Question: How did my Windows computer get infected with Trojans and spyware when I was running up-to-date antivirus software?

Answer: Antivirus software is primarily designed to detect and remove computer viruses – small pieces of computer code that reproduce themselves by attaching themselves to other programs (infecting them like a biological virus does). Many years ago, a good virus scanner was protection enough, but today it isn’t.

Most malicious computer hackers have moved beyond writing viruses and have started creating ‘malware’ (malicious software) instead. Malware can be a program that promises to do one thing, but actually has another hidden and more sinister function (this is called a Trojan). Some types of malware are hidden in innocent looking Web pages you visit and will install quietly in the background while you are Web surfing (browser exploits), without your being aware of it. Some types of malware can jump from one machine to the next without needing to attach themselves to files by scanning the Internet until they find machines with security holes they can sneak through (these programs are called worms).

Antivirus software, while still necessary, just wasn’t designed to deal with these threats, and that’s how you can wind up with a malware-riddled computer even though your antivirus package is the latest and greatest.

Here are the steps you can take to keep your computer free of nasties:

1. Keep your operating system (OS) up to date – most OS vendors release patches for security holes soon after they are found. Worms can’t slither through holes that have been closed.
2. Run a good network firewall, as network-scanning malware will bounce right off it. Users with high-speed Internet should consider purchasing a separate hardware appliance for this (costs approx $50). Dial-up users should download a free firewall product (e.g. Jetico personal firewall), or use the firewall built into Windows.
3. Run spyware and malware blocking tools to safeguard your OS. I recommend Spyware Blaster to close holes in your Web browser and Spyware Guard to prevent unwanted changes to the Windows registry (where Windows keeps its configuration data). Both programs are available for free.
4. Discontinue using Internet Explorer (IE) as your Web browser and Outlook Express (OE) as your e-mail program. The vast majority of browser exploit malware is written to take advantage of security loopholes Microsoft built into IE for use with other Microsoft software. OE uses IE to display all HTML formatted e-mail messages potentially allowing malicious code to be run on your system. I recommend upgrading to the free Mozilla Firefox Web browser and Mozilla Thunderbird e-mail program instead (both will import settings from IE and OE and will increase your security tenfold).
5. Run a good malware scanner on a weekly basis, one that is installed on your computer. I’m a big fan of both SuperAntiSpyware and Malware Bytes. NEVER use an online tool as too many of these are Trojan sites that actually install malware onto your system.
6. Look before you download. Programmers writing free programs have to get paid for their work somehow, and many do this by hiding bad stuff inside their software. Never install a free program without researching it first via a search engine such as Google (type in program name + spyware + malware + Trojan). If a program is hiding something you’ll find computer geeks discussing it and warning each other right away in online forums.
7. Beware of free downloads. Organized crime is behind a lot of the malware making the rounds today. They like to hide trojans in screen savers, smiley packs for your chat program, pirated software and key generators, and even in music and movie downloads. It’s generally safest to legitimately purchase the software or other content that you want to use.
8. If you are going to download freeware programs, find them at sites that are known to check them first for malware before offering them to the public. The best of these is download.com.
9. Continue to run a good virus scanner. I recommend Avira Antivir, which comes in a version free for personal and home use. The new Microsoft Security Essentials virus scanner also seems to be quite good, so far.

Sean McCormick
A+, Network+, Linux+, CTT+, I-Net+
MCSA, MCSE, LPIC1

Update, Nov 01, 2009: Some of the programs originally mentioned in this article are no longer on my recommended list and I have updated all links to go to the products I’m now recommending.