Today's sneaky viruses require extra precautions

Think you can tell if your PC is infected? Think again. The latest breed of computer viruses do their dirty work without affecting your machine's performance.

Dennis O'Reilly Former CNET contributor
Dennis O'Reilly began writing about workplace technology as an editor for Ziff-Davis' Computer Select, back when CDs were new-fangled, and IBM's PC XT was wowing the crowds at Comdex. He spent more than seven years running PC World's award-winning Here's How section, beginning in 2000. O'Reilly has written about everything from web search to PC security to Microsoft Excel customizations. Along with designing, building, and managing several different web sites, Dennis created the Travel Reference Library, a database of travel guidebook reviews that was converted to the web in 1996 and operated through 2000.
Dennis O'Reilly
2 min read

The malware assault on our PCs escalated in 2008, according to antivirus vendor F-Secure. The company's threat summary for the second half of 2008 reports that F-Secure added 1 million virus definitions to its database this year, a threefold increase from the number of viruses the Finnish security vendor detected in 2007.

Today's malware authors aren't just looking to cause trouble; they're after your money and personal information, which these days are synonymous. Attacks are only going to increase in number and sophistication. If you thought you could avoid an infection by staying away from questionable sites, downloads, and e-mail links, you're mistaken.

The only way to play it safe is to assume the worst. That's why I spent several hours last week disinfecting a notebook computer that probably wasn't infected in the first place.

It all started when I decided to run a free online virus scan on my notebook. I use a top-rated security suite that's set to update its virus definitions and other settings automatically, so I was confident that the scan would come up empty. (I'm not going to name either product because I don't want this post to be construed as a recommendation one way or the other.)

Unfortunately, after a complete system check, the online virus service told me it found two suspicious files on my notebook. The scanner's option to remove the files was grayed out, and the option to "skip" them was recommended.

It appears that the files were flagged as potential problems because they included the word "trojan" in their names. I acknowledge the "hide in plain sight" approach, but I doubt that many malware authors would be so kind as to identify their creation in the file name itself.

Still, the scan had introduced the possibility of an infection, so I immediately closed the notebook's Internet connection, updated the virus definition database of the antivirus software installed on the machine itself, and performed a full system scan using that program.

I wasn't surprised when the scan came up clean--several hours later--but I was relieved that I didn't have to go into full wipe-out mode, doing a complete system scrub and changing all my passwords. (Come to think of it, I should probably sanitize the system and refresh my passwords, anyway.)

Three years ago, I wrote a story called 10-Step Security that promised to lock down your PC in only an hour. The tips in that article are beginning to show their age, so this week, I'll be updating them here to reflect the new reality of computing in dangerous times.