Guide To Removing Malware From Your PC

By October 6, 2015 Antivirus

Guide To Eliminating Malware From Your Computer

Welcome to this exciting article about removing malware from your computer. Malware can actually be removed from your computer quite easily in most cases. However, sometimes diagnosing a computer fault can be pretty hard, just as can repairing a laptop screen. As a well established computer repairs Brisbane company, we encounter malware on a daily basis. Read on and get up to speed on malware and how to remove it. If you feel you are uncomfortable with the details outlaid below. Please contact us for computer repairs services anywhere in Brisbane.

Also known as malicious software, malware is a software that disrupts computer operations, steals sensitive information or illegally gains access to computer systems. A malware acts against the requirements of computer use. It is this malicious intent that defines malware.

Often referred to as computer contaminant, malware can appear as an executable code, script, active content or software. Under this umbrella of malware are computer viruses, worms, malicious BHOs, keyloggers, Trojan horses, ransomware, dialers, rogue security software, spyware, scareware, and adware among many other malicious programs. It will more often than not be disguised or embedded in other programs that are not malicious.

Telling whether your PC is compromised or not isn’t always easy owing to the ever increasing complexity of malware codes. Today’s technology allows a cybercriminal to develop a sophisticated code and conceal it and its activities such that even the best commercial antivirus might miss it entirely. Nonetheless, this article will guide you through an elaborate way of identifying and eliminating malware from your computer.

 

Why Malware Exists

Most infectious malware programs such as the first internet worm were written either as an experiment or prank. However, with time, commercial, professional or merely malicious motives motivated the development of most of today’s malware. Black hat hackers and governments may, for instance, may use malicious software to steal financial, business, personal and other forms of classified information.

Malware broadly can be written to achieve one or more of the following objectives:

  • To disrupt operations in a computer system or network
  • To gather guarded information from governments or corporate websites
  • To steal personal information such as identification details, bank or credit card information and passwords
  • To take over or control a computer in a maneuver that changes the computer into a zombie computer that can be used to send email spam, hold contraband data such as child pornography or to distribute various forms of extortion attacks.
  • To monitor online activity of the victim
  • To display unsolicited advertisements
  • To redirect affiliate marketing revenues
  • To generate money for the creator through what is known as click fraud
  • For malicious sabotage of systems such as shutting down critical systems, destroying crucial data or a phenomenon known as computer killing in which master boot records are corrupted, and computer systems shut down.

 

Interesting Facts about Malware

  • In 2008, Symantec published a report that stated that the release of malicious codes and programs may be surpassing the production of legitimate beneficial software.
  • The internet is the primary pathway for distribution of malware from criminals to their target; primarily through email and the World Wide Web
  • In May 2011, Microsoft reported that for every 14 downloads from the internet, one may contain a malware
  • In March 2010, Shaoxing, China was named the world’s malware capital
  • Entrepreneurial hackers monetize malware by selling them and offering access to target computers for a price
  • All mobile apps have vulnerabilities that malware can exploit
  • It’s estimated that as many as 600000 Facebook accounts are compromised daily

 

The History of Malware

Before the internet became a worldwide phenomenon, malware was spread to personal computers via executable boot sectors on floppy disks. Apple II and Macintosh were the earliest targets of computer viruses. The dominance of IBM PC and MS-DOS system propelled further spread of computer malware. These were mainly computer viruses that were spread through exchange of software or bootable floppy disks and thumb drives.

Worms, infectious programs that are network-borne did not actually originate from personal computer; they came from multitasking Unix systems. The famous Internet Worm of 1988 infected SunOS and VAX BSD systems. Unlike previous computer viruses, worms did not insert into other programs but exploited security vulnerabilities in network server programs after which they would start running themselves as separate processes.

The 1990’s saw the rise of Microsoft Windows and the flexible macros of its programs. Consequently, infectious codes could be written in the macro language of Microsoft Word and other similar programs. Thus, new macro viruses were born which could infect documents rather than executable (programs)

Today’s worms work just like the 1988’s Internet Worm and mainly infect Windows OS. Few may attack Linux and Unix systems also. Worms spread incredibly fast; for instance in 2003, the SQL Slammer infected thousands of computers in minutes.

