First off just like humans have viruses, bacteria, etc, computers have viruses, malware, adware, spyware, hijacks, rootkits, PUP’s and more. Some are easier to remove then others. In my personal opinion and experience Norton and MacAfee does nothing to protect your computer, it pretty much just slows the computer down. When someone calls saying they are getting a bunch of popups and the computer runs slow I assume Norton and MacAfee is already installed.
Fully protecting your computer is difficult to impossible, even with multiple layers of security you will still likely become infected at some point. Almost every time I clean out a computer I get asked how did I get infected in the first place? So here are the common reasons.
Installing Free Programs or Games
When installing or updating a program, you are often prompted to install additional programs that you may not want. Many people simply click next and I agree when installing programs and not reading that this free music player or picture viewer or game requires you install the other programs or else it won’t work. Don’t just click next and I agree when installing software, stop and look at what the program is trying to install. Sometimes it is good to do “advance” install rather than “express” or “easy” as those will ask fewer questions but may come with more than you wanted. DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money.
Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want – this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.
It is very common to clean up computers after “the grandkids” came over, many of these programmers know kids will say yes to everything so that free game they are playing might be the reason your computer is running like it is. I’m constantly removing malware because of games. (Malware is software that is intended to damage or disable computers and computer systems. For example, a fake antivirus program that says you’re infected and won’t leave you alone until you pay for it.)
Downloading any software program, utilities, games, updates, etc can possibly infect your computer. Some of the worst programs are ones that promise to speed up your computer. It isn’t always as easy as running a program to speed up a computer but to many people that easy road can lead to slower computer with even more popups.
Installing plug-ins or extensions.
You are browsing the internet and a Window or advertisements appear that says your computer is infected or the drivers are out of date. Adobe Flash Pro is not real but Adobe Flash is, I recommend only downloading updates for flash at adobe.com and java at java.com. Many popups will get you to install a fake version. How do you know what is real or not. Well it is hard, even I have been fooled before. Beware of sites that say your drivers are out of date and need updated as well, almost always they are fake or a trial that requires payment to work.
Links or Email Attachments
Very common reason for infections will be a link in a email or facebook that may look real but isn’t and when you click on that link you could infect yourself in a second or two. Even when a email comes from someone you know be careful as email addresses can be faked / spoofed. Be cautious when opening an attachment from someone you know, don’t open an attachment from someone you don’t know. A very common email that gets people infected is a fake USPS or UPS tracking email and by opening the links or attachment can lead to problems. If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean. For the casual computer user, you will almost never receive a valid attachment of this type.
Pirated software, music or movies
If you are doing torrents or P2P programs like Frostwire, UseNext or many other methods of “saving money” from not having to buy programs then you are asking to be infected. It is only a matter of time before you are infected, many programs come with cracks in order to install them, many of them are loaded with malware and other stuff. Simply put if you want to avoid being infected every day, week, month then avoid Warez, Crack sites and P2P Programs.
No Antivirus Software
Yes having Antivirus, Malware programs will slow your computer down some at best, a lot at worst. Having no protection is asking for an infection at some point. Even with protection if you click on links and programs then it is a gamble if your protection will detect it in time.
Other Ways To Be Infected
Your browser is hijacked and sending you to sites you didn’t even want. Hijacks and Adware are very common. Not many programs can detect a proxy hijack though.
Do not visit pornographic websites. I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites. I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
When using an Instant Messaging program be cautious about clicking on links people send to you. It is not uncommon for infections to send a message to everyone in the infected person’s contact list that contains a link to an infection. Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
Less Common Reasons
Websites are hacked and infected, I’ve seen where Yahoo.com and other big name sites had Trojans in their ads that AVG picked up and blocked.
Sometimes “Microsoft” will call you or a pop-up says to call this number for support. Many times they are in India and are not legit, especially if they want to remote into your computer. They will often do this, mess up your computer and then charge you a high amount to fix what they just broke or to fix nothing but they give you an impression that it is being fixed.
What To Do When Infected
Call me at 615-332-2844 is what I would prefer you do so it can be done right. Typically 1-2 hours for an average infection removal. I can only guarantee the removal but not against another infection.
I can tell you what programs I use to clean a computer but a majority of time people will google it and download a fake version or other programs will be bundled that will just make it worst. That is why you hire me to come out to remove the popups, malware, etc because I have the experience and the tools to do that. I update my cleaning tools almost weekly. Once you are infected then downloading true removal tools can be difficult so it is good to have them ready ahead of time.
These are typically the programs I use to clean a machine.
I recommend running the programs in these order.
1. Rkill.exe (This checks for Malware)
2. JRT.exe (This checks for Adware and Malware)
3. Tdsskiller.exe (This is to check for Rootkits)
4. Roguekiller.exe (This checks for a little of everything)
5. AdwCleaner.exe (This is an Adware Program for popup’s mostly)
6. Hijack This (Checks for Brower Hijacks, only select anything that says Proxy Override and any No Name Toolbars)
7. Hitman Pro (This is a 30 day trial, I do recommend buying it though for $25)
8. Malwarebytes (Great Malware and Adware Program, free but recommend buying it so you have active protection $25)
9. AVG – (Free version is great but the paid is even better, recommend buying it $54.99)
Only programs that actually install on the computer and stay there is Hijack This, Malwarebytes and AVG while you have to select the install Hitman Pro option when opening that program install file. The others are simply cleaners that do not prevent anything in the future for protection.
If those fail, then it is good to run a System File Check which looks for corrupt Windows files and repairs them if possible.
Open Command Prompt as an administrator, often referred to as an “elevated” Command Prompt.
Important: For the sfc /scannow command to work properly, it must be executed from an elevated Command Prompt window in Windows 8, Windows 7 and Windows Vista. This is not required in previous versions of Windows.
Once Command Prompt is open, type the following command and then press Enter.
If this fails then the last resort will be to backup your data and do a system restore as in reinstall Windows completely.For a Mac I would recommend AdwareMedic, Clam or another Mac Antivirus and Onyx, Mac’s don’t typically get infected easily but it is becoming more common.
Call Nashville Computer Guru at 615-332-2844 and schedule a time to fix your situation and hopefully this article will help clarify the frustrating world of how your computer got infected.