The Weekly Geek

I'm the Geek so you don't have to be!

The Weekly Geek random header image

Viruses

September 12th, 2003 · No Comments

Welcome back to this exciting edition of The Weekly Geek!

As promised, together we will continue to learn about the threats that are out to get your computer (maybe even you). This week we will cover viruses. Even though each week we will cover the different types of threats to your system, understand that today most are blended threats. A virus may be part of a Trojan horse for example.

Last week I discussed the importance of updating your Microsoft software. The LoveSans worm used a known hole in Microsoft Windows to spread. This week the SoBig.F virus is making the rounds and it is stopped by Anti-virus programs that are up to date.

Definition of a Virus: A virus is a program, script or macro that is designed to destroy, modify or damage computer hardware and/or software.

Viruses are self replicating and commonly spread by email messages, shareware sites and pirated software. To reproduce, a virus will copy itself on disks put into an infected computer. They also go into the email and address books and send themselves to the names listed. Like the influenza some viruses are so complex they change themselves as needed to continue their spreading, this is referred to as a polymorphic virus. Viruses can hide on a hard drive, in memory or even the BIOS. The newest viruses can be attached to an email that is sent to you and you do not need to even open an attachment or the email, just the act of retrieving your email can activate it. This is why an anti-virus program is so important.

Anti-virus programs are designed to protect a computer or group of computers (a network) from viruses. They are usually reactionary thus they do not prevent viruses; they just catch them before (hopefully) they infect you or your network. Anti-virus programs should always running in the background on your computer.

For Anti-virus programs, I can recommend AVG antivirus by Grisoft, version 6 has been out a while and version 7 has recently been released. I use it on systems that are not connected directly to the internet (yes you can get viruses from plenty of other ways) or on systems that are behind a well fortified firewall, otherwise I use NOD32 or Kaspersky by ESET, or Computer Associates.

Update: There are many other antivirus programs available (Panda, PCCillin) some I have used and others I have not. Norton Antivirus and McAfee has been highly rated in the past but the last couple of years they have been providing issues for their users.

Updating your Antivirus is extremely important, again there are many manufacturers and each has many different versions. Usually you buy a version and are allowed to get updates for 90 days to 1 year. The 90 day programs are referred to as OEM programs and are teasers, usually provided free or really inexpensive to the people who built your computer system. Even though you may only be able to get updates for a limited time, you can almost always continue to receive free virus definitions for a longer time (usually until the manufacturer no longer supports that version of the product). The updates cover the program, compatibility issues, patches and fixes not related to viruses, virus definitions are the code files used to identify viruses. For this reason you could probably buy a new anti-virus program, or version of the program, every year there are just to many internet nasites trying to get you. Most manufacturers will offer discounts on new versions to people who have a non OEM version that have expired.

I strongly recommend that you set up your anti-virus program to update automatically and to do so at least once a day (Many check hourly). I also recommend that you have the program run a complete check of your computer once a week. This is just in case a virus slipped in before an update could be run. The last setting that is available is Heuristics scanning. This is the anti-virus programs way of attempting to catch viruses that are not listed in the definitions section of their database. This is done by matching behavior patterns of suspected viruses with those of known viruses. I recommend that you enable Heuristics scanning since by default it is not activated on most anti-virus programs.

Well, thats enough about viruses for now. Until we meet again, have a virus free week!

Tags: Malware · Security · Virus