Describe a virus.
A virus is a self-replicating software that typically spreads to other computers through email or the Internet. There is no need for human involvement. It intends to replicate, harm computers, or do both. It usually originates from corrupt emails or documents and can either cause damage immediately away or function as a ticking time bomb until a particular day.
As the computer reads a disk, boot viruses like Disk Killer and Michelangelo are loaded. It is incredibly tough to eradicate this particular infection.
Program viruses propagate themselves in all executable files on the hard drive by attaching to the computer’s executable applications. Again, these are pretty tough to remove. The Sunday Virus and Cascade Virus are two examples.
Stealth viruses manipulate file sizes to avoid detection. Examples include the Whale virus and the Frodo virus.
Polymorphic viruses vary when they multiply to avoid being detected by antivirus software or people. The Stimulate virus and Virus 101 are two examples.
The normal. Dot file (the template that opens with Word when you don’t open a file) is infected by macro viruses, infecting Microsoft Office documents and other files. When infected files are shared, these viruses spread to other computers and infect every document accessed in the software. Examples include the DMV and Nuclear viruses.
Another thing that viruses have gotten very effective at is disabling antivirus software. After this incident, other malware might enter the machine without worrying about being discovered, and this specific infection continues to execute its malicious activities. In fact, during numerous regular service calls, I would notice that the small anti-virus software icon next to the clock had vanished, and the computer user had never even noticed the change (at least not until I had pointed it out!).
What is Spyware?
Spyware is a catch-all term for malware downloaded onto a computer from infected websites on the Internet or from user-installed software and other packages. Spyware, which has spread over the previous 8–10 years (since around 2000) and been mistakenly categorized as viruses, has given many computer users tremendous difficulties, necessitated machine reformatting, and resulted in file loss. This form of software is what this document is going to concentrate on.
Ad-ware, hijackers, tracking cookies (although not all tracking cookies are wrong), ransomware (an advanced form of rogue security software), and keyloggers are all examples of spyware. New types of spyware include rootkits which can be very difficult, if not impossible, to remove from a computer system. I shall speak more about that later. However, the main characteristic of spyware is that it is a piece of software installed on a computer system without the user’s knowledge or consent. It is frequently tough (or appears to be very difficult) to remove.
Many spyware programs are installed by Trojans, where a piece of software is installed on the computer from the Internet. The user installs the spyware unknowingly at the same time as the “software,” giving the malware-free reign of the computer. Free screensavers, free games, programs from torrents, programs from file sharing (like Limewire), and other rogue software all install this way.
Through infected websites, further spyware applications are installed. If you see a page with a popup that comes up and says something like “Warning: Your computer is infected with 99999 viruses. To scan your machine, click here. “You see malicious malware attempting to infect your computer and an infected web page.
Pop-ups, pop-unders, and other advertising on a computer due to unintentionally installed software are referred to as adware. Adware’s primary goal is to persuade users to click on advertisements so that the person who created the software can profit from their clicks.
Hijackers (browser hijackers) figuratively take control of a user’s web browser and direct them in a different direction from where they intended to go. Most of the time, even the homepage gets hijacked. Once more, the goal of a hijacker is financial gain; every time users click links on the hijacked page, the virus creator gets paid. Technically speaking, hijackers operate at various levels, changing the registry, host files, browser add-ons, LSP (Layered Service Protocol) hijacks, and homepages. Eliminating browser hijackers might result in browser connectivity loss which requires additional (and more experienced) diagnosis and cleaning.
While login into banking pages, eBay, Paypal, and other websites vital to the user, keyloggers can track what the user is doing on the computer and record the user’s keystrokes. The “Home” server, commonly called “calling home,” is where the bad guys may decode the information and utilize it to obtain user banking, credit card, and other identity-theft information when the keylogger software transfers it there.
Rogue security software and its more dangerous cousins, ransomware, are the latest types of malware that cause computer users problems. The malicious security software, which typically appears as a popup claiming the computer is afflicted with thousands of viruses, masquerades as valuable protection software and is installed through corrupted web pages (also known as a drive-by download). The victim is frightened into clicking Scan Now or OK, which only serves to establish the infection despite what the software claims; it doesn’t detect anything. Then, for the cost of the software, it offers to clean the computer. Paying for the software only modifies the process, with the software claiming to have eliminated all viruses. Examples of this malware include Security Essentials 2010, Security Tool, Antivirus 2009, Antivirus 2010, and Spy Sheriff (one of the originals).
Rogue security software is similar to ransomware, but the consequences are much more severe. Not only does it demand payment, but it also prevents the computer from functioning correctly until it receives compensation. Even worse, some of this kind of malware encrypts all of the data files on the computer, including documents, images, music, and videos, with a 128-bit key known only to the programmers. Unless the data is backed up onto an external drive or the user pays the ransom, recovering the data is practically impossible. The installation process for this software is the same as for the fake security program.
