How Did My Computer Get a Spyware Infection?
Posted in Spyware Prevention
In my role as a computer grief counselor, I hear customer after customer cry out “How did I get infected, I’ve got “that antivirus program from the yellow box?” While I’m not going to make this article into a smear campaign about how I don’t like that antivirus program in the yellow box…or the red box for that matter, there are several other lesser known products that I see trojans get past on a daily basis. Keep reading and I’ll tell you the name of the antivirus product that we have come to know as the very best antivirus product available.
Most customers come in with a pretty good idea they have a virus infection. The truth is that only about 3% of the computers we see actually have a traditional virus. Usually it ends up being some form of malware, but not true viruses, but they will all probably make your computer very slow.
Another question I always get is “What can be done to prevent from ever getting infected again?” Those who know me know I will say “Stay off the internet!”. Then I’ll wait a moment to get their usual reaction of disbelief and frustration when they think I am telling them they can never use the internet again. After that I’ll get real about it and say “there is no magic pill you can take for complete protection, it’s going to take a some quality security products (usually paid) and some ongoing education and implementation of spyware prevention tips to keep safe, but it can be done, only it will take some real work”.
But I Use a Very Reputable AntiVirus Product
Even the Very Best AntiVirus Product (which I said I’ll mention later) can’t offer complete 100% protection. But of those that did get infected again after using a good antivirus product, most had let their virus definition subscription expire. After the customer got their computer back from the shop running fast again, they went right back to their same old risky internet practices again, and in time, they let their antivirus program expire. It would only be a matter of time before they got infected again. Many will end up spending 4 times as much to repair their computer than antivirus renewal fee would have been. And ironically, they will still end-up having to spend money for the antivirus renewal fee anyway, and maybe even more if their subscription lapsed past the renewal grace period.
I Didn’t Download Anything, Really I Didn’t!
You don’t have to knowingly and intentionally download anything from the internet to get infected. In fact, it is lack of action that makes getting infected easier. Most computers we check-in are missing years of Windows Security Updates and either have no antivirus or expired virus protection making them very vulnerable to exploits that don’t require any action from the user other than just visiting a malicious web site. There was a past study about the safety of searching the internet by Ben Edelman (a reputable anti-spyware expert), and Hannah Rosenbaum (McAfee Site Advisor research analyst) that revealed what we pretty knew already…that searching the ‘net can be dangerous. These experts found that many of the search results from popular search engines would often contain links to spyware and malware serving websites, especially the paid sponsored links.
For this study, they used almost 1400 popular keywords to determine whether the organic (non-paid) and sponsored (paid) search results led to malicious sites. By using the most popular search engines such as Google, Yahoo, MSN, AOL, and Ask.com, the study revealed that about 8.5% of the sponsored search results led to web sites that distribute malicious parasites, host drive-by exploits, or gather email addresses for spam. About 3% of the organic search results were found to be harmful.
The Most Dangerous Keywords to Search
The worst keywords were “free screensavers, bearshare, winmx, limewire, music download, and kazaa”. For example, 64% of the results for “free screensavers” linked to malicious web sites. They also noted that specific keywords used for searching the names of celebrities, singers, and bands also led to dangerous web sites.
Are Some Search Engines Safer than Others?
Actually, the study showed that the safest results were produced by MSN, which served up only 3.9% of malicious links, and Yahoo! with 4.3%. AOL and Google were in the middle with about 5.3%, with the worst being Ask.com, which served up 6.1% dangerous links.
The internet can be a jungle, and every computer user should be wary about the websites they visit when choosing these sites based on search engine results. There are just too many sites trying to deceive unsuspecting users. These malicious sites span over a wide range of content areas, keywords, and business models. The fact is that there is no simple answer about how to stay safe on the internet. Actually, the “concept” about how to keep safe is simple, actually “doing it” takes some education. Don’t count on the search engines to filter out the bad stuff, because search result rankings do not reflect site safety. And always be on guard when visiting paid search engine advertisers.
Why are There So Many Infected Websites?
