It’s a new age for computer viruses. It’s no longer the hacker community vying for bragging rights over who can infect the most computers. Now, there are people who make money from infecting computers, as evidenced by the rapid growth of rogue antivirus programs. The motivation is different now. In December of 2009 the FBI reported that the people making these types of viruses have profited to the tune of $150 million to date. Three men were indicted as recently as May 28.
There has also been an evolution in the way they spread. In 2010, viruses spread in completely different ways than they did in 2000. At that time, the primary ways a virus would spread from computer to computer were via floppy disk and email. After a while, floppies became irrelevant and people learned not to open emails from people they didn’t know. If they did open a virus from someone they knew, and got a virus from it, they’d simply call their associate and let them know that they might want to get their computer checked. As this happened, the virus writers thought up a new scheme, which made it harder to track down who actually had the virus. In this scenario, the virus would pick a random name from someone’s address book and send it out saying it was from them. For example: If Sam, Bill, and Justin all have each other’s email address, and Sam gets a virus, his computer will email Justin with the virus saying it’s from Bill. Justin then calls Bill and tells him, but when Bill runs a scan on his computer, it’s clean. Meanwhile, Sam is wondering why his computer doesn’t run very well.
Later, as the online music craze picked up, people would use Kazaa or Limewire or the like, and be downloading from each other. In this case, you are downloading music from another individual’s computer that you don’t know, and don’t know you can trust. They spread this way still. In addition, these programs have been notorious for including “spyware” in their installations. Spyware is a program that, in its pure form, monitors what you do online and sends you pop up advertising appropriate to that. We started seeing realtors getting lots of ads on their computers for mortgage rates, insurance agents getting car insurance advertisements, and more of this type of targeted advertising.
After that, we saw the rise of worms, such as Klez. These are named as such because of the way the “worm their way” through the internet. What these viruses would do is generate a random ip address and go there. In this case, any computer connected to the internet has a chance of being infected, whether or not you’re actually surfing on it.
The way viruses spread now is entirely different. We have had people tell us that they got a virus while just reading the news. This is common. No longer do you need to be looking at “bad things” to get hit. When you go to a web page that has an advertisement on it, that advertisement is often hosted by another company. These are advertising networks. The advertising networks are owned by large, legitimate companies that are not in the business of spreading viruses. (I choose not to name names, since they are not at fault). The virus writers go after the advertising networks, and when they infect them, the network automatically sends it out to thousands of web pages instantaneously. If you happen to visit one of these pages at the moment it happens to be infected, you got hit. You will at this point often have a rogue antivirus program giving you messages, as well as a Rootkit, a type of virus whose job is to hide from antivirus and antispyware programs, and download more viruses.
It’s not quite as bleak as it sounds.
The programs listed on the right of our page are the ones we use to clean up computers. Prevention is important. You need to have an up to date antivirus program running on your computer at all times. The one we use most often is AVG. It’s a free program that finds just as many viruses as the paid for programs, with an added feature. The “Link Scanner” option in it checks the web pages in your web searches and tells you if the website is not safe to go to at the time you’re about to visit it. Also, there are five antispyware programs listed there. These are the ones you need to run as soon as you get infected (though ideally, you’d run at least a couple of them weekly as general maintenance). Start with CCleaner and Malware Bytes. Also, if you do see one of these alerts come up, if you press ctrl-alt-del all at the same time and go to “task manager”, ending your web browser (iexplore.exe, firefox.exe, safari.exe, chrome.exe), often this will prevent full infection and you’ll still be able to run the cleanup tools before you’re too bad off.