Anatomy of a Virus

Tech Talker teaches you about how computer viruses work and what they can do to sabotage your data.

Eric Escobar
4-minute read
Episode #11

The winter season wouldn’t be complete without a cold. But besides your own runny nose, your computer might also fall victim to any number of nasty bugs currently going around. And unfortunately, these can take a little more than hot tea or acetaminophen to heal. So in today’s episode, I’ll explain certain types of malware and how they find your way into your computer. This is a two-part series, so next week I’ll go over strategies on curing anything that ails your system!

What is a Computer Virus?

I’ll start off by explaining a little bit about the bad stuff that gets into your computer and what it does. In general, most infections take place on Windows machines, and even though many people think that Macs are impervious to infections, they are most certainly not! Yes, Macs do a better job in the infection department and although you may not have to be as concerned about catching a bug as a Windows user, it’s always good to know what infections are and how they can put your data in jeopardy.

So what types of malware can your computer get? Well, just like diseases a person can catch, the list is a long one that can really only be broken up into categories because each infection can have a unique strain or method of infection. Here are the 3 most common types of computer virus:

Backdoors - This type of malware creates a software hole in the computer which creates a sort of open door policy allowing an attacker to run anything they want on your computer without being stopped by your computer’s defenses.

Trojans - These types of infections act just as their name predicts. A seemingly harmless file when run unleashes nasty code that tears down your computer’s defenses from the ground up. These often include backdoors which make for a lethal combination.

Rootkits - In my opinion, these are the worst infections out there. Not only does this malware infect your computer, but it fights back! If the infection gets stopped, a rootkit can restart itself, copy itself or even move itself. These are masters in the art of concealment, and often make removal next to impossible.

This begs the question – what do hackers get out of infecting your computer? Well unfortunately, the answer is a lot!

Why Are Viruses Created?

Generally, malware that infects your system combines any of these 3 elements for specific purposes. For example, some malware installs a program called a keylogger, which records everything you type hoping to catch credit card numbers and personal information which could then be later sold and used against you.

Sometimes malware stays quiet on your computer until the attacker wants to activate it. Generally, the attacker will wait until he has infected a few hundred thousand computers, and then he essentially has enlisted your computer in an army of other infected computers without you even being aware! He can then command this army to visit one website.

Now I bet you’re thinking “So what? All of that work to visit one website?” In reality, a hundred thousand computers visiting a single website multiple times per second can easily bring down some of the biggest websites on the internet just from the sheer number of connections. The server the website is hosted on will simply be overloaded and shut down. And that’s usually what the hacker wants.

Then there is the malware that appears to be an antivirus that will (for a small fee) gladly remove all of the nasty programs that it itself installed. Of course once you pay, they will ask for more, and more and more to squeeze as much money as possible out of you with no intention of ever fixing the problem! Some of these are especially convincing, that’s why you should always be wary when a program or website asks for your credit card number.

Sometimes malware stays quiet on your computer until the attacker wants to activate it.

The problem with most malware is that the moment it runs on your computer, it will disable almost all of your protection instantly which makes identifying it insanely difficult. Luckily, the best tool for figuring out what is on your computer is Google. A few minutes of Googling your symptoms will generally provide a wealth of information. Unfortunately, this requires going to another internet source because the last thing you want to do is to use the infected computer for anything as this could cause the infection to get worse and spread.

For example, the other day I had a run in with a malevolent piece of malware which called itself “Win 7 Antivirus 2012.” It was an impostor that posed as an antivirus but actually worked to infect my computer. So what did I do? I shut off the power supply to my computer and used my smartphone to Google “Fix Win 7 Antivirus 2012 infection” and voila, there were forums, how-to’s, programs, and more on how to remove this bug and all the junk that went along with it. Then in a matter of minutes I deleted it and was back up and running like nothing ever happened.

So here are your Quick and Dirty Tips for identifying malware on your computer:

  1. If something pops up on your screen requesting personal information, don’t provide it.

  2. If you think your computer has been infected by something, shut it down ASAP.

  3. Use anything else aside from the infected computer to troubleshoot.

Now keep in mind, this is a two-part episode. Tune in next week when I’ll teach you how to remove and clean your computer after it becomes infected.

Have a question about anything in this episode? Or a suggestion for a future podcast? Send me an email at techtalker@quickanddirtytips.com or post it on the Tech Talker Facebook wall.

Until next time, I’m the Tech Talker, keeping technology simple!

Image courtesy of Shutterstock

About the Author

Eric Escobar

Tech Talker demystifies technology and cutting edge devices so that even the most tech illiterate can understand what's going on with their computer or gadget — and what to do when something goes wrong.