting message "0 infections found". It's caught one or two so far and taken care of them. 
The AdAware is okay, I've used the freeware version of SpyBot and guess what... those guys will find and group together alll those nasties but they're not gonna remove them... at least not until you PAY for the full version of the program. So I just use the full version of ADAware 
Kinda like what's the point of getting a doctor's diagnosis if the doc isn't going to treat the disease because you don't pay your bill.


----------

