skip to primary navigationskip to content
 

Malware

Malware, short for malicious software, is software designed to infiltrate a computer system without the owner's informed consent. The expression is a general term used by computer professionals to mean a variety of forms of hostile, intrusive, or annoying software or program code. The term "computer virus" is sometimes used as a catch-all phrase to include all types of malware, including true viruses. Software is considered malware based on the perceived intent of the creator rather than any particular features. Malware includes computer viruses, worms, trojan horses, spyware, dishonest adware, crimeware, most rootkits, and other malicious and unwanted software.

Staying Safe

The basic principle is to be careful and think about what you are doing. For instance if you receive an email from your bank with a link in it, don't follow the link, but go directly to your banks web site. If you think the email may be genuine, then contact the bank from their website ignoring anything in the email, and ask if it is. Remember, a systems administrator will never need your password, they can easily reset it themselves, but they should never have to.

There is also the fake anti-virus software that tells you that you have hundreds or thousands of viruses and asks for money to activate the program. Never do so. At best nothing will happen, at worst your system will be destroyed. These programs can usually be removed with a combination of anti-virus and anti-malware programs, but sometimes the system has been left in such a state that the only option is to completely reinstall the Operating System.

One of the most important things to remember is that if it looks to good to be true, it is. There is a lot of information available on the Computing Service website at: http://www.cam.ac.uk/cs/security/

Anti Virus

Only one anti-virus program can be installed at any time. The University has a site licence for McAfee VirusScan for Windows and McAfee Security for Mac.

Windows

This procedure must be carried out from an account that has administrator priviliges. The current version of McAfee VirusScan is 8.7i.
Although the .dat files containing virus definations are automatically updated every day, the engine that drives the software must be upgraded manually when a new version is released.

Updating McAfee VirusScan.

Any anti-virus software you have installed, including earlier versions of VirusScan, must be removed prior to installing McAfee VirusScan 8.7i.

  • Go to Start -> Control Panel and double-click Add/Remove programs (Windows XP) or Prgrams and Features (Windows Vista and Windows 7).
  • Scroll down to find the anti-virus software, highlight it and click remove. Note on Vista and Windows 7 the option to "Uninstall" is on the ribbon.
  • When it has finished uninstalling, download the latest version of VirusScan from: http://www-tus.csx.cam.ac.uk/virus/PCdownload.html
  • Double click the downloaded file and follow the instructions. Note that while this is installing it appears that nothing is happening, when it has finished the installation window will disappear from the screen.
  • Right-click on the shield icon in the system tray on the bottom right-hand side of the screen and select "Update Now".

Updates to the .dat files containing virus definitions are made automatically once a day.

Mac OS X

This procedure must be carried out from an account that has administrator (root) priviliges. The current version of McAfee Security for Mac is 1.0

Spyware

Spyware is a type of malware that is installed on computers and collects little bits of information at a time about users without their knowledge. The presence of spyware is typically hidden from the user, and can be difficult to detect. Typically, spyware is secretly installed on the user's personal computer. Sometimes, however, spywares such as keyloggers are installed by the owner of a shared, corporate, or public computer on purpose in order to secretly monitor other users. Spyware programs can collect various types of personal information, such as Internet surfing habits and sites that have been visited, but can also interfere with user control of the computer in other ways, such as installing additional software and redirecting Web browser activity. Spyware is known to change computer settings, resulting in slow connection speeds, different home pages, and/or loss of Internet or functionality of other programs.

Removal

Unlike anti-virus software you can install more than one anti-spyware program. Some recommended software is:

In all cases, the definition files must be updated manually.  Note that this is not an exhaustive list, there are others available.