What is a computer virus or malware and how did I get it?

There are three terms that get used for unwanted software that is on your computer: junkware/bloatware, viruses, and malware.  There is also social engineering scams that I will discuss in the section on viruses.

People usually will bring us a computer because it is “running slow”.  Many times it is bloatware or viruses that are causing the problem.  Sometimes the computer will not work correctly or at all due to a virus or malware  infection.

 

Apple computers (Macbook, Macbook Pro, iMac) are sometimes said to not get viruses.  That is partly true.  Since the Apple OS is on only 2% of computers in the world, the bad guys write bad stuff primarily to target the primary OS ie Windows.  But we do get Apple computers here that run slower due to both junkware and malware.  I will give you a working idea of each of these and how to avoid them:

Junkware or bloatware is software programs that are done by legitimate companies for advertising purposes.  The only harm they cause is to slow down your computer and take up a small amount of your system memory.  Let me give a few examples:

–          When you install an HP printer, the normal install will add several extra small software programs to your computer.  When your printer runs low on ink, a small program will trigger a popup that will advise you that you are running low on ink and offer a link to purchase ink directly from HP.  Since HP sells printers near cost, they need to sell you the ink to make a profit rather than having you go to Rapid Refill or Cartridge World.  There is nothing wrong with this software and some may find it helpful.  If you didn’t want it installed, you would normally need to do a custom printer install.

–          When you purchase a new computer, there will normally be at least a half dozen icons on the screen offering you a free trail of an antivirus and other programs.  The manufacturer and reseller   (HP & Best Buy for example) added these programs since the software maker is paying them a few dollars for every PC that goes out the door with these icons. They are the primary way that some products are sold.

–          My last example is when you do a software upgrade of a free product from Adobe for example.  They will often ask you to “agree” to the legal terms and conditions.  If you scrolled to the very bottom of that small font legalese – you would find an offer to also add a toolbar to your browser. AND THE BOX IS ALREADY CHECKED!  So for the 98% that don’t scroll to the bottom of this list – they find the upadate also installs an unwanted toolbar.

All of these programs do not harm your computer but they will slow it down.  One is not a problem, but we often see people come in with 50 of these processes running on their computers.  Each little program uses up cpu bandwidth and system memory.  The result is that there isn’t enough free cpu bandwidth and system memory to do what you want the computer to do and therefore it runs very slow.

I recommend to folks to remove unneeded programs on new computers and to be very careful when adding new programs or allowing updates to occur to insure that you are only getting the things you want and no a lot of extra  garbage software.

I will mention that computers sold by Absolute Computers come with no junkware.  If you would like us to install a free trail of a specific piece of software, we will do that happily but to have several free trails for different anti-virus programs is pointless.

A computer virus is a malware program that replicates by inserting copies of itself into other computer programs, data files, or the boot sector of the hard drive; when this replication succeeds, the affected areas are then said to be “infected.  Viruses often perform some type of harmful activity on infected hosts, such as accessing private information, corrupting data, displaying political or humorous messages on the user’s screen, spamming their contacts, or logging their keystrokes. “  (Thanks to Wikipedia for the above definition! )

These software programs are created by non-legitimate companies for several reasons. A common reason is to turn your computer into a “botnet” which means it will generate tens of thousands of spam emails per day that are released onto the internet offering to sell Viagra for great prices. Or emails that threaten folks that their computer is infected with a virus, their bank needs their banking information, their wire transfer failed, there is a problem with their student loan or they are be notified by paypal about a problem with something they sold on eBay.  In almost all cases, the sender offers to fix the problem if the person calls the listed phone number or sends the requested information to the specified email or web site.      In addition to not being a nice internet citizen, if your computer is sending a lot of spam – your internet provider may disconnect your internet access. There are other viruses that attempt to spy on you or steal your information.   Note that if you get an email that suggest you have won a million dollars or need to resolve an issue with your bank – do not click on any links nor should you respond to the email or call the number listed.  If you are worried, look up the legitimate US Mail address or phone number of the company and contact it directly.  Do not use the phone number or email address listed in the spam email.

Note that if you get an email that asks you to send money, send information or to call a phone number from someone that you don’t know.  It is normally a scam.  The trick is that the bad guys use social engineering to encourage you to respond to their request.  If one person in a thousand responds to a spam email, that can be very successful / profitable for the bad guys.  The same is true if you get a phone call from “Microsoft” telling you that your computer has a virus or malware and they are calling to fix it.  First, Microsoft does not do this and second, the guy on the phone cannot link your phone number to the computer on your desk.  (Perhaps the NSA can, but that is another discussion).

