CSI: UW Episode 1
Who Killed My Computer?
You may notice one day that your computer is sluggish,
not responding to commands. Your browser homepage has changed, your
search page has changed, or you are no longer able to connect to the
Internet. What’s going on?
What your machine might have
Your machine may have a virus. A virus is a computer program file that
can attach to disks or computer files and replicate itself without your
knowledge or permission. A virus might run when the file it infected
runs, or it might sit in your computer’s memory and infect files as your
computer works with them. Viruses can be intentionally destructive, or
they may just be annoying. One example of a virus is the Melissa virus,
released in 1999. This virus spread around the globe in under 24 hours,
clogged e-mail systems, and inserted quotes from the Simpsons TV show
into documents.
Your machine may have a worm. A worm is a sub-class of a virus, and it
is more common today than a virus. It can replicate without your help,
like an e-mail address book attack. Worms do not infect other computer
files on your machine. Worms are usually spread through e-mail. One
example of a worm is the Anna worm, released in 2001. An e-mail with an
attachment of a picture of tennis player, Anna Kournikova, was sent out,
but the attachment was really a worm. When the attachment was opened,
the worm sent one copy of the worm to each e-mail address in Outlook’s
address book. This worm was relatively benign.
Your machine may have a Trojan horse. This is a program that seems to be
good, but is really harmful, and does something you do not expect. It
can erase your computer data, corrupt your files, spread other viruses
and worms, spy on your keystrokes, or install a backdoor on your system.
Trojan horses are usually spread through e-mail, and contained in an
attachment. One example of a Trojan horse is the Amanda Trojan, which is
contained in an executable attachment. Once the attachment is run, the
Trojan tries to connect to a specific Internet address and gives a
hacker remote control access over the infected machine. The main goal of
this Trojan is to steal personal confidential information.
Your machine may be full of spyware. A spyware program collects
information about you without your consent, such as your bank account
numbers, passwords, etc. Almost all of these programs are bad. A
particularly bad type of spyware is the toolbar program Hotbar. This
program allows you to apply skins to program windows, menus, mail, and
other applications. After you install it, it records all the Internet
activities of all users on the installed computer and adds the
information to its database. The program periodically sends the
information in the database “home.” Even if you remove Hotbar, it leaves
pieces that allow it to reinstall itself if they are not removed
manually.
How to avoid getting infected
There are several things you can to do stop or slow the infection and
spread of viruses, worms, Trojan horses, and spyware.
- Do not downlad or open anything if you don’t know what it is.
- If you receive an unexpected attachment from someone you know, check with them to see if they really sent you something.
- Never click on a link in an e-mail. Open a browser and type the site’s
link instead. Make this a habit even when receiving information from
people or organizations you know and trust.
- Use at least a moderate security level, if not higher, for your browser settings.
- Only install programs that you trust. This should not include free
music and file sharing programs. The programs themselves may contain spyware, and the files you may download with them could be rife with
viruses.
- Keep your operating system and programs up to date with patches. Check
to see if your operating system can automatically scan for new updates
and install them for you on a regular basis. If you’re using Windows,
use Microsoft’s Windows Update
site (http://update.microsoft.com). Microsoft Office Updates are available from
Microsoft’s OfficeOnline download page (http://office.microsoft.com) (choose
“Check for Updates”).
- Install some antivirus software, and keep it up to date. Antivirus
software will protect you against known viruses. It should be updated at
least once a day, if possible. There are several free options (such as Microsoft's Security Essentials and AVG) available to students for their personal computers.
- Install spyware (malware) removal tools and keep them updated.
- Use a personal firewall. A firewall creates a barrier between your
computer and the outside world, allowing good data to reach your
machine, and keeping bad data away. It will also ensure that
unauthorized users cannot gain access to your machine while you are on
the Internet. A firewall will not prevent viruses and Trojans, but it
will prevent those on your machine from accessing the Internet.
- Disconnect from the Internet when you are not using it. This will lessen the chances of someone accessing your computer.
- Create an account on your computer that does not have administrator privileges and work from that account
What to do if you are infected
- Run your antivirus software. Make sure virus definitions are up to
date. If you are having trouble removing a particular virus, look it up
on the web and get instructions for getting it off your machine.
- Patch your operating system and other programs, if necessary, with the
latest security updates to help prevent more infections.
- Run two or more spyware removal programs to clean up the spyware on
your machine. Good choices include Microsoft Anti-spyware Beta and Spybot
Search & Destroy.
- If nothing seems to fix your machine, take it in to a computer shop
and let them try and repair the damage.
Episode 2: Lock & Key
Episodes:
Other Information: