Security Sin 1 - "I don't need anti-virus software because I'm not at risk"

While viruses don’t have the same media impact they did a few years ago, they still represent one of the biggest dangers to your PC’s security. Everyone remembers the notoriety of some viruses, which were timed to activate on a certain day, crashing hard drives, formatting discs, causing widespread havoc and shutting down systems. Fortunately, this kind of destruction is much rarer now, partly due to better protection which monitors the activity of files, but mainly due to virus writers realising there is more money to be made stealing banking information, instead of vandalising data.

While there used to be a few virus creators making a few huge programs, now there are millions appearing every day, most of which are slight variations of existing viruses. Sergei Shevchenko from PC Tools explained why this makes viruses such a threat:

“The virus writers have realised that if they inundate the anti-virus companies, a number of the viruses they write will be out in the open (‘in the wild’) and undetected for much longer. Security companies will prioritise solutions for those viruses that impact the most computers. This means that viruses with a smaller distribution can stay undetected for much longer,” he said.

In 2007, viruses enjoyed a resurgence after the ‘Storm’ virus reportedly infected as many as 50 million PCs, turning them into a botnet. Like many viruses ‘Storm’ spread through email spam, turning home computers into zombies, and using them to spread
spam and attack web sites.

Like Storm, most viruses are downloaded while posing as legitimate programs, or piggy-back on the back of real downloads, which can remain undetected by some anti-virus programs. Unlike some malware where the attack is focused on the victim’s PC, viruses use the host machine to spread themselves, often using your email contacts to send your friends infected messages.

Using other machines as hosts means that malware writers can avoid detection while using zombie PCs to do their work, and your bandwidth will be eaten up. Your computer working overtime or your internet speeds becoming constantly slower are signs that your anti-virus protection may not be up to scratch.

In a survey of our readers we found that one in five of you had suffered data loss in the past. That risk is multiplied if you’re not running anti-virus protection, as many malicious viruses will deliberately corrupt data or cripple your computer to the point where
formatting is required.

Reader rescue

As part of our campaign we are going to readers’ houses to help them beat the seven deadly security sins. Alan Edkins from Bath called us regarding his network security, as he has not used any anti-virus software since purchasing his PC last January. Alan had not been using any anti-virus software on his Windows Vista PC after a bad experience with a security package that slowed down a
previous computer several years ago.

“I used to have an old edition of Norton Internet Security, though half of it wouldn’t install properly, and it was such a pain I got rid of it. When I purchased my new computer I didn’t want to pay out for the software, so I left it,” he said.

However, recently Alan has noticed some problems with his PC’s behaviour and called on us to investigate. On starting his computer you could instantly tell that he was having problems with viruses. The desktop was covered in strange icons and it took over 15 minutes to respond after booting.

“Everything was OK until relatively recently, and then these programs started installing themselves. Now every time I switch on the machine it seems to be a little worse,” he said.

After discussing his PC habits, it seems that downloading software from untrusted sources was the key to Alan’s downfall. He had been downloading freeware to try to improve his system performance, and hadn’t been using approved sites such as download.com.

We came armed with a copy of PC Tools Spyware Doctor with Antivirus, which is a great product for all round security. The program is very slim, and works quietly in the background, so the performance problems which Alan had suffered previously with bloated security packages won’t be an issue.

We installed the software and carried out a full scan to see the extent of the problems Alan was facing. The results were grim. More than 10 viruses were found on Alan’s hard drive, and a little research showed the risk they posed. One of the viruses detected was known as Netsky, a malicious virus which hogs network traffic and makes changes to the system in order for it to operate. It also uses your email set-up to propagate itself to other computers using your contacts. This is a prime example of the importance of keeping your computer clean and free of viruses, as this could have spread to hundreds of other PCs from Alan’s machine.

As well as installing and sweeping Alan’s system with PC Tools Spyware Doctor with Antivirus, we safeguarded his system with ThreatFire, a behavioural anti-virus program which is designed to complement existing antivirus programs. ThreatFire’s job is to
detect the behaviour of a virus, which might not have been detected by an anti-virus company yet. A virus is most dangerous when it is ‘in the wild’ like this, and a behavioural program like ThreatFire (www.threatfire.com) helps to eliminate that risk.

Six tips to stay safe from viruses

1 Regularly apply any critical updates to your operating system and all the software that you use.

2 Keep your firewall and your anti-virus and anti-spyware products armed and regularly updated.

3 Steer clear from any links or attachments that arrive by email, via your instant-messaging application, or through other communication channels.

4 Buy software from reputable vendors. If you use free software, make sure the vendor is known and you understand any terms and conditions that accompany it.

5 Watch the ‘health’ of your system – any sudden crashes, slow-downs or instability could be a sign of an infection.

6 Keep all your documents regularly backed up, and know how to restore your system in case you need to do so.