How to Fight Malware and Other Internet Viruses

Over the past few years, malware has become a very real threat.  Despite a multitude of software available designed to protect your computer from malicious attacks while you surf the Internet, something inevitably slips through.  Unfortunately, malware creators work more quickly and creatively than the software programmers can to revise virus definition files in order to keep your computer protected.  So, what can you do?

Step 1:  Before Infection (Proactive)

Be sure you are running a real-time malware protection program.  This means, the software is monitoring while you are surfing the web, doing the best it can to block or warn you of any attacks before they infest your computer.If you are running Windows XP, we install Spybot Search and Destroy on your computer to cover the real-time protection.  When it catches something, a small window will pop up titled “Spybot” and will list the change to your system the potential attack is trying to do with an option to allow or deny this change.  PLEASE PAY ATTENTION TO WHAT THIS BOX IS TELLING YOU.  Spybot does a great job, in fact, to a fault.  It will pop up for anything that tries to change your critical system files, which includes software you are purposely trying to install.  If you click deny, your software will not work properly.  So if you are purposely installing software at the time the Spybot warning pops up, double-check the warning and click ALLOW; otherwise, all other times, you most likely will need to click DENY to block real malicious attacks.If you are running Window Vista, we utilize Windows Defender, which comes with Vista.  It behaves much the same way as Spybot, but the warning will come as an icon in your system tray.It is also important to keep Spybot and Windows Defender up-to-date.  Spybot, you have to manually update, so getting in the habit of checking in on Spybot is a must.  If you have automatic updates set on your computer, Windows Defender will keep itself updated; otherwise, you have to manually update Windows Defender as well.  Using out-of-date definition files defeats the purpose of having real-time protection, and your computer will not be effectively protected.

Step 2:  Fighting Infection (Proactive)

If something slips through the real-time protection, for most malware, it is a simple process to remove it.  However, there are some “in the moment” things you can do in order to fight the malware to avoid the whole removal process.The number one thing you can do is to BE AWARE while you are surfing the Internet.  Notice what site you are on.  If and when you get that FIRST popup, STOP what you are doing.  DO NOT CLICK ANYTHING.  This is your one and only opportunity to do something before the malware infests your computer.  Most malware disguises itself as a virus protection program warning you of an attack.  This is why it is important to read what pops up and know what software you are using.  If it does not say “Spybot” or “Windows Defender,” or whatever other malware protection software you are running, then it is not your program and is a malware attack.  The biggest culprit out there is a malware that calls itself “Windows Anti-Virus” or “Microsoft Anti-Virus.”  Windows DOES NOT have an anti-virus program.  This malware is clever because most people see the “Microsoft” or “Windows” tag and think it is safe to click YES when in fact, you do not want to interact with the popup at all.Now, at the very moment you get that first malicious popup, as stated above, do not interact with it in anyway.  Do not even click “No” or “Cancel” because most malware will install whether you click “Yes” or “No.”  Instead, right-click on the start bar and left-click Task Manager.  Select the second tab, “Processes.”  Look for every instance of “iexplore.exe” or whatever browser you are using (Firefox, Google Chrome, etc.).  Left-click on iexplore.exe, click end process, and confirm the end process.  Do this for EVERY occurrence of your browser in the processes list - there will most definitely be more than one occurrence if you are in the middle of a malware attack.  This force kills your browser and the malware attack.  If you are able to do this at the right moment, then you can preempt the malware attack.  If all went well, you can reopen your browser and continue surfing.  DO NOT GO BACK TO THAT SAME SITE.  This is why it is important to BE AWARE while surfing.  Before you kill your browser, make note of what site you were on that tried to infect your computer and avoid that site, or you will just get exposed to the same malicious attack again.

Step 3:  Removing Infection (Reactive)

If the malware is designed well, or you are not able to kill the attack before infection, do not despair, there is software available to remove the malware once infected.  We use Malwarebytes and we install Malwarebytes on every computer we come in contact with.  It is free and works great for malware removal.For most situations, all you have to do is run Malwarebytes, update the definition file, scan, remove the items, and restart your computer.  Malwarebytes is pretty good at prompting you at each of these steps.  If you need additional help, feel free to contact us and after a quick tutorial, you should be able to run these scans by yourself.Unfortunately, there are malware viruses out there that are extremely ingenious and pervasive.  You will know when you have one of these because no matter what automatic removal steps you try, the malware does not go away.  This is evidenced by either the blocking of your protection software and Malwarebytes, Windows crashing, and other anomalies.  At this point, it is time to call in the experts.  However, if it is at this point, the only thing really left to do is to format and reinstall Windows, which is never a fun experience for you, especially if you have lots of data on your computer.  This is why Step 1 and Step 2 above are your only real chances to avoid a system meltdown.

Final Thoughts

Adware and spyware is not going to disappear anytime soon, and browser exploits delivered from rogue sites are becoming more common every day.  It is crucial that you are proactive in your protection before having to be reactive, where most of the time it is too late to completely extract the virus without a format / reinstall.  It also does not help that malware can be very sneaky and insidious in the way it finds its way onto your computer.  Most of the time, however, it requires your interaction, either clicking on something or running something, to set off the attack, so the more aware you are at recognizing potential situations for attacks, the better you will be at avoiding infections.  For more information on how to recognize malware and other viruses, visit our Resource Library at www.usvortechs.com.

Companion Article:  Recognizing Malware