Viruses & Worms
1) What are Viruses, Worms and Trojans?
2) How do I protect my computer from malicious code?
3) How can I tell if a message warning me of a virus threat is real or not?
4) How do I know that my computer is infected?
5) What do I do if I think my computer is infected with a virus or otherwise compromised?
A. One of the most common Internet threat is Malware, short for Malicious Code, which refers to viruses, worms, Trojan horses and other undesirable software. The purpose of such software is to cause disruption either by deleting files, sending emails, or rendering the host system inoperable. The National Institute of Standards and Technology (NIST) has defined the following:
Virus is A self-replicating program that runs and spreads by modifying other programs or files.
Trojan horse: A non-self-replicating program that seems to have a useful purpose, but in reality has a different, malicious purpose.
Worm: A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.
Malicious code can take the form of:
- Java Applets
- ActiveX Controls
- Scripting languages
- Browser plug-ins
- Pushed content
A. Protect your computer by following these steps:
- Install anti-virus protection on your computer. Marshall University students, faculty and staff may download Symantec antivirus software for free here:
- Keep virus signature definitions updated. Scan your computer for viruses regularly.
- Set your computer to install operating system patches automatically. Some malicious code does not need e-mail or attachments to spread. It is very important to install security patches as soon as they are available. You are responsible for keeping your operating system, applications software and browser updated and properly patched. Click here to learn more about updates or call the IT Service Desk at:
(304) 696-3200 Huntington calling area
(304) 746-1969 Charleston calling area
(877) 689-8638 Toll free, outside the Huntington/Charleston calling areas
- Use an Internet firewall. Windows Vista and Windows XP with SP2 has a firewall already built-in and turned on by default.
- Be very cautious about opening suspicious e-mail attachments, even from people you know. Many viruses can falsify the sender’s address. Never open an e-mail attachment from someone you don’t know. Many viruses hide themselves inside attachments; when you click on the attachment, your computer will get infected. Check what type of attachment it is. If attachment ends with two periods, such as .txt.doc, .xls.exe, or any combination of file extensions, don’t open it! To find out the real name of an attachment, right click on it and choose “properties”. If the file has an .exe, .vbs, .com, .cmd, .pif, or .lnk extension, do not open it unless you are absolutely sure it was sent by a trusted user and you have confirmed that they meant to send it to you.
- Backup your data. If you computer gets infected and damaged, then you still have your data in backup so that you can restore it onto your original machine or another machine.
A. You’re checking your email, replying to your professors, friends or colleagues, when you come across a message that says: HUGE VIRUS COMING! PLEASE READ & FORWARD!“ Unfortunately this is more than likely to be an e-mail hoax designed to frighten you. Virus hoaxes are false reports about non-existent viruses, often claiming to do impossible things. Don’t forward a hoax to everyone you know, instead take these simple steps to verify the information:
- Do not instantly react to forward the message. You can be certain, if it’s a real threat, the MU Information Security office, news media or legitimate antivirus sources will publish all the necessary alerts.
- Check out the facts. Our MythBusters page provides a list of the links to sites that track hoaxes, legends and myths.
- Email us to verify the accuracy of the message.
- Try a simple search on a site such as Google to see what information there is about it.
A. Here are a few signs that your computer might be infected provided by Microsoft:
- The computer runs slower than usual.
- The computer stops responding, or it locks up frequently.
- The computer crashes, and then it restarts every few minutes.
- The computer restarts on its own. Additionally, the computer does not run as usual.
- Applications on the computer do not work correctly.
- Disks or disk drives are inaccessible.
- You cannot print items correctly.
- You see unusual error messages.
- You see distorted menus and dialog boxes.
- There is a double extension on an attachment that you recently opened, such as a .jpg, .vbs, .gif, or .exe. extension.
- An antivirus program is disabled for no reason. Additionally, the antivirus program cannot be restarted.
- An antivirus program cannot be installed on the computer, or the antivirus program will not run.
- New icons appear on the desktop that you did not put there, or the icons are not associated with any recently installed programs.
- Strange sounds or music plays from the speakers unexpectedly.
- A program disappears from the computer even though you did not intentionally remove the program.
A. If you believe that your computer has been infected please do the following:
- If you have anti-virus software that is up to date, check to see when was the last time the virus definitions were updated. Make sure they were updated within the last day. Scan all files on your computer and clean any infected files.
- If you don’t have current antivirus software installed download and run the Microsoft Malicious Software Removal Tool.
- Check to see if you’ve applied all the latest operating system patches for your system.
- If the problem continues, record any error message or details about the possible compromise.
- Remove your computer from the network (e.g., unplug the Ethernet cable and disable any wireless connections).
- Do not use your system for further work, and don’t add/change/remove any files.
- Contact the your departmental IT support or MU IT Help Desk.
Last Modified: April 17, 2013