North Island Distance Education School


Malware - Got You Down?

June 7, 2012

A common and growing problem these days is the ever-increasing prevalence of viruses, worms, trojans, spyware, bloatware and other forms of  malware, all of which can have detrimental effects on your precious computer systems.   It used to be fairly easy to avoid such threats, however they are becoming increasingly  sophisticated and devious and are subsequently much more difficult to avoid.  There are a few precautions you can take to help significantly reduce your risk of infection and potential damages, though there is still no guarantee that your computer won't become affected at some point.

Anti-Virus Protection:
A good, dependable anti-virus package is absolutely essential.  Though many Apple users believe they are immune from such threats and don't require protection, the recent Flashback virus pandemic that specifically targets Apple computers has proven otherwise. 

There are several excellent (and not so excellent) anti-virus packages available, some are free for download, but most packages require a yearly subscription if you want full automatic protection.  We suggest you comparison shop and obtain the most suitable anti-virus software for your budget and needs.  However, keep in mind that even the best anti-virus packages will not always detect and protect your computer from all threats.  Also be aware that an increasing number over-bloated anti-virus packages (sorry, we can't mention them here) tend to tap-out all of your system resources, resulting in drastically reduced system performance.  We recommend looking for anti-virus solutions that feature "small CPU and memory footprints".  Also be wary of the auto-renewing of your anti-virus software's annual subscription, which is often enabled by default.  Quite often auto-renewal fees are significantly more than repurchasing the product.  It is a good practice to annually cross-compare performance reviews of the various leading anti-virus packages in the weeks leading up to the expiry of your anti-virus package's subscription, in the event a better anti-virus package becomes available or at a better price.

Freeware & Trialware Anti-Virus Packages:
There are a number of free anti-virus and malware products available for download off of the net, however you typically have to manually initiate virus scans with these packages, unless you optionally pay for the full package.  Just remember, if you go with one of these free solutions, you will need to manually update and initiate scans of your system on a regular basis.  Also be aware that some of these free or trialware scanners will advise you if your computer becomes infected, but require you to purchase the full product if you want them to also remove the infection.  Scanning is typically best done when your computer is not being used, as performance can sometimes lag somewhat as a result, depending on the anti-virus package chosen, the scanning options enabled and the available system resources on your computer.   It is also good to have a few of these freeware scanners on hand, as no one package will typically catch everything that is out there on the loose.
Ensure that whatever package(s) you use protect against both virus and malware threats.  Malware is somewhat different from viruses, in that it requires your permission to infect your computer.  Because you inadvertently authorize malware to run on your computer, you effectively bypass your anti-virus package if it is not malware capable.  Just remember to always think and check if necessary before you load "Free" stuff onto your computer.  Ask yourself;  Why is it free?  Where is it coming from? Is it mainstream and from a legitimate software vendor?  Do you trust the source site?  Do you really need it?  
An increasingly common tactic for spreading unwanted bloatware is to install 3rd party utilities, search bars and other garbage by default when installing legitimately required software.  When installing new software, always be on the sharp lookout for pre-activated "sign-up or install" check-boxes (typically found at the bottom of the screen) in order to avoid unwanted bloatware and spam-mail.  I frequently will find 4-5 redundant search/tool bars loaded into people's browsers, to the point they have insufficient real estate remaining in their browser panes to properly display the websites they are attempting to view.  Also keep in mind that all of this "free stuff" is eating up your precious CPU cycles and system memory.   If you find your computer is becoming really sluggish, you may wish to go into your Control Panel's  Add/Remove Software icon and properly uninstall any useless or unneeded bloatware. 

One of the most notorious places on the web to pick up viruses and malware is on peer-to-peer (P2P) sharing networks, which should be used with extreme caution if at all.  Also try to avoid websites which are suspected or known to be questionable.  Recently, legitimate social networking and on-line chat applications have been increasingly targeted by viruses and hackers, so be aware, stay informed and take appropriate precautions if warranted.
Sharing Files:
Another common source of infection is USB keys.  If you are unsure of where or what other computers a USB key has come from, you may wish to avoid plugging it into your computer, particularly if you do not have adequate anti-virus protection in place.   It is also advised that you configure your anti-virus software to automatically scan any USB or other external data sources as soon as they are connected to your system.  Should your system become infected, ensure that you complete a full scan before sharing any files via USB, e-mail, network or other means.  Otherwise you may end up infecting someone else's computer, which may not make you too popular with them.

Avoid opening unsolicited e-mails from suspicious sources, particularly if they arrive with suspect attachments, which you should definately not open unless you first confirm that it is safe to do so.  If a friend or associate's computer becomes infected by a worm it may auto-forward itself from their e-mail address to everyone listed in their address book without their knowledge.  So if you receive an unexpected e-mail with a suspicious subject line or attachment from a known contact, you may wish to contact them first to confirm if it is legitimate or not before opening it. 

Most legitimate banks, software companies and other reputable businesses will never request sensitive personal or financial information through unsecured e-mails, so never respond to such requests unless you can first confirm with the sender that it is a legitimate request.  Even still, sending sensitive or confidential information via e-mail is never a very good idea. 

Try to avoid forwarding hoax virus warnings to all of your e-mail contacts.  If you recieve one, first check it for legitimacy at before you forward it and potentially embarrass yourself. 

Phishing Tips:
Some malicious websites masquerade as legitimate or respectable sites in an attempt to fool you into providing them with sensitive personal or financial information, (ie. credit card info).  This is commonly referred to as "Phishing".   Luckily, many browsers and most anti-virus products now offer anti-phishing filters to help ensure that who you think you are making a web transaction with is actually who they claim to be.  Ensure your phishing filter is enabled to help protect against fraud and identity theft. 

When making web-based personal, confidential, business or financial transactions, it is best that you first ensure the site is properly secured.   Your browser should display a closed padlock icon on the status bar and the site URL should start with https:// if it is properly certified and secure.  If so, all internet communications between you and the secured site will be encrypted and thus indecipherable to anyone who might intercept the transaction.

It is also worth noting here that Microsoft (nor anyone else) remotely monitors your computer for problems or viruses.  In the event you should ever get a phone call from someone claiming as much and requesting permission to remote into your computer to fix it, which is an increasingly common phone phishing scam, you are best advised to decline their offer and hang up.

Ensure that your computer hardware, operating system, security software  and applications are all kept up-to-date with the latest security patches and drivers from a legitimate and trusted source on a frequent basis to better protect you and your computer against potential threats.  (ie. Microsoft's Windows Update)

As no anti-virus solution can provide 100% protection, get in the habit of backing up your critical files regularly to a reliable external source.   This may be as simple as copying your data to a CD/DVD or USB key.  Or you may wish to invest in a portable or external drive if your data storage requirements are more significant.  Also ensure that you create and occassionally update your computer system's emergency recovery disk (set).  This will backup your computer's critical system settings and configuration in the event they should become damaged or corrupted by a virus or drive error.  This can be easily accomplished on Windows-based systems using the Backup utility that can be found under:  Start\Programs\Accessories\System Tools.   Just launch Backup and run the Automated System Recover Wizard (ASR) to create your emergency disks.  You can also use this Backup utility to schedule regular automatic backups of your valuable data to an external source.

If your computer unexpectedly starts acting suspicious or unusual, particularly if no known changes or updates have been recently made, your computer may possibly be infected.  (That or it's broken.)  If you believe it may be infected, stop and save everything and scan your computer ASAP.  In the event unknown or unexpect applications or dialog boxes appear, use your Task Manager to close them.   If that fails, turn off your computer ASAP.   If the virus or malware disables your Task Manager and/or shutdown button, you may have to manually turn it off or pull the plug in extreme circumstances.  Try to avoid interacting with or clicking on suspected malware applications in any way, (including the red X "Close" button in the upper-right corner of the malware app's window) as doing so will more often than not trigger or activate it.

Some Common Possible Indicators of Infection:

- Unexpected warnings, pop-up boxes, apps, photo-bombs, threats or suspicious messages
- Browser's default homepage is changed to unwanted new site, search engine or is blank
- Bogus "Security Center" warnings of multiple virus infections by unknown virus scanners
- Your anti-virus software is unexpectedly disabled or removed.
- CD/DVD drawer won't stay closed
- CD/DVD suddenly becomes inaccessable
- Your browser suddenly becomes inaccessable or extremely limited in function 
- Internet access is suddenly disabled  (though internet service is confirmed to be still functioning)
- Task Manager won't launch
- Shutdown icons are disabled
- Webcam or microphone keep turning on by themselves
- Computer suddenly freezes or becomes unusually slow
- Unusually high hard-drive activity (thrashing sound) despite little computer activity and ample free drive space
         * Note:  An active background virus scan can also cause extremely high disk drive activity
- Your mouse or desktop exhibits signs that someone may be accessing them remotely
- Sudden onset of strange, unusual or other undesired behavior

Note that many viruses, spyware and malware leave no indication of their presence and typically remain undiscovered until a (full/deep) virus scan is run.

Finally, a good rule of thumb when it comes to suspicious or potential threats is; "If in doubt... Don't!" (without checking first).

Safe Surfing...

Go Back

Comments for this post have been disabled.