Protect yourself from computer viruses on and off line
1st June 2015
... Comments

There won't be many households without at least one computer, which may be used to correspond with friends and family, play games, do homework and browse the internet. And most modern business rely on computers to store vital information and connect with customers.

Therefore, it can seriously impact you if something goes wrong.

Alex Meyrick-Brook from Browns Integrated Technologies (Browns IT) in Watford shares some expert knowledge and practical advice about computer viruses and malware and ways to protect your computer from getting infected.

What is a 'virus'?

A virus can be a program or software installed on your computer, like a web browser extension such as Ad blocker or an email attachment. Viruses are typically made to infect the mass, so it will attempt to infect any and all machines, or they can be targeted by the user creating the virus. Viruses like to be sly and hide in official programs or downloads, some very smart viruses will re-write itself to get past any protection you use, or integrate itself into a program.

Viruses can compromise your computer, the computers security and your data. I personally find viruses to be a nuisance since they can slow down your machine and corrupt data.

A virus can only access and modify data on your computer; if you are logged on as an Administrator then the virus will have access to more data and locations on your computer whereas, if you created a guest account you can set up restrictions and disable features like downloading programs.

Types of infections

There are so many different types of viruses out there that you can class them by properties and characteristics. Malware (Malicious Software) is the simple term which defines multiple types of infection. Any program that is designed to disrupt or damage your computer can be classes as Malware.

The most common types of virus are as follows:

Virus: A program or piece of code that can manipulate data

Worms: These have the ability replicate itself over and over. Typically used for Distributed Denial of Service.

Trojans: They can hide as a ‘legitimate program’ then infects your machine.

Hijack: They will attempt to take over applications like your web browser or files.

Above are only some of many many types of viruses out there. You can even define a virus in more detail under those main names, for example under Virus, you can put Data deletion viruses or under Hijack you can put Browser Hijack.

More in-depth information about the types of viruses that can infect your computer

  • Macro Viruses: A macro is a recorded action like a mouse movement or opening a file and typing specific text. A Macro Virus will attach itself to a document and when you send the document to another person it will infect their computer.
  • Memory Resident Viruses: These are programs that hide with in your RAM (Random Access memory), your computer’s memory, and infect other programs already opened
  • Overwrite Data Virus: Overwrite Data Viruses attempt to gain access to more system sensitive data or personal data and encrypt or modify the data, which means it can delete the data, change the text
  • Direct Action Virus: These virus only activate when certain conditions are met or are executable (an .exe file) An Example of an .exe file is your Browser, MS Word, Paint and other generic icons you may have on your desktop.
  • Web scripting Virus: These types of viruses will look through typically very complex website code and find faults and inject (infect the code) itself into the code and manipulate it. This can be uses to steal log in details or display websites differently. JavaScript is commonly known for having such faults to be exploited (not to be confused with Java).
  • Polymorphic Viruses: Polymorphic Viruses are difficult to find and get rid off. This is because they not only like to encrypt themselves over and over, but also rewrite themselves, making it harder for Anti-Viruses to detect and block them from working. Examples of Polymorphic Viruses include Marburg, Tuareg, Satan bug and Elkern Worms

A computer worm copies itself, replicating the code, and installs remote connection software or exploits already installed network connection software like a security hole in your Operating System. A worm's main purpose is to spread itself across different networks, different homes and businesses. Worms are sly and like to poke their noses around in data that you may be downloading or websites you are viewing and then attach themselves to the download and infect you or the recipient.

They can do this by reading your computers ingoing and outgoing connections. Worms and use your UDP or TCP connections; TCP Connections require the data to be counted as it is sent so if anything is not received they can ask for that segment of data where as UDP does not care if the data is received or not so worms are able to attach themselves a lot easier.

With a TCP, because they check every segment of data (a Packet), the worm needs to read all the data in the packet including the IP Addresses and Packet count and then change the Packet count and add its own total packet amount on to it so the receiving machine does not reject the extra packets attached.

Examples of Worm Viruses include: lovgate.F, sobig.D, trile. C, PSWBugbear.B and Mapson

Trojans

Trojans are malicious programs that like to delete, modify, block and copy data. By doing so they disrupt your computers performance and if moving or modifying data over the network they can slow down or completely stop your connection.

Below are some examples of different type of Trojans and what they do:

A backdoor Trojan gives malicious users remote control over the infected computer. Allowing them to send, receive, launch and delete files, displaying data and rebooting the computer.

Exploits are programs that contain data or code that takes advantage of a vulnerability within application software that’s running on your computer.