So remember that folks calling you or emailing you are just looking for a person to scam.   Many times emails will come from addresses at first glance seem legitimate.  For example, emails from paypale.com / paypaol.com instead of paypal.com , from bofa.com instead of bankofamerica.com or irs.ru (the IRS never communicates via email).  We have had folks get an email “from their bank” with a link to their log in.  They use that link and then type in their account id & password and then get a message saying the server is done momentarily – try again latter.  In reality, they have just given their login information to a crook.

The best way to prevent viruses is to run a good antivirus program.  In particular, Microsoft Security Essentials is good, comes from Microsoft and is free for as long as you use it.  Note that Windows 8 has an antivirus built into the operating system called Defender (it is MSE specifically for Windows 8). So for Windows 8, just enable Defender and that is it.  Note that one antivirus program is very important to use but do not use two! Having two antivirus programs running at the same time is nearly as bad as having none installed.

The last item that I will mention is malware.  Software that disrupts computer operation or gathers sensitive information illegitimately is usually called malware. In many ways it is similar to a virus but technically it does not need to be self-replicating.  However many use a somewhat different definition for malware to denote software that is especially malicious.   There are some forms of software that will do the following:

–          They will remove portions of the operating system and / or disable certain functions including antivirus programs.

–          Many times a virus removal tool will be unable to fix these problems and the only solution is to reinstall the operating system.

–          Malware can be used for identity thief. This is more of an issue for computers used in a business rather than home use. For personal use, you do need to be aware that stealing a particular password is not very difficult.  Therefore you need to use a different password for each account you have – be it Facebook or your bank.

–          A particular bad form of malware usually has the name of “crypto-virus”  or “ransom-ware”. This software will encrypt the data stored on the hard drive and then provide a popup saying that to get the decryption key requires payment to a Swiss bank or some other form of payment that is not traceable.  Normally the bad guys do not provide the decryption key even if payment is made.  We sometimes can decrypt these files but not always.

We have some suggestions on how to avoid getting malware but no methods are perfect.

–          One of the ways people get the most malware is using Facebook!  They will see a cute video and click on it to run.  There will be a popup that says a specific program needs to be updated to run that video and click yes for update.  DO NOT CLICK YES.  Back out of this – it is most likely malicious software using the video clip to lower your defenses.  Go specifically to the web site of the program or device needed updated and do the update there.

–          Some web sites can be so infected that merely by visiting the web site is enough to infect your computer.  Go to only trusted web sites, use Google search and Google Chrome since they provide a certain level of protection that is higher than other search engines and browsers.  Never use a link in an email from someone you do not know.

–          We see a lot of malware infections from people trying to download free music, movies for free or bootleg copies of expensive software.  We have had several people that said they had thousands of pieces of music but constantly are getting reinfected due to the sites having bootleg songs but also malicious software.

The good news is that with the exception of the crypto-virus (which is quite rare),  most viruses and malware will not affect the data stored on your computer.

Normal viruses and malware do not negatively affect the hardware.   Stuxnet was a computer worm that caused the fast-spinning Iranian centrifuges used to create nuclear weapons  to tear themselves apart.  But this was a very directed attack on industrial controllers. Unless you are planning to make atomic bombs, you can usually not worry about a virus causing a hardware problem.

At Absolute Computers, we use a variety of methods to remove viruses and malware.  One of the items in our arsenal is a collection of a dozen different programs to detect and remove malicious software.  Sometimes removing a virus may only take a couple of hours but there are cases where it can take a couple of days.  For a virus removal in our shop, we normally charge for one or two hours of technician bench time since we only charge when we are actively engaged working on the problem.   If we do the work on site,  we need to charge for all the hours that we are there.  Therefore on site virus removals usually cost significantly more.

So remember if you have a virus or if your computer is just running slow, give Absolute Computers a call. Located in Cary, North Carolina – we are convenient for folks in Angier,  Apex, Cary (of course), Chapel Hill, Clayton, Durham, Fuquay Varina, Garner, Knightdale, Holly Springs, Morrisville, Raleigh, Wake Forest and Zebulon.  We have folks that drive here with their computers from Fayetteville, Rocky Mount, Sanford and Wilson. Finally we have people ship us their computers from across the US.

Remember that you can drop off your computer for a free diagnostic which is a description of what we found and a quote for fixing it.  At that point, you can either pick it up for no charge or authorize us to do the repair.