What is a Computer Virus?

In modern times, most people are aware to one degree or another of computer viruses. But exactly what are computer viruses? (Continued here).

Sunday, January 28, 2007

Features to Look for When Buying Antivirus Software

Choosing Antivirus Software

Before buying antivirus software, there are several factors to look at; in order to ensure that you get the best possible protection for yourself, your family, your business, and your computer.

To make an informed choice when selecting computer security and antivirus software, it helps to know a bit about computers and what threats there are to computers.

In this page I will try to give you a basic overview of these factors, without going into needless technical detail. As the information on this blog intended for the average person, I try to steer clear of to much technical terminology. But where I must use it, I will attempt to explain it in simple, everyday language.

First of I want to explain some of the common threats to the security of your computer or network.

Viruses


In modern times, most people are aware to one degree or another of computer viruses. But exactly what are computer viruses?

Viruses are essentially computer programs written to cause harm and damage your computer. Viruses have the ability to open normal programs, files or documents, and copy themselves or parts of themselves into them.

When you access an infected program, file or document, you also activate the virus program without knowing that you are doing so. Some viruses lodge themselves into the memory of your computer, and access files every time you or your computer opens a document.

What happens when you open a program or document infected by a virus? That depends on what the virus is designed to do. Some erase files, some erase parts of files, some are designed to damage your computer operating system, and some are designed to simply fill your computer with unwanted garbage - making it impossible to operate your it.

Whatever a virus is designed to do, one thing is clear: you do not want one in your computer or on your network.

Because today's computer programs have become more and more complex, allowing more and more automated functions, there is an increased opportunity to create harmful code ("code" is a term used to describe a set of instructions for the computer to follow, written in computer programming language).

Malware

Harmful software is also referred to as "malicious software." "Malicious" means "intending to cause harm" and comes from the Latin word "malus," which means "bad." The term "malicious software" has also been shortened to the term "malware." One can define "malware" as "software that is bad or causes harm."

In earlier times, the only way to give a computer a virus, was by inserting an infected floppy disk into your computer. Today, with much more advanced technology, almost every computer is interconnected to the rest of the world, one way or the other. On top of all this, advancement in software and computers have also opened the door to new types of malware.

With these advancements in harmful or dangerous software, the term "virus" has come to mean all types of software or programs that are used to harm you or your computer. Next we will look into some of the other types of viruses and malware that are used to attack your computer.

Macro Viruses

One way of covertly introducing viruses into a computer is through the use of a MACRO. A macro consists of several instructions grouped together which then carry out a series of instructions. Macros are normally very useful tools, that make working with computer programs easier.

Common examples macro functions are: automatically inserting the date and time into your document, displaying a picture in your document, adding a sound to your document, or automatically calculating something in a spreadsheet. To perform these functions, the computer has to follow quite a set of complicated instructions. These are called macros.

Sadly, macros can also be used to cause harm to your computer or files. When a macro is used this way it is called a virus. When a macro is inserted to cause harm, it might not even be visible; or might be disguised as something desirable such as an innocent picture.

Far from all viruses in the form of macros. Some viruses come in the form of program files, where the virus file is made to look like part of a computer program. Other Viruses are disguised as part of the operating system (the operating system is the main program that runs your computer, such as Windows XP, Windows 2000, etc.) This, of course, makes it hard for someone who is not a computer technician to detect and fix them. And even computer technicians can be hard put to find and handle them. That is why we use antivirus programs.

Email Viruses

An email virus is a virus that is distributed through the use of emails, most frequently as an attachment to an email.

When the unsuspecting recipient opens the attachment to the email, the virus is released onto his or her computer. Most email viruses consist of a macro virus that enters the address book on your computer and then spreads itself to all of your contacts.

The virus then automatically sends emails from your computer to all of the contacts in your address book, such as your family, your friends, and your associates. Anyone receiving "your" email, who opens the attachment of the infected mail, automatically has them same cycle occur in his computer. Such a virus can thus spread rapidly to many computers, in a matter of hours.

Trojan Horses

"Trojan Horses" are named after the Greek legend of the Trojan Horse. The Greeks, at war with the City of Troy, had been unable to get beyond the walls to enter the city. So they built a large wooden horse, and hid a some of their soldiers inside. They pretended that the horse was a gift to the Trojans. When the people of Troy saw the horse, they opened the gates and moved the horse into their city. At night the Greeks came out of the wooden horse and opened the city gates. The Greek army stormed into the city and Troy was defeated.

Similar to the Greek legend, a Trojan Horse is a computer file or program which seems to be useful, needed, or wanted. But in actual fact it is a harmful file or program. A Trojan horse looks like it is doing something innocent, such as showing a picture inside an e-mail or installing a screen saver. But in fact it is also doing something else - such as erasing files, or secretly sending information stored on your computer (such as passwords and other personal information) to the hacker who wrote it.

One key factor which makes a Trojan (as it is called for short) different from other malware is that the person receiving the file or program has to activate it before it can begin to operate. In order to get the user to activate it, the creator of the Trojan might disguise it as a screen saver and offer it on the web as a free screen saver. When one downloads the screen saver and activates it on one's computer, one sees a nice screen saver. But meanwhile, in the background, invisible to you, another program starts running and starts sending your personal data to some other site.