The characteristics of malware programs and why anti-virus software frequently cannot protect you.
The people who create malware can be found anywhere in the world and have a much deeper understanding of computers, operating systems, and browsers than the average person. They build their inventions, test them, and then release them from the nest so that they can fly (and spread disease) on their own. Every browser and operating system that the bad guys can get their hands on is used to test the malware. They try to exploit ANY security flaws that may still exist in the programs and operating systems.
They often find out about these security flaws from other hackers. Occasionally, they even find out about them from random people who happen to find them without malicious intent. The virus authors then use search engines for advertising their infected websites. They might deliberately misspell a well-known domain name or publish (some great-looking but infected software that promises the world to the user) to a website or shareware site. Computers gradually become infected by the software.
What about the antivirus companies? In any case, the makers of antivirus and anti-spyware software (Norton, McAfee, Trend, AVG, Avast, Webroot, Spybot, Ad-aware, and now Microsoft, etc.) are still unaware of this program. It is because no one has reported it to those companies. So, the bad guys are pretty awful! They don’t announce the release of this new software to the anti-malware firms!
Yet once antivirus firms start receiving reports of new viruses, they ask for samples and the sources (where they came from). They can then begin disassembling (reverse engineering) them if necessary and work on changing their program definitions so that their software can combat the viruses.
Definitions are the pieces of code that the excellent software compares the code on the hard drive against to evaluate whether or not it is malicious software. Definitions must be updated frequently so that the good folks can battle the bad ones. Definitions were revised once a week or so in the past. Several businesses now update them once per day or perhaps more frequently.
The good guys have a chance to update their definitions and possibly their software (if necessary) to combat the malware now that it has been “in the wild” (on the Internet) for some time. Does that mean that it will remove all of the infections all of the time in the future? NO! The removal processes can still have issues, and on occasion, they might not even get better for several weeks or months. Because the good software cannot prevent the harmful software from executing when the machine is turned on, further issues may arise (known as processes). Rootkits can integrate with the operating system and even operate in Safe Mode.
Antivirus software might not be of any assistance! Even if a Trojan is present, your antivirus software will be powerless to prevent the installation of a program (ANY program) if the user (you, a family member, a friend, etc.) grants the go-ahead. The malware cannot be prevented from installing no matter what anti-virus program you use, not even the “greatest” one!
Can you see how this is a vicious loop that never ends? Can you see how and why your antivirus software cannot protect you? Does this imply that you should no longer use antivirus software? No, I think not. Antivirus software can sometimes assist in saving you, helping in removing infections, and warning you of modifications to your operating system that shouldn’t occur. But, it is NOT a cure-all for virus infections, nor can it prevent them from happening!
HOW CAN YOU DEFEND YOURSELF against these terrible, harmful infections:
1) When using the Internet, education and common sense are required. You can halt these illnesses without any ifs, ands, or buts. If something doesn’t feel right about what you see on the screen, don’t do it!! Avoid pressing the button.
2) ALWAYS keep Windows and your anti-malware software up to date—it can’t defend itself against what it doesn’t understand! Run ONE antivirus program at a time. Nonetheless, it is possible to employ several anti-spyware scanners (like Ad-Aware and Spybot Search and Destroy, for example).
3. Employ a firewall program. An adequate firewall that keeps track of incoming and outgoing connections is included with Windows 7. The Windows firewall in Vista and XP are passable but do not monitor outgoing links (like when spyware tries to “call home”) (like when spyware tries to “call home”) Try out a free firewall with antivirus like Comodo Firewall; it’s fantastic and free. One antivirus program (as well as one firewall) only, please.
4) Avoid porn, hacking, party poker, and other websites with amusing characters or illogical domain names, such as google.com, when browsing. Be careful what you click on when conducting searches on the Internet. If you are unfamiliar with the domain, don’t blindly click on a website that seems intriguing. Examine the environment and the rest of the URL with a critical eye. Avoid going there if it looks scary. Same thing with Facebook and MySpace links! Choose a different, more secure location to visit (treat URLs like you would a dark alley; you never know where danger may hide!). You can use a website checker (both Symantec and McAfee offer one with their Security Suite, and AVG utilizes one, even with their free anti-virus software), but keep in mind that nothing is 100% guaranteed.
5) The following method can be used to get rid of the undesirable pop-up (notice that it will only work if you haven’t clicked anything yet and the malware hasn’t already infected your computer): Hit the DEL (or DELETE) button once while simultaneously holding down the CTRL and ALT buttons. If Windows XP or before, Task Manager will start; if XP (with Quick Logon deactivated), Vista, or 7, select “Start Task Management.” The Programs tab should be highlighted. You were rescued if you clicked on each instance of Internet Explorer individually and then clicked End Task until the undesirable pop-up disappeared.
