Art and Virus

Although the subject of virus is nowhere near the subject of art I have decided to add this help page to offer some remedy and means to combat the ever-growing problem on the Internet today. Though I am not offering a comprehensive solution to Internet virus problems, I am offering informational resources to combating them. Unlike the golden days of the Internet (mid 90's to late 90's), the common denominator today seems to be that most people have fallen victim to Internet viruses, spam mails, trojans, browser hijacking, spywares, or data mining on their computers to some extent. Hence, this page has been created to help the uninformed.

(All articles and information on this page will be modified and/or updated as I find the time to write them and discover new tools on combating viruses).

Virus Information

To understand the specifics on viruses and spywares visit the links below. Among many sites, I have found a few that are highly informative and useful in understanding just what a virus is, what you can do to prevent it from entering your system, and how to delete it should your system become infected with it.

For matter of discussion, I use the terms Virus, Worm, and Spyware distinctively. By Virus, I mean a malicious code that self replicates, often opens a backdoor to hackers, corrupts programs, sometimes crashes the operating system, alters and/or damages the boot sequence, destroys files, and in general wrecks havoc in the system. By Worm, I mean a malicious code that propagates through infected emails that often alters the boot sequence, respawns itself each time the machine is booted, corrupts programs, sometimes the operating system itself, and worse still, steals your email account and randomly sends out infected emails to all those listed in your address book. By Spyware, I mean the parasite that often disguises itself as a helper object (toolbar, hotbar, Active X component, etc), and steals and sends out your private and even secured information to advertisers, data-mining firms, and tracks your online activity. As spyware typically works bi-directionally, it doesn't just passively collect private information and transmits it, but also receives pop-up and in-browser advertisement signals from servers. Did you know that data-mining is actually a revenue source for these nasty servers? The more they know of you, the greater their revenue source, so they have every motive to steal your private information.

A common misunderstanding is that an anti-virus program will detect and kill all viruses and spywares. In reality, it may kill viruses, but it won't kill spywares at all. Technically spyware is not a virus, and hence anti-virus program will not kill it. To kill a spyware implant in your system, you need an anti-spyware program such as Ad-aware and Spybot S&D. They are free, so stop wasting your time and download the programs and disinfect your system right away.

• Cert - An excellent and comprehensive introduction to home computer safety and virus prevention and disinfection. Highly recommended reading.
• Sophos - Major anti-virus vendor site with a database list of viruses and articles on viruses.
• Spyware Info - Clear narratives along with detailed exposition on viruses as well as spams, trojans, browser hijacking, data mining. worms, etc.
• Wilders - Site with excellent narratives on combating viruses, trojans, spams, and spywares.
• Allentech - In-depth and extensive coverage on Browser parasites, or spywares. You'll be amazed to discover what you thought to be nothing but helpful toolbars are in fact nasty virus-parasites that track your browser activity and bi-directionally transmit information such as advertisements, popup windows, browser activities, cookies, private information, and possibly even secured information from your system.

Tools
Anti-Spyware, Anti-Virus, and Firewall Software

• The best spyware disinfection software that I am aware of are Ad-aware 6.0 and Spybot S&D. They are free and I personally use them regularly to maintain my computer free of spywares.
• For combating viruses, I recommend PC Cillin Anti Virus or Nortons Anti Virus software.
• For system security, I recommend ZoneAlarm Personal Firewall or Sygate Personal Firewall. Both offer free, personal version of their firewall software.
• Symantec - Comprehensive collection of free virus/worm removal tools and instruction on how to remove specific worms and viruses. Without the information from Symantec's web site, one of my computers would still be so corrupted with a Klez worm that it would be rendered useless. I consider Symantec's site to be an absolutely necessary resource on combating the most persistent viruses and worms.
• Spam Buster by ContactPlus and Spam Killer by McAfee. Useful tool for filtering spam mails.

Prevention

• Web Browser Security - The first and simplest method to combating spyware infection is to not to catch it in the first place. Surprisingly most of us are unaware of the fact that just visiting certain malicious web sites can be in itself the first step to becoming infected with a virus. In most cases, it requires the user's volitional act to allow a virus to become implanted onto the user's system via a download of a free program, an Active X component, or even a so-called Browser Helper Object file installation to view the page. My first recommendation is to never, ever say "yes" to any file download or an installation of Active X component, a browser helper object , or any toolbar. You don't need to know what an Active X or BHO is. Simply don't allow a download. Just about all spywares carry malicious codes that break into your system security, steal your private information, snoop your browser history and Cookies, and transmit these information back to the server as well as to partnered advertisers, data-mining firms, and/or revenue-generating servers. How secure is your credit card transaction with a toolbar installed in your Explorer? Makes you wonder now, doesn't it? So, kill all spywares with Spybot and Adaware programs ASAP.
   
