Gryphon Computers, North Somerset and Bristol

 

What are Viruses and Trojans?


This page includes information about computer viruses and trojan horses and how to get rid of them.

Computer virus overview...

Viruses are particularly nasty pieces of work, and can do no end of damage. Anybody who remembers the media attention given to the 'Melissa' and 'I Love You' viruses in 2000, and the more recent 'Blaster' and 'Welchia' worms in 2003 would testify to how much havoc they can cause.

A virus is a program that installs itself on your computer without your knowledge, and runs covertly in the background, often damaging files (and sometimes even the hardware) on your computer. Viruses use your computer and Internet connection to spread to other computers connected to the Internet. This is how a virus comes to infect a large number of computers, and usually gains worldwide media attention.

Typically, they arrive as files attached to e-mails and send copies of themselves to everyone in your address book in order to spread their infection and damage other computers. A variation on the simple virus is the worm, which can often infect your computer without you doing or noticing anything.

Trojan horse overview...

A Trojan horse is similar to a virus in that it can harm your computer, however it is potentially more dangerous. This is because it sits on your machine and waits quietly to be triggered by a malicious user on the Internet who has installed it on your computer before it wreaks havoc.

The 'trigger' is usually a particular date in the future, but it can be something as simple as waiting for you to install a certain piece of software on your computer. Some can even be activated remotely by their authors (the malicious users), as and when they want to gain access to and control of your computer.

Trojan horse programs can be used to take complete control of your PC by an unauthorised third party. They are often used to steal information such as Internet banking details for malicious (and commonly, fraudulent) purposes.

In some extreme cases, identity theft can take place as a result of sensitive and confidential information being stolen from a computer by a user using a Trojan horse installed on that machine. This is when someone uses personal information about another person in order to pretend to be that person. As one can imagine, the consequences of this can be very serious indeed.

Protecting your PC from viruses and trojan horses...

While computer security is not an exact science, there are some basic steps you can take to try to protect yourself and other Internet users from threats while online:-

  1. Ensure you keep your Windows operating system protected by downloading and installing any critical software updates and patches that are released by Microsoft.
     

  2. Microsoft Windows operating systems are constantly being updated in order to fix any security vulnerabilities that are discovered. This is usually in the form of 'service packs', which not only contain security patches, but also normally come with enhancements of some kind for your operating system.
     

  3. If you do not regularly check for software updates, you run the risk of being 'hacked' by a malicious user, or of being infected by a virus or Trojan horse. This is because, without updating your operating system periodically, such threats can exploit any security 'holes' that may exist.
     

  4. To check for updates to your Microsoft Windows operating system, you should open a new web browser window and type windowsupdate.microsoft.com into the address bar. Alternatively, simply click on the link directly above.
     

  5. On the Windows Update website, you can check for any new updates for your operating system, and you should download these updates in order to provide further protection for your computer while online.
     

  6. Install a firewall.  In order to stop unauthorised access to your computer by other Internet users while online, you should install a piece of software known as a 'firewall' on your machine. Links to various firewalls can be found below.  If you have Windows Service Pack 2 installed make sure that the Fire Wall is turned on.
     

  7. Install anti-virus software and keep the virus definitions up-to-date

    A good anti-virus solution is an essential part of using a PC. If you do not have any anti-virus software on your computer, blueyonder recommend that you install one immediately. Again, advice on anti-virus software and how to get it can be found on the Symantec website.

    Of course, in order to be effective, your anti-virus software constantly needs to know about the latest viruses being released onto the Internet, so that it can offer your machine the best protection possible. Most anti-virus software can be kept up-to-date by downloading and installing updated virus definitions, usually available from the software manufacturer's website. If you do not do this, your anti-virus software may as well be non-existent, since your PC will not be protected from the latest threats.
     

  8. Be wary of e-mail attachments.....

    Since the vast majority of viruses these days are spread via e-mail attachments, you should never open an e-mail attachment that you are not expecting.

Things to remember....

  • Any attachment whose filename ends with .exe, .bat, .scr, .pif or .vbs is most likely a virus. Do not open or run these files.
     

  • If you receive an unexpected e-mail attachment sent by someone you know, before opening it, you should contact them to check that they meant to send you the attachment.
     

  • If you receive an unexpected e-mail attachment from someone you do not know, you would be well advised to delete that e-mail without opening it.
     

  • Never open an e-mail attachment without using your anti-virus software to scan it for viruses first.

 

What to do if your computer is infected by a virus?

First and foremost, you should run your virus checking program on your machine to detect and remove the virus. As new viruses emerge all the time, make sure you have updated your anti-virus software with the latest virus definitions from the manufacturer's website before you run it each time.

If you do not have any anti-virus software installed on your computer, then blueyonder strongly advises that you download and install such software immediately, so that your PC can be protected from viruses and Trojan horses as soon as possible. There are different anti-virus products available for purchase on the Symantec website.

Additionally, look on a website such as Symantec's Anti Virus Research Center and search on the name of your virus if you know it (if not, search on the symptoms of the virus) and you will get all the information you need on how to remove it and secure your machine again.

What to do if you get virus warnings from others...
Don't believe it. It's almost certainly a hoax. And, whatever you do, don't pass the warning on without checking first!

By passing a warning on, you may feel you're being a good Samaritan. But if it's a hoax, you are actually adding to it and helping to spread the hoax to other users. This in turn causes unnecessary panic amongst people, which is exactly what the originator of the hoax wants to happen.

You should independently verify for yourself that it isn't a hoax by visiting Symantec's Anti Virus Research Center and searching their hoax database.

If it is there, then simply ignore the hoax and do not action it. However, if it isn't there, then, and only then, pass the warning on. Remember, Chinese whispers can cause damage!

Additional Advice....

You should always follow these simple rules irrespective of whether you have Anti-Virus software installed.

  • Back-up your important files regularly

  • Never open attachments unless you are expecting them.  Remember some viruses will appear to come from people who you know and trust.  Get your correspondents to email a confirmation email first.

  • Look at the wording of emails carefully.  Many (if not most) virus infected emails come from people whose first language is not English - look out for poor grammar,  wrongly used or mis-spelt words etc.

  • When deciding on an email address avoid using your name, e.g. avoid john.smith@btopenworld.com.  Spammers and virus emailers often randomly put first and second names together with common ISP addresses.  Use a nickname or aliase, e.g. nailseabob@btopenworld.com.  This will reduce the incidence of spam if nothing else.

  • Only give out your email address to people you trust - make sure they also run Anti-Virus software.

  • If you run a network, never share a whole drive, only the folder that contains the data you want to share.  Preferably password protect the folder.  Some viruses are 'network aware' and will spread across a network.

If you think your PC has been infected then do the following:-

  1. Delete all recent emails and empty the Deleted email box.  If you know how to do it, delete all the files in your Temporary folder.

  2. Open your Anti-virus software and Run Live Update (Norton) or Update (Panda).

  3. Scan for viruses.

Many viruses disable the Anti-virus software and stop it from running.  If this happens go onto the Internet and log onto one of the following sites.

BitDefender Antivirus

Scans and Removes

Trend Micro

Housecall - Scans and removes