6) When they notice a terrible popup like this, some specialists advise removing the machine from the power or holding the power button for 5 seconds if it’s a laptop. But, there is a catch to this technique: since it involves a hard shutdown, it can potentially corrupt your hard drive and your Windows installation. Because of this, I do not advise using this procedure unless it is an absolute need. Consider the potential repercussions before you do it, though!
Phishing attacks might originate from emails or a malicious website that is misrepresented as legitimate. Millions of customers received fake emails two years ago that purported to be from their stockbroker, bank, PayPal, or eBay. The email warned the user that their account was in default or that their password had expired, among other terrifying information (this is known as Social Engineering in the computer security world). The user clicked the link without considering a potential scam and freely entered their personal and financial information into the fraudulent website. Many lost a lot of money since they didn’t think critically about what they were doing or even consider the entire domain. The URL for a fake website looks like this: “http://www.ebay.changepassword.tki.ru.” Although “eBay” appears in the Address, the page’s proper domain is tki.ru, indicating that it is a Russian website with an eBay-like page URL. Even something like “eBay – Change Password” could be in the headline. AVOID providing personal information unless you entered the URL yourself or used a trustworthy favorite, and ALWAYS be aware of the REAL domain (also known as a bookmark).
“We need to question ourselves: Did the program come to me, or did I go to it?” when referring to Internet-based software.
If it approaches you, flee (or close the browser window). If you went, it’s likely that you were prepared and knew where you were going.
An additional internet security hazard:
Over the past few years, Craigslist has grown to be incredibly popular and effective for many people. Unfortunately, it is also full of con artists. The fraud often operates as follows:
You post a sale listing on Craigslist.org. Someone interested emails you (they usually aren’t willing to phone!). The person claims they are interested in the item and want to purchase it immediately without seeing it before (a definite warning flag). They offer to give you a check or Moneygram for much more than the item is worth. They claim you get to retain a little extra for your trouble, but they also want you to pay the shipper a hefty sum to pick up the item and send it to the “new” owner. The con is that after spending your hard earned money on shipping, you lose the goods and discover that the cashier’s check you paid with was fake. It wasn’t a great day on Craigslist.
Surprisingly, I was the victim of a similar fraud attempt on Craigslist! Following the posting of an ad for laptop repairs, I received emails from two people stating that they had seven laptops that needed fixing and were currently out of state. They instructed me to set my price before they shipped the laptops. The scam went as follows: I would get paid with fictitious funds, and I would spend the “shipper” to ship the computers; however, I would run out of funds, there would be no actual machines to fix, and the fictitious funds would be lost.
What should you do if you still become infected with malware after learning what it is, how it enters your computer, why antivirus software cannot shield you from it, and how to stop it if it tries to do so?
You might try conducting a “Google” search for the symptoms to find websites that describe how to cure the infection. For instance, look up the keyword “security tool” on Google if you encounter a box that keeps appearing and won’t go away. You don’t need to visit expensive tech websites like experts-exchange.com; instead, bleepingcomputer.com is a fantastic resource for guidance. Several users have expertise in removing malware and are more than willing to provide their services gratis.
If you want to try removal on your own, keep in mind that sometimes you’re going to have to get your hands dirty and potentially learn much more about it. And the world is a scary place.
Yet there is always a different option. You can look in your local phone book, the yellow internet pages, a search engine, or engage a professional to assist you. Pick someone whose pricing is reasonable but not cheap; inexpensive things often come at a cost you might not be willing to bear. Look for a company that has been in operation for some time; when you phone, ask them how long they have been in business and their success rate. Sometimes a computer must be thoroughly cleaned out because it is so severely infected. You will want your data stored, too. The actual expert will charge a fixed fee to complete everything. Questioning is part of your pay, so don’t hesitate to do it.
I hope you found this report helpful and that it helped keep your computer from becoming infected at least once or twice. Even I have occasionally had the “opportunity” to do my damage control because we aren’t perfect.
I appreciate your reading. Have a wonderful day!
Disclaimer: I have not been paid by or affiliated with any of the businesses mentioned in this report. Every company’s trademark belongs to that company.
I’m David Glick, a computer repair specialist with twelve years of industry expertise who is CompTIA A+ and Network+ certified.
I genuinely care about my customers’ computers and want to do my part to reduce infected computers. I wrote this post for that reason. In addition to helping you stay away from the horrible pests, I hope you enjoy it.
To view my website, go to provide service to Arizona’s Verde Valley and Phoenix regions.
Please visit if you’re looking for a fantastic online retailer where you can save real money on your purchases .com] Many thanks!
Read also: Cyberspace Attacks – The New Usual