The University of Edinburgh

• Schools & departments

• Home
• Search IS
• Students
• Researchers & teachers
• Support staff
• About IS
• Services
• Library
• Computing
• Learning technology
• Research support

• University Homepage
• Schools & departments
• Information Services
• Services
• Help and consultancy services
• Help services
• Online help
• Students
• IT help
• Guides
• Preventing viruses

• Overview
• Online services
• Software
• Statistics
• Your own computer
• Where to get help

Preventing viruses

Malware is a general term for malicious software. This includes viruses, adware, spyware, keyloggers, worms, trojan horses, rootkits, and any other program which causes damage or poses a security threat to your computer.

A malware program can do one or several of the following:

• Damage your files and operating system
• Monitor which websites you visit in order to target you with advertisements
• Make the computer unusable, slow and full of unwanted ads and banners
• Log your keystrokes to copy your passwords, credit card details and email addresses
• Send spam email or viruses from your computer
• Put your computer under someone else's control

If you suspect malware

Signs of infection

These are signs that your computer is infected with malware:

• Your computer has slowed down significantly, crashes frequently, or is otherwise not functioning normally.
• Unwanted toolbars have been added to your web browser.
• Pop-up advertisements keep appearing on your computer.
• You are frequently seeing alerts from a program you don't recognise or can't get rid of.

You can also have malware on your computer without any noticeable symptoms.

What to do in case of infection

• Don't connect your computer to the internet or to another computer. This could spread the virus, or expose your computer to more viruses.
• Do make copies of your important files on CD or USB pen. Be careful using them with other computers, as they might get infected from your computer.
• Do run a full scan using Kaspersky Anti-Virus, or your own anti-virus software.
• For help, or to arrange attendance at a free laptop checkup session, please contact IS.Helpline@ed.ac.uk.

How to prevent infection

Your computer is not malware-proof by default, so you need to make it more secure:

• Turn on Automatic Updates for your computer.

• http://windowsupdate.microsoft.com/

• Verify your computer's built-in firewall (or your 3rd party firewall) is running.

• Windox XP Firewall
• Windows Vista Firewall
• Windows 7 Firewall

• Install Kaspersky Anti-Virus, our anti-virus software for Windows, free to staff and students. You are free to use your own anti-virus software, but it must be set to regularly update its anti-virus information over the internet.
• The Internet Explorer browser is more often targeted by malware than competing browsers such as Mozilla Firefox, Google Chrome, or Opera. However the choice of browser alone will not give you any significant advantage.

Good practice guidelines for avoiding virus infection:

• Never open unsolicited e-mail attachments, even from people you know. The attachment may have been sent by malware on their computer - the messages are designed to get you to click the attachment ("Check out what I found").
• Don't download "free ringtones", "free smileys", and toolbars unless from a source you know and trust. Many of these freebies contain malware. Also avoid dubious music and file downloading sites.
• Avoid clicking on pop-up advertisements - close them instead.
• Download files only from reputable sources. Read the license agreement before you install new software.
• Peer-to-peer filesharing programs often come bundled with malware.
• Avoid malware masquerading as anti-spyware. If in doubt: Before you install a program, make sure it is genuine e.g. by searching for the name of the program in a search engine.
• If at any time you see a message asking you to allow a program to run: If you recognise the program or you were doing something on the computer which likely caused the message, say yes. If you were just browsing the web when the message appeared, say no.

Have backup copies of all your important files, as well as a Windows installation CD. In some severe cases, rebuilding the computer is the only way of dealing with the infection.

Using anti-spyware programs

Unlike anti-virus software, it is safe to install more than one anti-spyware program on your computer. However, only some serious infections need to be dealt with using several spyware removers. If you know the name of the malware that is infecting your computer (e.g. Vundo), you can search the sites linked below for specific advice on removing the infection.

Kaspersky has an anti-spyware component, so it shouldn't be necessary to download additional anti-spyware programs. However, as it is impossible for a single program to defend against all possible spyware, in some cases it might become necessary to download additional programs.

A number of free anti-spyware programs are available. As with anti-virus software, you will need to keep these programs up-to-date and run regular scans to ensure that your computer stays free of spyware. Programs described as 'anti-spyware' will typically deal with all types of malware except viruses. However, never install a spyware removal program on your computer unless you have verified that it is genuine. Many free 'anti-spyware' tools that are advertised in pop-ups and banner ads on the internet are themselves malware, and should not be downloaded.

The following are genuine, free spyware removers available for Windows computers:

Malwarebytes Anti-Malware

• http://www.malwarebytes.org/mbam.php

Super Anti-Spyware

• http://www.superantispyware.com/superantispywarefreevspro.html

Lavasoft Ad-Aware

• http://www.lavasoft.com/products/ad_aware_free.php

Spybot Search & Destroy

• http://www.safer-networking.org/en/home/index.html

Windows Defender (Windows Vista computers come with this program already installed)

• http://www.microsoft.com/athome/security/spyware/software/default.mspx

Obtaining Kaspersky Anti-Virus

The University holds a site licence for Kaspersky, which means staff and students may install it on their personal machines free of charge. You can download the installer program from our website:

• Download Kaspersky Anti-Virus

If you do not already have a virus scanner you should not connect your computer to the internet. If this is the case, please visit a University networked computer, download the program to USB stick or CD, and transfer it to your computer this way.

How Kaspersky works

Kaspersky automatically works in the background, comparing anything running on your computer against a list of known viruses. Kaspersky will keep itself up to date with the latest anti-virus information and you won't need to manually update it. Apart from the automatic background scanning, a full scan combs the whole disk for viruses. You should manually start off a full scan once a week, or if you think your computer is infected.

Mac users

Please visit our pages on Macintosh anti-virus software:

• Mac anti-virus

Further reading

• Types of malware detected by Kaspersky
• University of California paper on the Torpig botnet

This article was published on Aug 5, 2010

• Terms & conditions
• Privacy & cookies
• Website accessibility
• Freedom of Information Publication Scheme

Unless explicitly stated otherwise, all material is copyright © The University of Edinburgh 2013.