• MS Explorer Security - Disable all "scripting" in your Explorer browser settings as enabling them may provide loopholes for malicious, executable codes to infiltrate into your system. Simple steps: Open Explorer, Goto Tools/Internet Options/Security/Custom Level/ and in it, select "Disable" in all check boxes containing the word "script" or "scripting". Allowing scripting within Explorer will always leave it vulnerable to web pages containing hidden malicious codes and scripts. As most web pages contain at least some JavaScript functions for user interactivity and design purposes, by disabling all Scripts in Explorer some web pages may not display properly. It's a tradeoff between security and functionality, so it would be to your best interest to tweak the settings to your preference.
  For privacy protection, Goto Tools/Internet Options/Content/ and in Personal Information section, click Auto Complete button and deselect all check boxes and clean out all auto complete history (click Clear Forms and Clear Passwords buttons). Also in the same section, Tools/Internet Options/Content/, there is a button called My Profile. Click on it to see what is stored in that section. If any item exists in My Profile dialogue box, I highly advise deleting it (via Outlook) as personal and even secured information stored in there can be infiltrated by spyware. If you had done any online shopping with My Profile enabled, your credit card number will always be associated with that profile. So, how secure is it with literally hundreds of spywares floating around on the Internet today?
  For Cookies protection, the best option that I have been using for many years is blocking Cookies altogether. Goto Tools/Internet Options/Privacy/Advanced and in it, select Override Auto Cookies Handling, Block First Party Cookies, Block Third Party Cookies, and deselect Always Allow Session Cookies. Granted, by doing this you may not be able to access web pages that require some sort of user input such as web mail, password protected pages, secured pages, etc. Should you require a specific Cookies session to be allowed, Goto Tools/Internet Explorer/Privacy/Edit and in it type in the web address and click Allow. Although Cookies may not be as dangerous as using My Profile or enabling Scripts, why bother leaving traces of your Explorer browser activity? Who knows who might pick up what information about your online activities, and for what purpose, eh?
   
• E-mail Security - I'm afraid this is a tough issue to combat. As most people are not aware of the thousands of email worms floating around on the Internet, often disguised as jokes, funnies, and even cartoons, they tend to forward these web pages and/or jokes to their contacts and unwittingly propagate the malicious virus codes. One contact leads to another, and soon the virus codes can spawn and infect millions of systems. Sometimes these viruses are so vicious, they can destroy the computer's hard drive. But that's not to mention about E-mail Worms such as Klez, which not only infects various programs, but randomly propagates virus infected emails out to all those in the address book without the user's consent or knowledge. In one instance, I have witnessed an infected system that had sent out almost a thousand virus infected emails within a 2-week period, all of which were without the user's knowledge or consent. Read more about the Klez worm at the bottom of this page. The best prevention to catching or spreading email viruses or worms is to never send a web page or forward a received email attachment to anyone. And never open an email attachment without first scanning it with an anti-virus program (even then, it is not foolproof). PC-Cillin and Norton's Antivirus programs have good pop-3 scanners that will screen your emails for you, so I recommend using them.
   
• Spam Prevention - A persistent and the most irritating problem on the network is Spam emails. It is a despicable practice by some servers, advertisers, and marketers to send hoards of unwanted and unsolicited emails to innocent servers and users. The best prevention is to never expose your real email account to anyone other than those whom you trust. Sometimes en email registration is required to access certain web pages for certain membership services. I highly advise against giving out your email account to anyone for any reason. If email registration is absolutely necessary to gain access to desired services, give out your web mail instead. However, registering for a web mail requires your real email input and this in itself can an invitation to spam mails with some shady web mail servers, so beware. It is also a good practice to avoid using your master email account assigned by your ISP. If multiple email accounts is available, create sub accounts and utilize them instead for general email purposes. Once and if you begin to receive spam emails in your sub account, your best solution is to simply delete it and create a new one, where as doing so with your master account is not possible. If being bombarded with spam emails, your worst reaction would be to reply to the spammers. Doing so only gives spammers confirmation that you exist on the receiving end, and virtually nothing will stop them from spamming your email. Another spam email prevention is to never participate in mass forwarding of received emails with jokes, funnies, cartoons, attached web pages, or any attachments. By doing so, you are only exposing your email account as well as those of your recipients to an exponentially increasing number of people on the network as the email travels, eventually landing into the hands of hackers, spammers, advertisers, and marketers. Forwarding emails is also the most lethal and common means of spreading viruses and worms. You don't have to be the funniest person with the latest jokes found on the Internet. By forwarding such an attachment or inserted web page, you are only becoming a pawn to hackers, virus programmers, spammers, unethical advertisers, and legitimate and shady Internet marketers, It is estimated that each day there are approximately one billion spam mails floating around on the Internet. If you were a recipient of just a fraction of one percent of that, your email account would be so flooded with spam mails every day as to render it completely useless forever, for as where you might but spammers will never forget your email account. There are also tools to filtering spam mails called Spam Buster by Contact Plus and Spam Killer by McAfee.
   
