Sunday, January 3, 2010

Viruses, Spware & Malware

The moment you connect your Windows PC to the Internet you risk exposing it to possible infection by malicious software, or malware. Here are the definitions of the terms, in brief, from Wikipedia:

Malware: short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code.[1] The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses.

Virus: A computer virus is a computer program that can copy itself and infect a computer. The term "virus" is also commonly but erroneously used to refer to other types of malware, adware, and spyware programs that do not have the reproductive ability.

Spyware is a type of malware that is installed on computers and collects information about users without their knowledge.

Adware or advertising-supported software is any software package which automatically plays, displays, or downloads advertisements to a computer after the software is installed on it or while the application is being used.

In my previous post on Windows security I discuss how important it is to use the best virus and spyware protection you can, and surf the web with a secure web browser. Viruses can cause serious damage to your software and can destroy your documents as well. Sometimes viruses will mess up your Windows installation so bad you won't be able to boot your computer at all.

If your PC gets a virus usually the first thing you will notice is your computer slowing down when you attempt to run a program, especially web browsing. Sometimes web sites you normally browse to will not load at all even though you can go to other sites. Other symptoms include computer freezing up or Windows crashing and displaying the blue screen of death.

If you think you might have a virus, close all programs and open your virus protection software. If you don't have one installed, consider it a lesson learned and skip to the part below on how to remove viruses. Make sure that the software and it's virus definitions are both up to-date. Often when the license expires, the software won't update, nor will it download the latest virus definition files, meaning that newer viruses can't be detected and removed. Also, some viruses disable your anti-virus software's ability to update, so be sure it confirms that the updates are current. If your software seems to be working properly, now you can scan your PC for viruses.

If your virus scanner encounters any errors while scanning, or won't run normally for any reason this is further evidence that a virus has infected your PC and has compromised your protection software. Again, remember to check and see if the software license has expired.

In either case you should download the Avast! Home Edition Installer to your desktop, remove your old anti-virus software and install Avast. It's free for life, and is one of the best out there. If you find that you can't even get online you may have to borrow someone else's PC to download the Avast installer to a flash drive, or CD so you can transfer it to your PC. Do NOT try to install Avast or any other anti-virus software if you have not removed any existing software. Having more than one anti-virus software installed at a time will cause problems and is never a good idea.

If viruses are found, write down their names, or take a screenshot for reference. When viruses are detected, your anti-virus software will probably ask you what you want to do with them . In most cases the choices will look something like this:

"Repair Infected Files"
"Delete (Remove) Infected Files"
"Move to Quarantine"

The best choice is usually to repair the infected files. If the infected file happens to be an important document of yours, or a Windows system file, choosing the repair option will clean the file of infection and restore it to it's normal state. If that fails, quarantine is the next best choice because you can safely store the file for possible repair by a technician using more advanced techniques. If those choices fail, deleting is the only option. The bad news is if an unrepairable file happens to be a Windows system file, Windows will need to be repaired, or more likely, reinstalled.

If your anti-virus software reports all problems corrected, close the program and reboot your PC. Try to notice if the computer behaves any differently. It might start up faster than it has in a while if viruses had been removed, or you may see error messages if there was any damage left behind by the infection. Write down any error messages you see verbatim. They can be searched for on Google to help solve the problem.

Now that you have rebooted, open your anti-virus software again and scan the PC for viruses once more. If it comes up clean you have succeeded. If, however viruses come up again during the scan, this could mean that viruses are getting re-generated from a host file that remains undetected, or untouchable to the anti-virus software. Often this involves the virus using Windows XP's file lock-down abilities to block you and your software from removing or altering it.

It still may be possible to fix this but it could take a very long time, and there's no guarantee Windows will be OK when you're done. Viruses sometimes damage your data, rendering the files useless, but more often they corrupt system files rendering Windows unstable, unreliable, or just plain broken. In most cases of persistent, multiple virus infections, backing up your data and reinstalling Windows from scratch is time better spent. If you re-install Windows, make sure any data you backed up that you are returning to the PC is scanned for viruses, otherwise the PC can get re-infected. Your files will be automatically scanned for viruses when you transfer them to your PC with some virus scanners, including Avast.

No comments: