<< NOTE: References to some anti-virus application in this article need to be updated. >>
Viruses, Spyware, Malware, Trojans, Rootkits – there are many ways that a computer can get infected. Not all of these are viruses. Some are classified as spyware (stealing your information) and malware (eventually breaks your computer). The characteristic of a virus is that it is made to spread spyware or malware. Trojan's tend to infect your computer without your knowledge or without you realizing what you are doing. Some tend to be harmful while others just demonstrate what could happen.
One of the more popular viruses these days actually infects your computer by posing as an antivirus program. It shows up claiming that your computer is infected. As soon as you click a button, it actually installs the virus and its all downhill from there. One of the first thing this one does is to disable your real antivirus and your firewall. It then proceeds to download additional viruses and install them on your computer. It is a nasty one.
Another popular one these days doesn't actually harm your computer, it just makes it look like it does by hiding all your files. I've never let this one go on to see if it will do anything after that but for someone who doesn't know what's going on, it can be scary to see all the files on your computer disappear.
Some viruses will disable your antivirus/malware protection, they will disable your firewall, they could start deleting files, they could download many other viruses and infect your computer in multiple ways. Some may even create a way for other computers to access the files on your computer and download them without your permission.
By the time you notice things are missing, realize that your computer is running slower than usual, that your computer or applications seem to be crashing more than usual, it is likely that the infection has already been hard at work for some time. Some of these infectious programs are not particularly well written, often containing bugs which have a negative effect on the performance and stability of your computer.
What can I do if my computer gets infected?
If you have any reason to suspect that your computer is infected:
- Don't type any passwords or sensitive information. Some of these malicious programs collect everything you type, especially passwords and send it off to some computer on the Internet where a malicious person will use it to breaks into things like banking, websites, email accounts, etc. Some people don’t even realize they are typing their passwords it has become so natural. For example, each time you go to your website or blog and login, you are entering a password on the Internet. Each time you log into Facebook, LinkedIn, Gmail, Twitter, etc., you are typing in your password and it is being sent over the Internet. By the way, did you know that your email password is sent over the Internet each time it checks for new email?
- Stop using your computer and attend to removing the infection right away. While some forms of infection are easy to remove, others will do everything they can to make the situation worse. The worse it gets, the harder it will be to fix the problem. Sometimes it becomes near impossible and it is actually easier to just re-installing everything on the computer. This should be your last resort as this is often much more time consuming that removing the infection. Many people don't realize just how much time was spent setting up their computer. When you first get it, you install an application here and there every once in a while. When you have to re-install everything at once, the total time quickly becomes obvious. Just re-installing all the security patches and fixes for Windows can take the better part of a day or more depending on the speed of your Internet connection and how busy Microsoft's servers are.
Sometimes, depending on the virus, you can use Windows System Restore to rollback your computer to a time when it didn't have the virus on it. If that works for you, be grateful. Some of the newer viruses tend to infect even the restored version of the file. The good news is that this form of repair doesn't usually affect your information.
When it comes to removing viruses from a computer, my favourite tools of choice are the free versions of Avira and Malwarebytes. In most cases, you can clense the infection from your computer on your own. The following process will get rid of most infections on your computer. Unfortunately, it won’t fix the damage caused by the infection. If you notice anything not working on your computer after you are done, you may need to get some help from a techy (or your kids).
Start by downloading and installing both Avira and Malwarebytes. Do not activate the trial features of Malwarebytes during the installation. If your Internet connection has been broken by the virus, you will need to download these files using a different computer and you won't be able to install the updates either. Unless you've got the latest and greatest virus on your computer, that will have to do.
Scan and clean up the viruses on your computer with Avira first. Then do it again with Malwarebytes. Repeatedly scan your computer with each of these two programs, alternating each time until both report that there are no viruses on your computer. If either of them find viruses on your computer, it may need to reboot. Each time a virus is found, scan and clean the computer one more time with each of the two programs.
Once you have rebooted your computer one last time and both antivirus programs report that your computer is virus free, uninstall Avira. In most cases it is not good to have multiple active antivirus programs on your computer as they can sometimes prevent a virus from being detected by another antivirus program. You can optionally leave Malwarebytes as long as you didn’t activate the trial period.
After removing any virus, check to make sure that your antivirus “real-time” protection is active and that the Windows firewall is too. If it isn't, you will need to get them started again. How you do that will depend on the program you are using.
How can my computer get infected?
There are many ways your computer can get infected. Here is a short list of the most common ways today:
- Opening an email message
- Opening an email attachment
- Going to some websites
- Opening a file someone gave you
- Plugging in a USB memory stick or hard drive that has been connected to someone elses computer.
How can I prevent my computer from getting infected in the future?
The best thing to do is to make sure that your antivirus and malware scanner is always running and up to date… that and avoid questionable websites. For example, you may notice at times that Google flags certain websites as questionable and may contain viruses. That is one way they are trying to help people keep their computers safe.
There are many low cost solutions available. Your Internet Service Provider (ISP) may even offer such a service. While I don’t like to generalize, these services can be more expensive than lower cost solution you can install on your own. For example, Microsoft offers Security Essentials which is free. Although pretty good, it's not the best antivirus out there and, since it is free, doesn't include any support at all.
I know several people and many businesses who use McAfee to keep their computers safe and are quite happy with it. The only down side I keep hearing is that it can have a negative impact on the performance of your computer… which is only a problem if your computer is already on the slow side. Semantic/Norton Antivirus is similar. Pretty good at keeping your computer safe but slows it down. These seem to cost about $40-60 per year. They have security suites versions that can go as high as $80 per year.
I USED TO BE a big fan of AVG and know some people who still are. I don't anymore because at one point newer versions REALLY slowed down my computer although it does provide pretty good protection.
[Note to antivirus developers: Once you lose a customer, it can be nearly impossible to ever get them back. Was it really worth it?]
Personally, I really like Avira. According to an independent tests of antivirus software, Avira has one of the best detection rates (catches almost everything), has a very low impact on the system performance (won't slow your computer down very much), is pretty good at removing viruses that sneak by and is pretty fast. The free version is great but tends to have a lot of notification messages. At about $26 US, the paid version is very reasonably priced and comes with additional security features and live support in the event that a virus should ever sneak by undetected. You got to love it when a company stands behind their product like that.
The down side if Avira is that it can be somewhat conservative. What I mean by this is that sometimes it will identify files as infected where there really aren't. This is called "false positives" and is a side effect of it being so efficient at detecting viruses. Although it rarely happens in more recent versions of Avira, you should still be aware of this.
Malwarebytes is a special antivirus program that I use occasionally. Unlike other antivirus programs, this one can actually co-exist with another antivirus program on your computer because it is only active when you use it manually. The rest of the time it does nothing to keep your computer safe.
If you plan on purchasing an antivirus program, I recommend you start by going to the company’s website. They usually offer a 30 day trial version that you can download and install for free. This way you can determine whether it is easy enough for you to use and what the performance impact will be on your computer before you pay for it.
Prevention is your safest strategy
Keep in mind that there are new viruses coming out all the time. There is no way to protect a computer 100% unless you unplug it from the Internet and turn it off.
Your best bet is to always keep the software on your computer up to date with the latest security patches and bug fixes. Regularly update your antivirus/malware protection software, your firewall, Windows and all of your applications. Many newer applications even come with automatic updates. People who don't keep all of these up to date tend to be the easiest targets for viruses and hackers.
Your computer may still get a virus every once in a while and you will need to deal with that at some point. If you are prepared for that day with a contingency plan, you won't get as stressed out over it.
Practising safe computing which includes:
- Being careful about the kind of people who hang out on the websites you visit
- Having a good quality antivirus and malware program that is compatible with your email program
- Having a good quality malware detection program
- Having a good firewall (the one that comes with Windows XP or later is good)
- Having a tool that protects your computer while browsing the Internet
- Scanning your computer manually using Malwarebytes once or twice a month
- Not opening emails from people you don’t know.
- Not opening email attachments unless you are expecting it (never send an email with just an attachment)
- Disabling the “Autorun” or “Autoplay” feature in Windows for removable USB media devices like external hard drives, memory sticks and cards, CD/DVD drives. This is the feature that makes movies and software to automatically start when you insert a CD, DVD or USB stick. The problem with this is, it can also automatically start-up viruses.
- Finding out and document how to restore your computer back to factory default configuration. This is usually done by pressing a special key before Windows begins to load. This feature will erase everything on your computer so be sure to have a good backup of your files before you do this.
- ALWAYS having a backup of your files and settings. How often? That depends on how much work you are willing to lose if something goes wrong.
- ALWAYS having a backup plan, especially if your business depends on your computer
- NEVER installing games on a computer you use for business. If you play games, have a separate computer for it. If it stops working for any reason, it won’t affect your work.
Regarding this last one, although games aren't dangerous to your computer as long as they are legal and from a reliable source, in my experience they tend to make otherwise great computers unstable. If you make a living from your computer, you can't afford for it to break.
Can my backups get infected?
The short answer is Yes.
Your backup program will copy all of the files, regardless of whether or not they are infected. If you only have one backup, and you just made a backup of your infected computer, it’s not going to help. It is best to have several copies of your backups on a rotating schedule. What this means is that if you have 7 backups, one for each day of the week, and you make a backup each night, you will be able to go back as far as 7 days to retrieve a good copy of your files.
The moment you connect your external hard drive to the computer, any virus could attack it, thereby corrupting the quality of your backups or even deleting them. It just takes a moment for a virus to spread in a computer.
Be Safe or Be Sorry
The bottom line is that it is always better to have a slightly slower computer that keeps your information safe than to run a virus very fast.