There are “real people” behind these malicious web sites and they want to infect as many computers as possible to reach their goal. Their goal is almost always about money, whether they trick you into directly spending your money at one of their internet sites, through spam marketing, or worse yet if they manage to steal your financial information. But the money they make doesn’t have to come directly out of your pocket, maybe they just want to remotely control your computer without your knowledge so they can hide and do their dirty work to others. It must be a very effective way of marketing or they would have stopped by now. Marketers do business where the people are, or in this case, where the internet traffic is. While any money you spend might get you just what you wanted…for a good price…delivered right to your door…and on time, it might also be for a Fake Antivirus Program that crashes your computer. Whichever the case, every time they get paid just helps them to keep promoting their deceptive tactics that will eventually harm someones computer. It would be better for us to avoid their websites all-together. You wouldn’t go into a real store if you knew the business was using deceptive advertising to sell you cheap knockoffs would you? Nothing good comes out of doing business with these guys.
What Are the Most Types of Infected Web Sites?
Remember that marketers do business where the people are. So the web sites that attracts the most readers, the most views and the most downloads are good candidates to be peppered with malicious web sites (of course there are many very popular “good sites” out there that are malware free). So what are the bad ones? The answer is usually the same, they are the sites addressing the most recent and the most urgent problems, or the sites with the biggest news. You can also be sure that adult sites, gambling sites, free music downloading, and pirated software sites are extremely high-risk sites as well. Putting aside the morality problem with these types of web sites, you can probably find many alternative spyware safe sites in just about any category if you do your homework. You don’t have to play Russian Roulette with your computer. Sadly after saying all this, I’ll give you the tough-love talk and predict that most of you will eventually get re-infected anyway, because you will eventually drop your guard so you can quickly see that website that had all the answers to life’s problems…only you didn’t check to see if the site was safe or not.
Some of you are probably infected already and just don’t know it yet. Maybe you put too much trust in that yellow box I mentioned earlier, and think everything is fine because it comes up clean. The hidden problem will eventually reveal itself as it gets worse. And then there are some of you who don’t even try to avoid the problem and just factor in the cost of spyware removal as a built-in cost of using a computer on the internet (Yes, some have given up…but there is hope!). With the current economy situation, we thank you for your business, but really, we would rather earn our way by helping you use your computer to the fullest, not by treating it like someone who gets a common cold every year for which there is no cure. Is the key “Prevention”? Yes! Prevention is the Key…The Key is Prevention..Prevention is the Key…, I’ll stop now.
Now that You Believe Prevention is the Key, What Do You Need to Do?
If your computer is already infected, you will save your sanity by just turning off your computer and bringing it in to your nearest reputable neighborhood computer repair shop (not the mega-stores). Small shops are much more concerned with their reputation and will usually have a very experienced technician on-site, whereas the mega-stores seem to be more trained at marketing the solutions instead of actually performing them. They don’t pay as well and probably won’t be able to keep any talented techs for very long, so they usually have a high-turn-over rate for technicians. Not to mention that they have to work in a bureaucratic work environment.
The most common type of infection we see virtually everyday are the Fake Antivirus Programs. The one below called “Antivrus 2009” was particularly difficult to remove. Even when you did all you thought you could possibly do after running hours of running scans and manual cleanup, you could still tell you were infected once you opened your internet browser because it was hijacked. The worst part of this one was that it also caused you hard drive to appear as “raw” and you would not be able to run a chkdsk or defrag. We had to reformat several of these machines until we figured out how to get rid of the rootkit (invisible Trojan) that usually came along with this infection.
To learn about what the Very Best AntiVirus product available is, visit AntiVirusKing.com. It is called ESET Nod32 Antivirus and we have been using it on our computers for over 4-1/2 years so we know that it works.
Visit back next week for the 2nd part of this article, where we will discuss more product recommendations (some are free) as well as some powerful techniques that you must know these days that just might get you out of a jam when you see one of these Fake AntiVirus programs pop-up for the first time. Your next click may make the difference between having to lug your computer into the shop or not. But if it is too late, we may be able to help you recover on your own. We are not going to teach you how to be expert spyware removal technicians, but we can point you to some freeware programs you probably never heard of that are part of our arsenal of secret weapons we use everyday.