Rootkits are designed to conceal certain objects or activities in your system. Often their main purpose is to prevent malicious programs being detected

Trojan-Banker programs are designed to steal your account data for online banking systems, e-payment systems and credit or debit cards.

DoS (Denial of Service) attacks against a targeted web address. By sending multiple requests from your computer and several other infected computers. The attack can overwhelm the target address… leading to a denial of service.

Trojan-Downloaders can download and install new versions of malicious programs onto your computer including Trojans and adware.

Trojan-FakeAV programs simulate the activity of antivirus software. They are designed to extort money from you – in return for the detection and removal of threats… even though the threats that they report are actually non-existent.

Trojan-IM programs steal your logins and passwords for instant messaging programs such as ICQ, MSN Messenger, AOL Instant Messenger, Yahoo Pager, Skype and many more.

Trojan-Ransom can modify data on your computer so that your computer doesn’t run correctly or you can no longer use specific data. The criminal will only restore your computer’s performance or unblock your data, after you have paid them the ransom money that they demand.

Adware/Crapware

Adware and crapware are not harmful or malicious software like a worm or virus, just a nuisance. Adware and crapware normally get installed by accident and are hidden when you install a legitimate software. During the Installation process there may be a button ticked saying to install the Adware/Crapware or they may ask you to accept that you want it installed but are completely voluntary.

Adware will download and display images and pop ups and integrate them into your system. On your desktop you may see a pop up or in documents you will see a banner. Whereas Crapware will install software that you never wanted like a free trial of something.

Common ways of getting infected

People don’t like to read the Terms and Agreements when installing software and end up clicking through fast and installing software they don’t want (Adware and Crapware) or while browsing a website you will get a pop up saying ‘you are infected; click here to download’ or even ‘you need this web player to play this video; click here to download it’ where in fact the website doesn’t even have a video player but a static image of a web player.

People sometimes open Email attachments from unknown sources, download them to their computer and get infected. Also not staying up to date with software and application can allow for vulnerability in your system allowing for Malware to exploit you and gain access to your computer.

Pirating software, music, movies and games and simple and easy ways to infect multiple users quickly.

And of course, not having any Anti-Virus or Anti-Malware installed to protect your system and reject known infections automatically for you. 

How to protect yourself

There are many ways of protecting yourself from infections; the most common way is through an Anti-Virus. Anti-Viruses are great but they don’t protect you from everything and they can only stop the Infection once you have been infected.

Most people will forget or never use an Anti-Malware software, since they think an Anti-Virus scanner will find everything, when in fact it will only find known viruses (It can find Malware but it is not designed to do so).

Anti-Virus/Anti-Malware

Anti-Virus does what it name suggests, it doesn’t like virus and protects you from them, only once you are infected. Anti-Viruses work by scanning your hard drive for files, file name and the data in the files for anything that looks malicious to its database of viruses (it's a good idea to keep your Anti-Viruses data base up to date). If it finds something malicious or something it thinks it is, it will quarantine it for your approval to remove or keep.

Anti-Malware does the exact same thing but it is designed to find Malware. Although it can find traditional infections like a virus or a worm, it tries to focus on Trojans, including Ransomware Trojans and Spyware.

Some protection software uses Heuristic analytics when scanning your data; this way of scanning allows them to find and discover new types of infections by identifying different their characteristics and suspicious activities.

Anti-Virus and Anti-Malware software also use real time scanning to scan for any infections during data transfers and to look for anything suspicious going on.

Firewalls

Firewalls work by blocking the connection from a server or location from ever reaching you, Firewalls can be set up on your computer, your router or at the ISP. This can be used to block known bad and malicious servers and websites. It can also block certain type of data (by blocking the Port number), which can block intruders trying to find a week point into your system. By using a Firewall you can block some infections before they ever reach you.

Good practice online

Knowing what you are doing online and being smart will help you stay safe. Clicking anywhere and everywhere on the screen and not reading what is on your screen, even when you are downloading a safe programs can get you infected.

Pop-ups like ‘You need to install this to use this on this website’ or ‘Click here to win £1,000,000’ are not smart moves and will most likely get you infected.

Some tips:

  • Use Trusted Websites
  • Use Extensions that rate the websites safety
  • Look what is on screen
  • Think twice before clicking that download button
  • Is the website full of Ads? Most properly be safer to find a better website
  • Stay updated for security reasons

Want to know more? You can learn more about Browns Integrated Technologies (Browns IT) by clicking here.

More
Popular Categories