CNS Navigation Bar

Malicious Code

Back to UTORProtect Page

Malicious programs, often referred to as "Malware" includes computer Viruses, Worms, Trojans, Spyware, and other programs written specifically to spy on network traffic, record private communications, execute unauthorized commands, steal and distribute private and confidential information, disable computers, erase files, etc., etc.

Some programs, such as Kaza, Napster, and others, although not intended to compromise computers, expose computers they are installed on to attacks from hackers. This section addresses the various types of malicious programs.

Bullett Viruses
Bullett What Can Viruses Do?
Bullett How Does Anti-Virus Software Work?
Bullett Worms
Bullett Trojans
Bullett Spyware
Bullett Best Practices


The threat of virus infections has increased dramatically in the past three to four years. Before the advent of e-mail attached viruses, virus were spread through exchange of infected media and this limited the potential damage that a virus could result in. When e-mail borne viruses appeared on the scene, the threat increased considerably. The sophistication of virus code has also contributed to the problem, as has the popularity of the Internet. Now viruses spread much faster and can potentially cause more damage than in the past.

In the past, a virus infection could result in loss on data on the infected computer and the inconvenience created by corrupted software on the infected machines. New forms of virus code have added the threat of loss of confidential information and individual privacy.

Computer users are well advised to protect their computers from the threat of virus infections. Many organizations now require that their users use virus detection programs. The University, through its program that makes virus software available at no cost to the University community has made virus protection a de facto requirement for all users connected to University networks, whether on campus or off campus. Users who fail to protect their computers may be prevented from accessing University networks and services available through those networks.


What Can Viruses Do?

The possibilities are almost limitless, but viruses can: erase data on your computer; encrypt files; delete directory structures; prohibit you from using your computer; send files stored on your computer to contacts in your address book without your knowledge; and much more.


How Anti_virus Software Works

The anti-virus program contains a database of virus signatures (strings of code that identify a virus program, much like a fingerprint). These signatures are utilized by the anti-virus software to identify files that may contain a virus. When the anti-virus program searches for viruses, it lets you know when it finds a match. The anti-virus program can look for viruses in files that you open, copy, save, or modify. It can also block harmful files that you unknowingly download from the Internet and can scan your email attachments before they are downloaded on your computer.



A worm is a self-replicating virus that does not alter files but resides in active memory and duplicates itself. Worms use parts of an operating system that are automatic and usually invisible to the user. It is common for worms to be noticed only when their uncontrolled replication consumes system resources, slowing or halting other tasks.



A Trojan horse is a program in which malicious or harmful code is contained inside apparently harmless programming or data in such a way that it can get control and do its chosen form of damage, such as ruining the file allocation table on your hard disk. In one celebrated case, a Trojan horse was a program that was supposed to find and destroy computer viruses. A Trojan horse may be widely redistributed as part of a computer virus.



Spyware is programming that is put in someone's computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program. Data collecting programs that are installed with the user's knowledge are not, properly speaking, spyware, if the user fully understands what data is being collected and with whom it is being shared.


Best Practices

  • Install a copy of the Symantec anti-virus program on your computers and make sure that the software is always up to date.
  • Make sure that your anti-virus software is always running and that it is set up to automatically start up when the computer is rebooted.
  • Before clicking on any e-mail attachment, make sure that the attachment is something you were expecting - do not blindly click on any attachment. Scan for viruses before opening the attachments even if you know the source.
  • Before using media given to you by someone else, scan it for virus infections. Viruses can be transmitted on all readable media including diskettes, CDs, USB memory cards, and other types of memory media such as SmartMedia.
  • Scan all files you receive as e-mail attachments before opening them.
  • Configure you anti-virus program for maximum protection.
  • As a general rule, you should only download files from trusted sites.
  • Back up important files regularly.
  • Password-protect shared directories.
  • Make sure that your Operating System and any software you use is up-to-date. Install patches made available from vendors of your software.
  • If you receive an e-mail about a virus from a friend or colleague, do not forward it to anyone. More often than not, these messages turn out to be a virus hoax. These virus hoaxes cause a lot of unnecessary use of resources when users blindly forward such messages to all their friends and colleagues.

For more ifnormation on computer viruses visit the Computer Security Administration Web Site.



All contents copyright University of Toronto 2000-2003
This Site is maintained by the Computer Security Administration Group
Comments & Questions