How to: Identify, avoid and repair malware, viruses, spyware, adware and more
The number of customers walking through our door looking to sell their laptop because it is infected with malware is nothing short of astonishing, while admittedly we have a jaded view of seeing only "sick" computers it seems as though this has become an epidemic. It is also quite common for someone to purchase one of our laptops just to bring it back the next day with well over 10 pieces of very spammy software. From our experience almost nobody understands how or why this software was installed but we think we can help you not only remove this from your computer but eliminate it from happening again in the future. Over the years the internet has become an unpredictable place where dangers to your PC lurk almost everywhere. Often masquerading as software or services you think you need, malware which has many categories; viruses, spyware, adware, scareware, ransomware, worms and Trojan horses can enter your computer unbeknownst to you. The effects of these will range from constant pop ups to locking your system completely. The best way to protect yourself from these threats is to understand what they are and how they operate, often times it's quite easy to steer clear altogether. Now lets explain what each of these types of software truly do: Malware is simply a term for software that becomes installed on your machine and performs unwanted tasks, often for a third party's benefit. A combination of the words "Malicious" and "Software" - Malware programs range from being simple annoyances (pop-up advertising) to causing serious computer invasion and damage (e.g., stealing passwords and credit card information). Additionally, some malware programs are designed to transmit information about your Web-browsing habits to advertisers or other third party interests.
Versions of Malware defined:
Virus - Software that can replicate itself and damage a computer by deleting files, reformatting the hard drive or using up computer memory. Often viruses are disguised as games, images, email attachments, website URLs, shared files or links or files in instant messages. In our store we see less and less of this, as it oftentimes isn't profitable like adware and others can be. Worm - A worm is a type of virus that spreads through your computer by creating duplicates of itself on other drives, systems and networks. One feature that makes worms so dangerous is that they can send copies of themselves to other computers across a network via email, an infected webpage, and instant messages.
Spyware is defined as a malicious computer program that quite literally spies on you. After being downloading onto your computer through an email you opened, website you visited or a program you downloaded, spyware scans your hard drive for personal information and your internet browsing habits. Some spyware programs will contain keyloggers that will record any and all information you enter including login user-names and passwords, email addresses, online shopping habits, your name, age and sex, as well as sensitive banking and credit information.
Adware tracks your internet browsing habits and displays pop-ups containing advertisements often related to the sites and topics you've visited. While this type of software may sound innocent, and even helpful, it is far from something you truly want.
Trojan Horse (Trojan) is a program that represents itself as having a set of useful or desirable features but actually contains damaging code. Generally, you'll receive Trojan horses though downloading games, movies, and apps. Most often these will be "free downloads". Keep in mind, nothing in life is free, if someone gave you a game on the internet you should expect it to be paid for somehow, this is often via a Trojan horse. The Trojan may be a piece of adware (covered above) that has piggy backed along with your new game. Trojan horses are not technically viruses, because they do not replicate. Browser hijacking software - Advertising software that modifies your browser settings (e.g., default home page, search bars, toolbars, favorites), creates desktop shortcuts, and displays intermittent advertising pop-ups. Once a browser is hijacked, the software may also redirect links to other sites that advertise, or simply not allow you to visit sites you've attempted to visit.
Ransomware has become very popular recently for Internet criminals to make money. This malware alters your system in such a way that you're unable to perform basic tasks. Then displaying a screen that either demands some form of payment or informs you there are issues with your computer and you need to call a specific phone number to have the computer unlocked. Access to your computer is literally ransomed by the cyber-criminal. Our experience has shown these criminals are often in far away countries and speak with a thick accent. No legitimate program will ask you to call and pay for anything. Treat this as a red flag.
Scareware is software that appears to be something legitimate, typically appearing to be some tool to help fix your computer but when it run it tells you that your system is either infected or broken in some way. This message is generally delivered in a manner that will frighten you into doing something. The software claims to be able to fix your problems if you pay. Simply stated your computer has no true 'issue', this software will say you have many errors regardless, you become scared and agree to pay the $19.99-$99 typically charged by the software to "fix" your problem (it simply stops telling you there is an issue that never existed). In a real world scenario this would be like a random stranger walking up to you and saying you have cancer, but if you pay him $400 it will go away. You hand him $400 and he says you're cured. You never had cancer to begin with.
Best practices to protect yourself:
Don't download files from unknown sources, including from your email or the web. Use an anti-virus software, this will catch many known malicious pieces of software and can be set to 'always keep an eye out' for you. Scan all new files with an anti-virus software prior to opening. Don't download an attachment (e.g., pictures, games, electronic greetings) unless it's from someone you know. Don't use peer to peer downloading services such as LimeWire and BitTorrent. (yes there are legitimate uses of each but until you fully understand what you're getting yourself into we would advise staying away) Ensure you have a firewall enabled. Windows users make sure "Windows Firewall" is enabled (it is free and already on your computer) Use a trusted internet provider. Don't download any programs from websites you don't trust. If it's free and you haven't heard of it, beware. NEVER allow anyone you don't know very well to remotely control your computer. Having someone you do not know take control of your computer to "fix" it is an excellent way to not only ruin your computer but become the victim of identity theft
Stopping malware starts with you paying attention
Most users believe malware somehow became installed on their computer without their knowledge, many believe it must have been from an e-mail or by visiting a malicious website. While this can indeed be the case we see hundreds of customers literally do it to themselves. In our fast paced world we all download things from the internet, and most of this can be stopped by merely spending a few moments paying attention when downloading and installing software. First ensure you are actually at the website you expect to be downloading from, for example if you're trying to download Skype make sure you are actually at www.skype.com and not another website pretending to be Skype. This is very common for most popular software, making sure you are at the official web page is an excellent way to keep malware from your computer.
