TROJANS, WORMS, AND VIRUSES

Previous page
Table of content
Next page

WHAT TO DO ABOUT TROJANS

The Annoyance:

My PC has started acting strangelyno matter what I do, my Internet speed slows to a crawl. I've also noticed that my PC dials out to the Internet by itself. And just a few minutes ago, the CD tray opened by itself! Has my PC been possessed by ghosts?

The Fix:

Those are classic signs of a Trojan infection. The biggest problem with Trojans, though, isn't what you see, but what you don't see. Trojans allow other people to silently take control of your computer and all of its resources. For example, they can read, change, or delete your existing files, and even add new files to your computer. They can also use your computer as a launching pad for attacks against others, so it will look as though you're the attacker.

Trojans typically work by "phoning home"that is, they connect to the Internet from your PC. Firewalls

such as ZoneAlarm (http://www.zonealarm.com) provide the best protection against Trojans because they can block these outbound connections. In addition to using a firewall, make sure you scan your system regularly with up-to-date anti-virus software.

Don't Become a Spam Robot

Spam and Trojans share a special and devious connection. Virus writers who infect PCs with Trojans have been selling the IP addresses of those infected PCs to spammers. The spammers, in turn, use the infected PCs to mail out spam. The person with the Trojan on his PC has, in essence, become a spam robot without even realizing it.


HIDDEN FILE EXTENSIONS FEED VIRUSES AND WORMS

The Annoyance:

I opened an email attachment from a friend, which turned out to be a worm that promptly chomped its way through my computer. It appeared to be a graphics file, but I later found out that it was actually an executable program. If I had known the attachment ended in .exe, I never would have opened it. How can I make Outlook show me file extensions?

The Fix:

By default, Windows XP doesn't display common filename extensions, such as .exe, .doc, .xls, and many others. Virus writers use this knowledge to trick people into opening dangerous files. For example, they may write a virus and give it a filename like familypic.jpg.exe. If you received an email with that file attached, you would see the filename as familypic.jpg, because Windows hides the .exe by default. When you click the file, you launch the virus.

To force Windows XP into displaying all filename extensions, open Windows Explorer, select Tools Folder Options, and click the View tab. Uncheck the "Hide extensions for known file types box and click OK (see Figure 9-10). From now on, when you get an attachment in your email program, you'll see the entire file extension.

Figure 9-10. Change your View options to make sure you see the file extension of any file sent to you via email.


HOME-GROWN EMAIL WORM AND TROJAN DETECTOR

The Annoyance:

My friend sent me an email worm. Fortunately, my anti-virus detector killed it, but what if a different worm gets through? How can I tell if a worm has hijacked my PC and is sending evil twins of itself to everyone I know?

The Fix:

Add a bogus email address to your address book. For example, create an address like noone@@worm.com. That way, if a worm or Trojan infects your PC and sends copies of itself to everyone in your address book, you'll get a bounceback message alerting you that your email to noone@@worm.com can't be delivered. Since you didn't try to send that email, you'll know that a worm or Trojan has infected your PC.

HELP! I'VE BECOME AN AIM SPAMMER!

The Annoyance:

A friend on my Buddy List sent me an IM via AOL Instant Messenger asking me to click on the following link: http://www.buddylinks.net. The site asked if I wanted to download a game. I figured if my friend suggested it, the game must be a good one. Bad move! Now I'm getting tons of irritating pop-up ads, and AIM is sending messages to my friends with a link to the same site. Help me get my good name back!

The Fix:

When you downloaded the "game," you installed adware, which is generating the pop-up ads and spamming everyone on your Buddy List. To remove the adware, select Start Control Panel Add or Remove Programs, and remove the following three programs:

  • BuddyLinks

  • PSDT Messaging Integration

  • PSD Tools ChannelUp v1.0

Next, install some anti-spyware software, such as Ad-Aware (available from http://www.lavasoftusa.com), on your PC. Perform a scan and remove any remaining traces of the program.

QUICK ANTI-VIRUS EMAIL CHECKLIST

Viruses and worms commonly spread via email. The following checklist will help you improve your odds against infection:

  • Never open an attachment unless you first check with the sender. A typical infection takes control of the victim's email program and sends copies of itself to everyone in the address book. The message may say something like "Check this out!" or "Thought you might like to see this." The attachment is the virususually disguised as a picture or an innocuous document. If you get an attachment via email, check with the sender before you open it.

  • Keep your anti-virus software up-to-date. Yes, yeseat your vegetables, too. Good, up-to-date anti-virus software will detect almost all viruses, even those sent via email. Make sure you turn on the program's automatic update feature to always download the latest anti-virus definitions.

  • Use your anti-virus software's email scanning features. This feature automatically scans your incoming email for viruses and offers additional protection.

  • Keep Windows up-to-date. Microsoft continually releases updates that protect Windows against attacks. Use the Windows Update feature, or regularly visit http://windowsupdate.microsoft.com.

  • Keep your software up-to-date. It's especially important to do this for email, file-sharing, and other programs that use a network or the Internet. Visit the publishers' sites and download any patches or updates.


INSTANT MESSAGING LINKS HIJACKED MY PC

The Annoyance:

I clicked a URL someone sent me via an instant messaging program, and it hijacked my PCI keep getting random pop-ups, a strange toolbar has appeared in IE, and my PC has slowed to a crawl. How can I send and receive IMs, and still protect myself?

The Fix:

Malware writers are increasingly targeting instant messaging programs as a way to spread viruses, worms, and Trojans. Most likely, a worm or Trojan hijacked your buddy's IM program and sent the message to you. When you clicked the URL, your PC was infected with spyware.

To prevent spyware, viruses, worms, or Trojans from infecting your PC, follow this advice whenever you use your IM program:

  • Don't click on links friends send you until you've confirmed it's your friend on the other end. When you get a message with a link, send back an IM to your friend and ask why she sent the link.

  • If you transfer files with friends via IM, make sure you scan all incoming files for viruses (see "Stop Viruses Sent via IM" in Chapter 7).

  • Keep your anti-virus software up-to-date. Older versions of anti-virus software can't scan for IM-borne viruses, but newer versions can.

  • Get software that specifically protects you against IM dangers, such as ZoneLabs's IMsecure (http://www.zonelabs.com). For details, see "Get All-Around IM Protection" in Chapter 7.


    Previous page
    Table of content
    Next page
    Internet Annoyances
    Internet Annoyances: How to Fix the Most Annoying Things about Going Online
    ISBN: 0596007353
    EAN: 2147483647
    Year: 2003
    Pages: 89
    Authors: Preston Gralla
    BUY ON AMAZON
    Introducing Microsoft Office InfoPath 2003 (Bpg-Other)
    Persuasive Technology: Using Computers to Change What We Think and Do (Interactive Technologies)
    .NET-A Complete Development Cycle
    Cultural Imperative: Global Trends in the 21st Century
    The Oracle Hackers Handbook: Hacking and Defending Oracle
    Python Standard Library (Nutshell Handbooks) with
    flylib.com © 2008-2017.
    If you may any questions please contact us: flylib@qtcs.net
    Privacy policy