Virus Lessons 101 – Revisted

With the recent onslaught of Trojans, viruses, and Windows exploits, I thought it would be a great idea to share my “lecture” on the subject. Please read this information carefully as it will help you avoid all these nasties 99.9% of the time. If you have any questions, please don’t hesitate to ask me. I’m going to post this information on my website and add to it occasionally as I think of things.

Pass this around to your friends. I’ve done several virus cleanings lately so the problem is very real and very much out there.

============Free Anti-Virus Software============

You do not need to pay for expensive anti-virus software. Most of that is marketing garbage anyway. 

Plus they tend to hog resources if you are on a slower computer. I cannot count the number of computers running up-to-date Norton or McAfee or TrendMicro that are infected. I make a decent part of my living by fixing them. Don’t fall for the hype just because a trial-version is installed on your computer or the local BestBuy goon says Norton is the best.

Besides, antivirus software is one of your last lines of defense. Most viruses and malware are designed these days to work around your anti-virus software anyway. Use antivirus as a tool in your arsenal – don’t rely on it.

I recommend a free solution for home/personal use by www.grisoft.com. AVG Anti-Virus performs as well or better than Norton and McAfee and is free. How can they give it away free? Well, Grisoft is in business to make money…on the corporate side. They use the free home version to promote their business. Quit paying for something that you can get free!

[ Google AVG Download ]

============Lesson 1============

Most email viruses and Trojans are spread through BLANTANT USER IGNORANCE!

Let’s face it. Over the last few years, everyone has heard some news report about the proliferation of viruses for the Windows operating system or Outlook or Outlook Express. However, the viruses continue to spread faster and faster.

90+% of viruses are spread though email attachments NOT by reading an email. If you don’t click (or run) the attachment, then you don’t get infected. It’s pretty much that simple.

Many exploit patches are released by MS (Microsoft), but users fail to update or don’t know how. MS has made it easier than in the past and has promised a new Security Initiative to help stem the tide.

Windows Update Site:  http://v4.windowsupdate.microsoft.com/en/default.asp   (follow the instructions for CRITICAL updates-don’t worry about the others)

==========Lesson 2==========

Keep your AV (anti-virus) software up to date. For that matter, make sure you are running AV software and it is configured properly.

It’s not enough to just install an AV program such as Norton or McAfee. You MUST keep the “virus signature” files updated daily or weekly. Several thousand viruses make their way to the Internet each week. The AV companies currently do not develop detections or removal methods until the virus is already in the “wild”.

Most of the popular AV software has a mechanism to automatically update itself. Use it. Pay the extra money for a subscription or whatever you have to do.

Recommended AV Setup

(1)     Have it scan all email attachments
(2)     Have it set for automatic background scanning
(3)     Have it set to run periodic full computer scans

==========Lesson 3==========

Always pay attention to your emails and use common sense! AV software is not perfect.

Look at the text in the email. If it is short and curt or has very dramatic misspellings then it is probably a virus. This is especially true if there is an attachment to the email. Always scan an attachment again before opening it by saving the attachment to your hard drive (like MyDocuments). Go into your MyDocs folder and right-click to scan the file with your AV software. If your AV software does not install an option when you right click a file, then you are using the wrong AV software.

==========Lesson 4==========

Don’t trust an email just because it appears to come from a friend.

Most viruses today spoof the return address and headers. You have no way of knowing really who it’s from. Also, MS will never send you an email unless they intend to sue you for something. Then you will also get a certified letter in the mail too from their attorneys. The point is that don’t trust emails just because they appear to be from someone. Think about real junk mail in your USPS mailbox.

==========Lesson 5==========

Learn the generally safe attachment file extensions versus the dangerous ones.

If you don’t know about file extensions, then you really should have me train you on Windows and PC basics. With that said, here are the BAD extensions:
*    .exe
*    .pif
*    .scr
*    .bat
*    .vbf
*    .zip (only bad sometimes and mainly recently)

NEVER open one of those or you are toasted. Any of those files can wreak havoc on your computer. If you really are expecting to receive a .exe file from someone (since they can have legitimate uses in email), then telephone and confirm that the person really sent the email to you.

Here are the GOOD file extensions:
*    .gif  (used for pictures like logos and things)
*    .jpg (used for photos)
*    .jpeg (same as .jpg)
*    .png (used for images rarely)
*    .zip  (if from a confirmed source)

==========Lesson 6==========

If your computer acts “funny” or begins crashing much more than normal, have it inspected by a qualified professional.

It’s a fact of life that Windows will crash and lock-up. However, if your computer has been running fine and only recently begins to “act up” without any new software installations or anything, then chances are that you have a virus or Trojan. It is always best to have a qualified person take a look at the computer. The problem can be determined and a course of action taken.

============Frequently Asked Questions============

Q. Why do I need to be that concerned about it?
A. The truth is that you can go on about your life with an infected computer or never worry about security. This is about the same as always leaving your home or car unlocked to the entire world, literally. You should always be concerned about security. At the very least, most Trojans these days are designed to help proliferate SPAM. Do you really want to be responsible for helping to spread more herbal-type Viagra?

Q. What if I just turn my computer off?
A. Turning your computer off only stops the problem until it turns on again. Once your computer is running (with an infection) you are vulnerable.

Q. Everyone says that the Internet is not safe. Doesn’t this prove it?
A. The truth is that the Internet and computers are no less safe than most other public things. After all, you can get robbed at gunpoint just about anywhere. Remember that the Internet literally connects you to others on a global scale. Just as in real society, there are people out there with ill intentions.

Q. Aren’t these just kids (aka script kiddies) unleashing these viruses?
A. Some are doing that; however, there are basically 2 reasons these days: economics and political statements. The economic side is due to the spammers entering the scene and partnering with virus writers. By political statements, I mean that many people have a deep hatred of MS. Without getting too deep in the subject, these people feel that the only way to get the attention focused on MS’s poor security habits and coding is to wreak havoc through viruses on a global scale.

Q. What about these other “Internet Security” products?
A. If you follow my lessons here and those of mine for Spyware/Adware, then you don’t need anything else.