Most Common Viruses and Spyware

The most common viruses and spyware.

If you use a computer, read the newspaper, or watch the news, you will know about computer viruses or other malware. These are those malicious programs that once they infect your machine will start causing havoc on your computer. What many people do not know is that there are many different types of infections that are categorized in the general category of Malware.

Malware- Malware is programming or files that are developed for the purpose of doing harm. Thus, malware includes computer viruses, worms, Trojan horses, spyware, hijackers, and certain type of adware.

This article will focus on those malware that are considered viruses, Trojans, worms, and viruses, though this information can be used to remove the other types of malware as well. We will not go into specific details about any one particular infection, but rather provide a broad overview of how these infections can be removed. For the most part these instructions should allow you to remove a good deal of infections, but there are some that need special steps to be removed and these won't be covered under this tutorial.

Before we continue it is important to understand the generic malware terms that you will be reading about.

Adware - A program that generates pop-ups on your computer or displays advertisements. It is important to note that not all adware programs are necessarily considered malware. There are many legitimate programs that are given for free that display ads in their programs in order to generate revenue. As long as this information is provided up front then they are generally not considered malware.

Backdoor - A program that allows a remote user to execute commands and tasks on your computer without your permission. These types of programs are typically used to launch attacks on other computers, distribute copyrighted software or media, or hack other computers.

Dialer - A program that typically dials a premium rate number that has per minute charges over and above the typical call charge. These calls are with the intent of gaining access to pornographic material.

Hijackers - A program that attempts to hijack certain Internet functions like redirecting your start page to the hijacker's own start page, redirecting search queries to a undesired search engine, or replace search results from popular search engines with their own information.

Spyware- A program that monitors your activity or information on your computer and sends that information to a remote computer without your knowledge.

Trojan- A program that has been designed to appear innocent but has been intentionally designed to cause some malicious activity or to provide a backdoor to your system.

Virus - A program that when run, has the ability to self-replicate by infecting other programs and files on your computer. These programs can have many effects ranging from wiping your hard drive, displaying a joke in a small box, or doing nothing at all except to replicate itself. These types of infections tend to be localized to your computer and not have the ability to spread to another computer on their own. The word virus has incorrectly become a general term that encompasses Trojans, worms, and viruses.

Worm- A program that when run, has the ability to spread to other computers on its own using either mass-mailing techniques to email addresses found on your computer or by using the Internet to infect a remote computer using known security holes.


How these infections start

Just like any program, in order for the program to work, it must be started. Malware programs are no different in this respect and must be started in some fashion in order to do what they were designed to do. For the most part these infections run by creating a configuration entry in the Windows Registry in order to make these programs start when your computer starts.

Unfortunately, though, in the Windows operating system there are many different ways to make a program start which can make it difficult for the average computer user to find manually. Luckily for us, though, there are programs that allow us to cut through this confusion and see the various programs that are automatically starting when windows boots. The program we recommend for this, because it’s free and detailed is Auto runsfrom Sys internals.

When you run this program it will list all the various programs that start when your computer is booted into Windows. For the most part, the majority of these programs is safe and should be left alone unless you know what you are doing or know you do not need them to run at startup.

 

FYI about what we do every day for our customers when it comes to a virus

 

The only way to absolutely, positively clean a machine with a virus is to completely reformat the machine and reinstall the operating system, updates, applications and data from scratch. This takes about two to three hours of labor.

Re-read that sentence. It's important and absolutely true.

Most of the time we don't do that. We assume that the anti-malware and virus software that we run a five step process will clean things up for us. But there's actually no way to know for sure. The process takes about five to 24 hours to run.

Each time we allow an infection to happen, each time we then use anti-malware software to clean off an infection, we're gambling. Most of the time, we're ok. But sometimes we're not. (I do have to mention that finding a virus on your machine and finding a virus installed on your machine are two different things. Anti-virus programs will report both, but it's the latter case that is the problem scenario.)

Let's look at your situation.

As you can guess by now the only guaranteed way to rid yourself of this malware is to reformat your machine and reinstall everything. That's very painful and something I know that most people would want to avoid, including me.

So here are steps that we take first:

  • Backup your system ,yes we're backing up the infected system, but in case subsequent attempts go horribly wrong we'll always then have this backup to revert to as we attempt other approaches to recovery.
  • Run the System File Checker. Many viruses operate by replacing system components - the System File Checker will attempt to restore them. We make sure to have your original Windows installation CD ready, as SFC will typically ask for it if it finds it needs to restore files.
  • We then perform a repair install of Windows. This works very much like a full install, replacing and updating system files and other components, but it attempts to preserve all data and installed programs in the process.
  • Additionally, we run several different programs, each with the intent of cleaning your system.

If those don't work ... well, by now you know what's next.

Once your machine is clean, I'm going to strongly recommend you implement a frequent backup regimen. Daily would be nice, making sure that you save each day's information so that if necessary you can revert to a backup from "x days ago".

Our service charge for all this is $119.90 two hours. That is the maximum charge for labor that we charge as you can see we work 4 to 5 hours on your system.