How Did I Get a Computer Virus?

No Comments

computer-virus

This question has been iterated more times than I can recall over the years from computer users.  The candid answer is simple.  By using your computer you, the computer operator, allowed the virus in.  Beyond the firewalls and antivirus software the best and last line of defense against a virus is you, the computer operator.

Obviously you never intended the virus in voluntarily.   Hopefully I can provide some insight into how you “willingly” allowed the virus in and guidance toward awareness of this process and how to avoid future potentially catastrophic situations resulting from a maliciously destructive virus.

With today’s email scanning systems it is rare to see an email with an attached file containing a virus.  Most contemporary filtering software will filter nearly all virus email.  The “bad guys” out there know this and have shifted their attention toward a multi-phase attack.

Let’s use a real world example.  The file I want to download is called FileZilla (client) which is an FTP client used by many of us to upload or download large amounts of data across the Internet.  In order to get the software I run a quick Google search for “filezilla client” which reports back the following:

 

As you can see we have a number of results each suggesting they are the source to download the file.  Clicking the top link takes me to Sourceforge which is a website catering to downloading files.    From here I see a link to download the file so I click to download and the installer asks permission to run the program.  As this is a program I am wanting and assume this software to be clean “freeware” I allow the program to run.  Next I see this window:

Clicking Next brings up:

But wait, this isn’t FileZilla.  This program is technically spyware and adware <click here to find out more>; a virus.  It intercepts your web searches and gives you their “view” of the results while reporting back to a central server everything about your web browsing to sell on the open market.  So, I will click on the decline button to the next screen:

This is also not Filezilla rather another malicious program called Linkey.  Although technically not a virus this software installs a “rootkit” to hook into the deep functionality of your computer to further spy on your computer, redirect web browser intentions, and allow back door access for a real virus to come on board. So, we click Decline and move along to this page:

Note:  If I would have clicked ‘Accept’ then I would have two malicious software programs running on my computer.

Download is complete and I now appear to be able to click “Install Now” to install Filezilla.  Not so fast.  I may still be a victim of installing malicious software.  The issue here is the core program, Filezilla, is wrapped in another installer which may have other malicious software associated with the install which the Sourceforge installer simply doesn’t care to notify you about.

This form of software download, through websites like Sourceforge, has become very prevalent yet should, at all cost, be avoided.  Other sites doing this are Cnet.com and Filehippo.com to name a few.  The slippery aspect to this is companies, like Sourceforge.com, will claim you can download the intended software without the malicious software by clicking decline.  Unfortunately this is a problem.  The Sourceforge installer is analogous to placing the intended package you want inside a bigger box which you can’t see the contents of until you pull it out of the box.  Once pulled out of the box, whatever it is, installs on your computer; good or bad.

I used Filezilla for this example, however this applies to all free software.  If you can’t verify the software is clean or simply not sure then use an ounce of prevention by not installing the software.  Give us a call or email and we will direct you to a safe download location or take care of the install for you.  Most free software out there comes with the saying ‘no such thing as a free lunch’.   A few exceptions do exist such as downloading Adobe Acrobat PDF Reader from Adobe.com, which is clean software.

As a general rule, any software, which wants to install other software along with your intended software, should be avoided or you will almost certainly get a virus.

More from our blog

See all posts
No Comments