Over the last few months I have noticed an increasing number of computers infected with the virut family of viruses.
Some of these are very unpleasant. They can cripple your anti-virus software, replicate in various places on your hard drive, disable Windows updates, disable internet access, and delete or modify key Windows system files to the point where your computer becomes so unstable it cannot be used, or will not start at all.
According to viruslist.com, four of the top twenty malicious programmes infecting personal computers in April were members of the virut family. Nimda, a worm which disables your Windows desktop, is also high on the list.
I have also seen donwadup (conficker) infections, and script downloaders (also known as drive-by downloaders) which can infect your computer when you visit a malicious or infected website.
Some of these infections are extremely difficult to remove, because they make hidden copies of themselves. If even one is missed, the computer will be re-infected. Also, they can infect needed Windows system files in ways that cannot be disinfected without destroying the Windows files, so you can end with a clean computer , but a computer that will not start.
Once you are infected by one virus, the chances are that your computer security will be weakened and your computer will quickly have multiple infections.
Prevention
Use a good anti-virus/anti-spyware programme. For ordinary home use, the free versions of AVG or Avira are quite adequate. If you visit porn or gambling sites, or use p2p (file sharing) software, you will need a high end commercial anti-virus like Kaspersky or Vipre.
Keep your anti-virus software up to date. I have just fixed a computer infected with virut ce. This version of virut was only found in the wild for the first time in February. The computer had a good anti-virus programme, but it had not been updated since early February, so the computer had no protection against viruses developed since then.
Keep Windows up to date by allowing Windows Update to run automatically. Computers running automatic updates were at no risk from conficker.
No anti-virus software can protect your computer all the time, from every attack. The highest rated anti-virus products achieve detection rates of up to 97%.
You can still be safe on the internet if you are cautious.
Do not open files or run programmes if you do not know what they are or where they have come from. This includes email attachments. Take care with files from friends, school, and even commercial suppliers. Infections can come from CDs and flash drives as well as the internet.
Do not use p2p software. Or if you must, run a full virus scan after every download. Do not visit porn or gambling sites. Some people will anyway. If you do, make sure your antivirus is up to date beforehand, and run a full scan after you leave the site.
Run a full, deep or maximum security scan every week.
Do not, ever, respond to a pop-up on your screen telling you your computer is infected, and that you need to download or install an anti-virus product. Clicking anywhere on one of those pop-up boxes, including the ‘’No’ button, may give permission to install rogue anti-virus software which will cost you money, slow down your computer, cause lots of dire (but incorrect) warnings and achieve nothing.
Some fake security alerts are very convincing:
Fake Windows Security Alert
More fake alert pictures from Enigma Software.
Do not be fooled! Don’t click anywhere on such an alert. Shut your computer down, restart, and run a full virus scan.
If you are in doubt about whether your computer may be infected, and you still have internet access, visit and run Microsoft’s Onecare Live safety scanner.