Computer virus types; Symptoms & effects of infection; Review on free antivirus, firewall & antispyware
My lil laptop caught cold!
Etiology (study of disease causation) of common cold says there are over a hundred different kinds of viruses that cause common cold. In addition, that is one reason why one cannot ideally gain immunity to common cold.
My laptop is no super man, so she got one too, a bitter cold.
This post attempts to discuss:
- A few basics of computer viruses.
- The other kinds (Worms, Trojan horses, Spy-ware, Ad-ware).
- The Effects & Symptoms.
- How get rid?
- How gain immunity?
- The ‘anti’ ware – a review.
A few basics of computer viruses:
By definition: A virus is a computer program that is designed to cause undesirable effects on computer systems. There can be several such definitions though but the following is a list of features that make a program a virus:
- Generally a piece of code that implants itself on executable files (*.exe)
- Self replicating and self propagating – can make copies of itself and systematically spread file to file, computer to computer.
- Implements intentional damage (read as unexpected behavior of the computer) intended by the perpetrator.
- Generally require user action to show effect.
- File Infectors – Viruses that attach themselves to files, usually to .exe, .com and .bat files. Further, there are three groups of viruses of this kind.
- Group one – Overwriting viruses: They overwrite their code into infected file erasing contents. These are primitive and they can be found very quickly.
- Group two – Parasitic or cavity viruses: They copy themselves into begin/end/middle of infected files and usually do not change the original function of the original file.
- Group three – Companion viruses: They do not change the content of files but either replace and rename the original file or make a double of the original file.
- Boot viruses – Every logical drive has a boot sector, a master boot record and a partition table (one per physical drive). Boot sector contains information about the data on the disk, formatting information and a small boot program that is run when you boot your system. A virus affecting this boot program loads itself into memory at boot time and spreads to other drives. Master boot record usually uses a master boot program that locates the starting location or bootable partition from the partition table. Infection to this program might lead to even disk crashes.
- Macro Viruses – we know macros from MS Excel as a small set of instructions that result in a certain way for a certain input. Now this category of viruses are usually written as a macro on an MS office file (a word or excel doc). They propagate with the word docs and infect the office software and files.
That was a brief of my knowledge about viruses.
We have often come across many other terms that point to malicious activity on computers and networks.
The other kinds (not viruses?):
- Worm: These generally self-replicating scripts propagate over a computer network. Unlike viruses, they do not attach themselves to files. These generally target at consuming network bandwidth and designed to spread rapidly. They are capable of sending huge amounts of spam e-mail!
- Trojan horse: The Greek term Trojan means someone who comes in disguise. You would know better if you saw Troy. In computers terms, a Trojan horse id defined as a malware that generally aims at making a system vulnerable to allow unauthorized access via the network. These generally come packed neatly in the form of photographs, screensavers etc. Apart from allowing remote unauthorized access, these also upload/download files more Trojans without the user’s knowledge.
- Ad-ware: These are privacy invading software that aim at delivering unsolicited advertisements. They generally come bundled with software (free software/shareware especially!).
The Effects & Symptoms:
The most dangerous of the lot are, I would say, Boot viruses, Trojan horses and Spy-ware.
Boot viruses aim at altering the file organization on computers and they aim at corrupting data and eventually make the computer unusable unless the user goes through re installation. This would cost a lot of time and money! Symptoms: 1. Your system doesn’t boot or cries out ‘”no boot devise”; Drives or directories are go invisible.
File infecting viruses and worms target degrading system performance. Symptoms: Your computer seems sluggish. Inexplicable and unjustified CPU & Memory usage is a general symptom of infection.
Trojan Horses compromise the user’s integrity and security over networks allowing access to third parties. They might at least install spy-ware and ad-ware!. Symptoms: You suspect unsolicited access to data on your computer. You see lots of ads pop up as you browse the internet.
Spy-ware record and transmit sensitive user data. Symptoms: You just saw your credit cared statement with purchases that you haven’t made, someone probably got hold of your credit card number and even worse, the cvv number and expiry date as well. Your keyboard behaves erratic.
We’ve seen how bad the world can be. Call the police!
How get rid?
In these times, all of us have heard of anti-virus , anti-spyware, firewalls, registery mechanics etc. This one is good, that one has so many features, that costs this much and much more of that.
Yes, we heard some of those right. There are several tools out there to help protect or machines from malice. I recommend that an internet using fellow should have at least one up-to-date anti-virus program, a firewall and a ad-ware/spy-ware removal tool.
That is good if we were just starting to have trouble. But if we’re neck deep into it? I personally would format my machine’s hard drive clean and start afresh. But that isn’t an intelligent solution and at times, for many of us, not at all a feasible option. We’d better obtained the good (see the ‘anti’ ware section) tools first.