Next you'll need to pay attention while running the installer for most software, often times there will be additional software included as an 'added bonus' (see Trojan Horse). This will be pre-selected for installation, if you don't spend a moment reading through each screen while clicking 'next' you may be giving these pieces of software the go ahead. Recently we had a customer come in who had installed Freecell on their computer, they did this by searching "freecell free download" on Google, below is a screenshot of the results, the red boxes indicate the search query as well as the link they clicked. Downloads.cnet.com hosts many thousands of pieces of software we have found numerous times to either include a malicious piece of software or to have sponsored links with blatantly malicous downloads.
After clicking the link the download page was displayed, each red box is an advertisement and is all but guaranteed to be Malware. Notice the "download" buttons on the advertisements are more prominent, most users don't think twice. If you pay attention to the verbiage below them you'll notice "DriverUpdate tool" and "Safe PC Repair" somewhat hidden. Neither of these are the software you were looking to download whatsoever and should be avoided at all costs!
Even if you've selected the correct download button you'll then be taken to the actual download page which is again full of advertisements!
As you can see it is quite easy to fall victim to malware, it is on many of the websites you visit and truly only takes one mistake to start the snowball effect. Many sites have popups that will say your computer is infected with something, "click here" to fix it etc. These will be very convincing and you may find yourself believing they are real. This isn't to say all software is bad, but to show you how spending a little bit of time and slowing down your clicking can save you not only a headache but help protect your valuable data and information from being stolen. Use common sense and compare whatever you are doing on your computer to the real world. People aren't out to genuinely help you, a popup is no different than a door to door salesman with a very convincing argument. Unfortunately on the internet you don't realize what is happening and you think it is a "Police officer" trying to help you. If you've already made the mistake of downloading and installing these pesky programs we've got some tips on how to remove them as well!
How to remove malware
For many of you this guide may be too little, too late. If you've found yourself already infected, pop ups all over your screen or simply a slow running computer with software you've never heard of installed we have a simple solution that may solve your problems. We suggest installing Microsoft Security Essentials, a completely free anti-virus solution direct from Microsoft. There are many options out there and while most like Norton, McAfee and many others do indeed work we feel Microsoft Security Essentials offers very good protection while integrating seamlessly into Windows, no pop ups or slow system scans. It runs in the background and has proven to be very effective for millions of users. Install and run a full system scan, allowing the software to work its magic.
Once finished you'll want to uninstall any software you're not familiar with, keep in mind many will have misleading names trying to trick you into believing they are necessary software. At the end of this blog we've included a list of common offenders we are absolutely positive you can remove with no worries of having a negative effect on your computer. In other words the software on our list is not needed and should be removed. Simply uninstall each piece of software (you'll likely have many) and restart after each is removed. If you're unfamiliar with how to uninstall or remove a program simply click here.
Finally we suggest running Malwarebytes in conjunction with Security Essentials. As we've stated much of the software isn't truly a virus, it is merely malicious software you may have unintentionally installed yourself, thus anti-virus software won't remove it. Malwarebytes will scan your computer for known offenders and does an excellent job removing them. Again these are free pieces of software from very trusted sources and when used together can typically restore a computer to its former glory.
If you've finished the removal of malware and find your internet browser to still be showing numerous tabs when opened or using a search engine you've never heard of follow these steps to restore your browser to its default settings.
Easily and safely install your software
One website has made downloading and installing software very safe and easy, a little known gem on the internet is ninite.com You simply select each piece of software you'd like to install (most popular downloads from iTunes to Skype and both Microsoft Security Essentials and Malwarebytes are available) and it handles the rest. Automatically installing the correct version for your system along while disabling any of the add-on's like tool bars. This has proven to be an invaluable tool for millions of users including NASA and Harvard. We have no affiliation with Ninite whatsoever, you're welcome to use any installation method you'd like but we can assure you they make it safe and easy.
Our list of confirmed malware is constantly updated (please comment with any suggested additions):
File Opener Pro
LPT System Updater Service
Mobile App Sync
Supporter 1.80 (other versions as well)
24x7 Help (IT Resource Center)
PC Optimizer Pro
PC Fix Speed
You should be all set!
Hopefully you've found our tutorial helpful and your computer is now free of malware, popups, adware and more! If you're still having issues or have something to add to our list please comment below. We update our list daily and your input is appreciated!