• Windows XP Firewall
  If you're a Windows XP user, by all means enable its built-in Firewall and use it. By default setting, Window XP Firewall is disabled on Windows installation. Particularly vulnerable to hacker attacks are broadband users with permanent connection to the network. Windows XP Firewall works through a stealth mode in which anyone attempting to scan your IP and intrude into your system not only gets blocked but also thwarted due to the system's invisibility. If your XP Firewall isn't enabled and you are connected on broadband, just follow the simple steps outlined below and you're set.
  • Mouse over your task bar
  • Right-click
  • Select Properties
  • Select Start Menu tab
  • Click Customize button
  • Select Advanced tab
  • Scroll down on Start Menu Items dialogue box till Network Connections is visible
  • Click on Display as Connect to Menu
  • Click Ok button on first dialogue box
  • Click Ok button on second dialogue box
  • Go to Start
  • Go to Connect To
  • Click Show All Connection
  • Network Connection dialogue box opens, and here double click on LAN icon
  • In General Tab, click Properties button
  • Select Advanced tab
  • Check mark the Internet Connection Firewall
  • Click ok, and you're done.
  • Along the process Windows XP Firewall wizard may ask to name/create a log file. Simply create a file and you should be done. Although initially on the Firewall enabling process you will need to create a log file, my recommendation is not to enable logging of network traffic activities because the traffic log can become huge with just a few minutes of logging.
     
• Firewall Software
  For those with older versions of Windows than XP, the following Firewall software are what I recommend.
  • Sygate Personal Firewall Offers a free personal version of firewall.
  • ZoneAlarm Personal Firewall Offers a free personal version of firewall.

Remedy

The simplest solution to cleaning the infected system is to use anti-virus and anti-spyware programs. Listed below are the software that I recommend.

• Anti-Spyware Software
  • Ad-aware 6.0 - A great free anti-spyware, anti-data-mining program that scans, detects, and disinfects your system of just about all spywares.
  • Spybot S&D - Another great free anti-spyware program. What Ad-aware 6.0 may miss, Spybot S&D is almost certain to find and destroy. As of its latest, version 1.2 release, Spybot now comes with protection against malicious intrusion via the Internet Explorer's vulnerabilities and loopholes, a great feature to have.
     
• Anti-Virus Software
  • Nortons Anti Virus Antivirus, Firewall, and Internet Security are separate software.
  • PC Cillin Anti Virus Antivirus security and personal firewall combo software.

A specific solution to a particular virus infection
Mass-Mailing "Sender Forging" Worm & Propagation

W32.Klez Worm and Variants

• This virus is about as nasty as they come. The effects of Klez Worm is deadly and insidious. If you are a victim of this virus, you are certain to have experienced the most notorious virus floating around on the Internet to date. How would you know if your system has been infected? Simple actually. You find your computer sending out massive quantities of virus infected emails to all your contacts in your Outlook address book. On random intervals and of course without your knowledge (and certainly without your consent or command), the virus sends out literally hundreds of infected emails to your contacts, thus infecting other systems that come into contact. The viciousness of this virus, or worm, is that it hides a copy of itself within the system, and despite disinfecting it with updated antivirus software, it simply re-installs into your system on rebooting and re-infects your system all over again. Although most antivirus programs will detect and destroy the worm, what they cannot seem to do is kill the original worm buried within the system that's ready to re-spawn on every boot process.
• Solution? The only solution I have seen and tested that actually killed this worm for good is a free program called Symantec's FixKlez. Follow the link and read through the information, then download the program to disinfect your system of the Klez Worm and its variants. This worm is vicious and nasty, so if your system is infected with it, download the free program and kill the worm ASAP.
• Recent news regarding Klez worm covered at Cnet. More news on Klez covered at CNN. A bit technical in reading, but thorough explanation on what a Klez worm is and what it does, covered at Sophos (Also available, information and disinfection program for cleaning out Klez).