How to install viruses, Trojans, and other malware
This article takes you step by step through installing a virus, Trojan, or some other malware on your computer.
Now why on earth would anyone want to do that? Of course, you wouldn't, but by taking you through the process you can see exactly what not to do when you come across a malicious or undesirable program when you are using the internet.
It's aimed at Windows users, although there is absolutely no reason why this couldn't happen to Linux or Apple Mac users. There are just so many Windows computers connected to the internet that they are simply a very large target for malware creators. So let's take a look at installing viruses, Trojans and other malware.
The fake email message
Malware can enter your computer through several different means. One of the most common ways though is via email. An attachment to a message contains the payload and the body contains some text that encourages you to save and open the attachment. Another method involving email is where the message contains a link that when clicked, goes to a website and once there, the malicious program is installed on your computer.
In the example we are using here, we have a message that on the surface appears to come from Twitter. Emails are very easy to fake though and this one is definitely a fake, but how can we tell? When the mouse hovers over the Twitter link in the email, the real address is shown in the status bar of the web browser (this is a web mail account, but email programs usually show the real address too). The address is http://inversionescontinent... which is obviously nothing to do with Twitter, but let's click the link and see what happens.
The fake security scan
The web browser window opens when the link is clicked and you get a display like the one below. This is a fake Windows XP display that is intended to look like the My Computer window with a virus scan running. It's obviously a fake when you see it in Windows Vista or 7 because those operating systems look nothing like it. However, it might give XP users a fright.
The best action to take in a situation like this is to close the web browser window. You may find that it won't close though, or it displays a pop-up message asking if you really want to leave the page. Don't click anything on the page or in any pop-up messages. You might have to force quit the browser. Right click the taskbar and select Task Manager, then select the web browser on the Applications tab and end it. You can also right click the browser on the Processes tab and end it there instead. You can also shut down Windows from the Start menu too.
Let's leave it running and see what happens though.
The fake infections
After a few seconds pretending to scan the computer (real anti virus scans take a long time and even a quick scan can be 5 or 10 minutes), a message box is displayed that tells you your computer is infected with viruses. It doesn't matter what you click next and another window appears that lists the viruses, Trojans and other malware on your computer. It's in the style of Windows XP, so it's completely wrong in Vista and 7, so it's easy to see that it is a fake. However, it might fool some XP users.
At this stage, all you are seeing is a clever web page and there's no malware on your computer and nothing has been scanned. As before, the best thing to do is to close the web browser window with the close button and if that doesn't work, start Task Manager and shut it down from there. You might even have to shut down the computer from the Start menu. Let's ignore that advice though and continue.
It doesn't matter whether you click Remove All, Cancel, or the window close button. They all download a malware program to your computer.
Install and run the software
Clicking anything downloads the software and if you don't stop it from running (it's rare not to get some pop-up message asking you to confirm that you really do want to download and run a program), then the malware is installed. It will automatically run every time Windows starts and sometimes it is very difficult to remove.
The fake security tool
The malware could take any form, but a common type is shown here. It's the fake security software. This program pretends to scan your computer and then constantly nags you that you have viruses, Trojans and other malware installed. The messages occur even on a clean computer with nothing on it but a fresh install of Windows. Don't believe anything it says. It's not true. Get rid of the program as soon as possible.
Remove the malware
This particular program was easy to remove. There wasn't an uninstall option on the Start menu and there wasn't an entry in Programs and Features (Add or Remove Programs in XP). However, clicking Start (then Run in XP) and entering msconfig opened the system configuration editor. The program was easy to find on the Startup tab and clearing the tick next to it meant that it didn't start after rebooting the PC. Right clicking the desktop icon showed where it was located on the disk drive and it was then deleted.
Not all viruses, Trojans, malware and undesirable software is so easy to remove. Some fake security software disables msconfig, regedit, Task Manager, and so on. It can remove the file associations for .exe executable files, so you can't run anything, such as anti virus or anti spyware software. If you find yourself in this situation, you can open a command prompt window by clicking Start (then Run in XP) and entering command.com. Exe files might be disabled, but com files probably aren't because they are never used these days. However, you'll find that XP, Vista and 7 still have the old Dos command.com program. After opening a command prompt window, click and drag your security software, such as Malwarebytes Anti-Malware from an Explorer window to the command prompt window and then just hit Enter to run it. This gets around the problem of not being able to click the program to run it because of the messed up file associations.