There are many ways to disguise such a harmful program. Common examples are: free games, screensavers, free tools for your computer, free videos or music files, free pictures of barely dressed females (which some males find really hard to resist:) and so on.

So a Trojan is called a Trojan, because, for it to work, it has to trick the person receiving it into activating the program and running it on their computer. Children and teenagers are particularly vulnerable to this sort of malware, as they are easy to entice with "free" games or cool videos. They are also least likely to be informed about the ramifications of Trojans.

Spyware

Spyware another form of malware, which does exactly what its name implies. It spies on you through the use of your computer. Twenty years ago only a subject of science fiction, it is today a hard reality.

Spyware consists of a computer program that collect personal information or other data stored on your computer, and then sends it to the originator of the spyware.

There are several methods used by spyware in order to secretly collect information. Some of these are as follows:
  • "Key logging" is a method by which the spyware keeps track of what keys you strike while you are at your computer. This is useful for detecting passwords, credit card numbers, bank account numbers, and other personal information.
  • Other spyware keeps track of your web browsing habits, which can then be used to build a personal profile of you, discovering your interests, who you contact, and what you visit. When this data is transmitted it can then be sold to advertising agencies, who can then use it to send tailored advertising to you.
  • Another form of spyware can simply scan your hard disk and send copies of your files to the originator of the spyware.
  • Some companies incorporate forms of spyware into their software, which give feedback to the company of your use of their programs. These are not considered malware or harmful software. But these programs still watch your computer activity and keep track of your usage, usually without your knowledge. While this might be considered "legitimate," it is, however still an invasion of your privacy if you have not given your express consent. In any case, this practice uses your computer resources for somebody else's gain.
While the above explanations and descriptions are far from complete, it does serve to give a general picture of what forms computer viruses, malware and spyware can take.

Protection


A full detailed description of all methods, viruses, malwares, and spywares, would practically fill an encyclopedia. The above description only serves to bring about a general awareness on the subject.

To protect yourself from viruses, malware, trojans, spyware, and so forth, it is important to have an antivirus program running that protects your computer.

There are two types of antivirus programs. Both detect and handle viruses, but they use different methods to accomplish this.

The first one keeps a list of known viruses and virus types, called "virus definitions." T his list of virus definitions is called a virus library. The program scans everything entering your computer. Any file, document, or program that enters your computer is inspected and compared to the virus definitions in its library, to see if it matches any of the "virus definitions."

One disadvantage of this system is that, if a new virus comes out which is different
from the viruses stored in your library, this antivirus program will not detect it, and will allow it onto your computer.

When using such a program, it is important to have a subscription and to be connected to the Internet, so that your virus definitions are constantly updated. New viruses come out every day. If you choose such a program, one of the things to check for is how often the virus definitions are updated. This will play an important role in keeping you and your computer secure.

The second type of anti-virus program is called a HEURISTIC program. "Heuristic" means "learning by discovery or by trial and error." It comes from the Greek word "heuriskein," which means "to discover".

In other words, the program is capable of discovering new viruses not already known. It is written in such a way that it is able to learn and discover new viruses, without having to refer to a library. This program will most likely also have a library of virus definitions. But in addition to detecting already known viruses, it is able to detect new viruses, and is therefore a more secure program.

One final thing to take into account, when choosing an antivirus program, is how much computer power your anti-virus program uses. It is all fine to have the biggest antivirus program in the world, but that might not leave much computer power left for you to run your other programs. This is one of the most important factors for you to take into account.

Otherwise, you may run into a situation where, instead of viruses slowing your computer down, your antivirus program is slowing your computer down!

There are many companies that specialize in these programs. Some of the more well known ones are Norton Antivirus, Trend Micro, Panda Anti-Virus , McAfee, and Kaspersky Antivirus.

There are several free antivirus programs, one of which is AVG Free Edition. You can also get free adware removal programs such as "Ad Aware" and Spybot Search and Destroy.

For my own reviews and experience with different Antivirus programs, please see the post here.

I would not necessarily say that "any antivirus program is better than no antivirus program." Free antivirus programs are not as secure as the ones you pay for, and can lead one to have a false sense of security. But this is, of course, personal choice, and I leave it up to the individual to decide what he thinks is best for himself.

I would, however, like to comment that the antivirus programs that you pay for are most likely invest more time and money into staying up to date and ensuring that their products meet higher standards than those of the programs which are free. It is simply a matter of available resources.

Having said that, the big name-brand antivirus programs are not necessarily the best antivirus programs. While Norton Antivirus is one of the better known antivirus programs, this is largely due to the fact that Norton has been around for a long time and has good marketing campaigns - not because of its performance.

Factually, Norton Antivirus takes up a lot of memory and computer resources. It is also known to cause bugs in some systems, and it is not the highest scorer in comparison charts. McAfee scores slightly higher than Norton, but also known to cause other problems, as well as being heavy on your system.

Kaspersky Antivirus, while not as well known as the others, generally scores high in charts and uses a minimum amount of resources. This is one I would recommend if I were asked. However, as I said before, I leave the choice up to the individual as to what program they should get.

If you want to find out for yourself, you can always check on a computer forum, or download trial versions and compare them. A word of caution - if you download a trail version - Norton, and especially McAffee, can be very hard to remove from your computer.

Okay, I hope you have a better understanding of computer viruses and computer security.

Best,


Anna

No comments: