How to avoid malware infections

Antivirus software has virtually eliminated infections from old-school, traditional viruses - the kind that spread from PC to PC. But antivirus vendors are still playing catch-up trying to stop malware, most of which are "blended threats" that combine techniques used by traditional viruses and newer adware and spyware.

These malware programs are different because they infect your computer through your web browser. Once the infection is established, they don't try to spread themselves to other computers on your network. Instead, they disrupt your work, often with pop-ups telling you that your computer is infected and offering to clean the infection if you purchase their antivirus software. Of course, their "antivirus software" is just more of their virus, and paying them will not accomplish anything except give them your credit card number, which they will then use fraudulently.
 

Why do people create this malware, and what are they getting out of it?

The motive for creating malware is simple - people can make a great deal of money from it.

Once the malware has infected a PC, it becomes a zombie, or "bot" and the creators of the software can control it for any of several nefarious purposes. The people who control the swarms of bots, called "bot herders," lease out time on their networks of bots. The people leasing time can use the bot networks to send spam, launch denial-of-service attacks, launch hacking attacks, and to host websites which will generate more bots.
 

How does malware infect computers?

Almost all malware infects computers through web browsers, specifically, Internet Explorer. Contrary to popular belief, you do not have to visit porn sites, or other dark and dingy corners of the Internet to pick up such infections. Some infections can be caused by "drive-by downloads" which can infect your computer simply because Internet Explorer is up and running. Other infections can come through various websites that may have been hacked, or by poisoned ads on completely innocent websites.

What can you do to stop it?

1. Make sure that your antivirus software is installed, running properly, and up-to-date.

2. Make sure that all available Windows updates have been installed. Just run Windows Update from your start menu.

3. Use Firefox as your web browser, rather than Internet Explorer.

During the install process, be sure to set Firefox as you default browser.

Once you have Firefox installed, there are two ad-ons you should install.

The first, called IE Tab, allows you to specify that certain tabs in Firefox should use the Internet Explorer engine, rather than Firefox. This enables you to continue to use websites that do not work properly with Firefox - without having to switch back to IE. You might also want to chastise whoever owns and operates those backwards websites, and tell them to get with the program!

The second, called AdBlock Plus, blocks in-page ads. It is not required, but it makes browsing the web a much more pleasant experience.

If your PC is already infected, what should you do?

If you can still connect to the Internet, you can download, install, update and run MalwareBytes AntiMalware. That is currently (as of July, 2010) the most effective program we know of for cleaning malware from PCs. You can use the free version, which is perfectly effective.

If you can no longer connect to the Internet, call us. We may be able to clean it from the PC by using some advanced tools and techniques. If all else fails, we remove the hard drive from the computer, connect it to another computer, and run antivirus and antimalware scans from that second PC.