Lets get the anti-virus in place. Generally, most anti-virus software have a virus definitions database. This database would contain information about the viruses that have already been detected elsewhere. The definitions also generally come with the appropriate remedy.But installing the ati-virus might not be just enough. While the software might be built with the most general virus definitions but it might not be up-to-date. There are lots of them who are churning out new viruses each day. These virus databases are generally maintained on anti-virus s/w vendor websites. They can either be downloaded in the form of .exe files or the anti-virus software might have an update definitions option, given that you have an internet connection.
It is recommended that you scan the whole system. All of the harddrive and even the external storage like USB harddrives and pendrives.
The antivirus software might detect several infections (viruses, worms, trojans etc.) The s/w generally does one of the following things: Quarantine the infected files/Clean or repair infected files/delete infected files.
Some antivirus s/w wont detect spy-ware and ad-ware. We might need special s/w for that(see the ‘anti’ ware section).
Now that we have cleaned the mess up. We need to stay alert to stay healthy.
How gain immunity?
Update and Scan regularly – Most anti-virus s/w have automatic update feature, where by, they update the virus definitions and solutions automatically from the s/w vendors website. If the s/w doesn’t update automatically do the update manually. Updating isn’t just the only thing. We better did a periodic scan of the system to be sure. Most anti-virus s/w have an inbuilt scheduler that can be configured for a periodic scan.
Although it is not practical that we become completely immune. As human race always saw, the more advancement in health care we did, the more new diseases we got! There always the bad guys (some of them,great coders) who keep making new viruses. 🙂
The ‘anti’ ware – a review:
There are several of them out there, each flaunting more features, promise of more efficient protection.
I have started with Norton anti-virus once long ago. Norton comes at a price. It guzzles a load of system resources. After all we need to our computers to do some work for us and not just stay protected running an anti-virus right?
I then tried a few like McAffee, TrendMicro, BitDefender, AVG etc. The latest reviews on these can be seen here.
A few features one might have to look for:
- Download size for installation file – Some anti-virus software claim that that they have all the features in the world. Sorry, we need only a few good ones. Choose the one that suits your need, the file size would vary accordingly
- Ease of use (installation and Interface)
- On-access Scanning – Files are scanned as they are accessed. This helps protect particularly when we’re downloading files. The anti-virus scans the downloaded file just as it arrives.
- On-demand Scanning – Almost all anti-virus programs have this. Files/folders/drives can be chosen for scan as the user wishes to.
- Scheduled Scanning – User can schedule when to scan and which area to scan.
- Script Blocking – Java and VBS scripts might pose with virus-like behavior. This feature helps block such scripts.
- Quarantine – Infected Files have to be separated before they infect other files. Anti-virus s/w generally put such files in a virus-vault or quarantine so that users wont access them until cleaned.
- Auto-Clean – Automatically attempts to clean and recover infected files.
- Automatic Incremental Update – Virus definition updates are automated. And the s/w updated only the latest definitions or those that are not present already.
- Manual offline update – In case there is no internet connection, we might require to download the virus definitions from an internet cafe and transfer to our home PCs. This feature isn’t generally found.
- E-mail protection – for email clients like outlook. Most of us wont use this.
Many of today’s anti-virus programs have these features but most of them come at a price. I looked for freebies!
AVG topped the charts previously. Now here is the order:
My favorite today is Avira AntiVir. Light on resources, easy to use, fast update.
Then, thats not it, we need a personal firewall too.
Again there are a lot of them. Windows firewall is quite quirky I heard. I’ve tried Zone alarm probably one of the best to date. Its a freeware.
Feature of interest:
- In-boundprotection – Alerts and warns about connection attempts from outside.
- Out-bound protection – Programs and web pages that are beign used currently on your machine attempt to connect to the internet for various reasons. This feature provides alerts and helps you configure access.
- Program access control – to specify which all programs need to go online and which all want to but still need not as per the user’s choice.
- Stealth Mode – When online, your computer constantly receives and responds to information requests from other computers. In stealth mode your computer will not respond to the flow of queries unless you opt to override.
And then the Spy ware?
Generally the anti-virus s/w and the firewall should be enough as they have anti-spy ware already. But then a separate and efficient program wouldn’t do any harm.
Ad-Aware is my favourite. Download its free version. It also updates the definitions and has features that one would expect of an anti-virus program. It scans for spy-ware and removes them.
For more info, go through resources here.
Well, thats a lot of work! Keep safe keep your systems happy. Hope the post helps. Please leave comments.