 

Top Malware Incidences From Across the Globe

  • In November 2014, a malware called wiper was reported as having been used to hack into Sony Pictures Entertainment. The hack led to leaking of data including unreleased Sony films, personal employee data and emails between employees among other things.
  • In May 2000, the ILOVEYOU worm was generated in the Philippines and spread westwards to the rest of the world. Within 10 days, it had caused over 50 million infections, and about 10% of all computers in the world that were connected to the internet were affected. It went down in history as one of the world’s most dangerous PC related disasters.
  • When it was first discovered sometime in mid-2010, Stuxnet was unlike any virus or worm ever discovered. It thus went on to be labeled the world’s first digital weapon. Unlike its preceding malware, Stuxnet did not hijack computers or steal data; it wreaked physical damage on computer-controlled systems and machines.
  • In 2012, Blackhole Exploit Kit became the most prevalent web threat. This malware delivers a malicious payload to computers. It was created and released by an underground hacking forum in Russia. In April 2011, a Blackhole Exploit Kit attack was executed on US Postal Service RIBBS
  • In January 2010, Google admitted to being a cyber-attack victim. The attack with affected over 20 big companies is said to have originated from china. The Malware named Aurora gave the attackers access to major high-tech security and defense contractors companies. The attacker could then modify source code priorities in the target companies. This attack named Operation Aurora saw tension build between China and the US.

 

Common Forms of Malware

 

There’s an incredible amount of malware out there. For each malicious program out there, there could be various malicious functions and sub-classifications. Nevertheless, here are some common malware that you ought to look out for.

  1. Computer Virus

Viruses proliferate and propagate in a manner almost akin to biological viruses. They infect other files and copy themselves. It then inserts itself into other programs and files. Once inside your computer, a virus can do many things including data corruption, damage, and deletion. Almost every virus has three parts:

  • A replicator that helps the virus propagate
  • A concealer that hides the virus from anti-malware software
  • A Payload which is coded to execute the malicious activity of the virus

Common viruses include the W32.Sens.A, W32.Sality.AM, and W32.Dizan.F.

  1. Computer Worms

Worms and viruses share various similarities, but the major difference is that a worm propagation and spread is independent of other programs or executable. It spreads on its own accord over a network. Therefore, unlike a virus the worm is a standalone malware that does not require an infected program to spread. Worms leverage on network vulnerabilities to propagate and has 5 major components;

  • A penetration tool that helps the worm gain access into a computer network
  • An installer the transfers the malcode to the victim
  • A discovery tool that helps the worm discover new computers on the network
  • A scanner that assesses the vulnerabilities on newly found computers
  • A payload this is the malcode within the worm and infected computers

Worms are notoriously prolific; examples include the Morris Worm of 1988 and Conficker worm.

  1. Trojan

Also known as a Trojan horse, this is a malware that usually disguises itself as a legitimate program or file. Once installed in a computer, a Trojan allows other third parties access to the computer while running in the background. They can be a gateway for other malicious programs to enter a computer. Trojans neither copy themselves onto other files nor do they spread over a network.

Usually, a Trojan will use various techniques to cloak and conceal a destructive payload from detection by antimalware programs. Some of the concealment methods used by Trojans include:

  • Use of Polymorphic codes that alter the signature of the malware faster than it can be detected by defensive malware
  • Corruption of installed anti-malware programs
  • Renaming the malicious software to resemble legitimate files

An example of a malware is Vundo

  1. Backdoors

Just like a program that allows remote control of a computer, a backdoor is a malware that criminals use to gain unauthorized remote control of a computer. An attacker may trick you into installing a backdoor malware through social engineering. A skilled attacker may even exploit vulnerabilities in a target computer to hack into it and install a backdoor malware.

Once installed, the attacker can easily bypass all authentication protocols to gain access to a computer undetected by the user. Examples of backdoor malware include SubSeven, Bionet, Deep Throat, Back Orifice and NetBus.

  1. Rootkits

Malicious programs try to conceal themselves to avoid detection by protective software. Rootkits are packages that allow concealment of malware. Rootkits modify the operating system to camouflage the malware. It cloaks malicious processes from being visible in the list of processes in the system. It also stops the files of a malware program from being read.

Rootkits are stealthy. Most of them load fast before most Windows, embedded deep within the system and then modify the functioning of the system so that security systems installed won’t detect them. In fact, a rootkit will almost always never show up in Windows task manager.

  1. Spyware

Just like the name, this is a malware that spies on the victim without his or her authorization. A spyware will collect various forms of data without the knowledge of the computer user. Spyware can be in many different forms. They may also be part of other malware such as Trojans and Adware.

The data collected could be of benefit to the attacker in innumerable ways. A spyware could, for instance, steal your financial data. Some spyware come bundled with free software. The spyware will monitor your browsing habits and upload this data. The data can then be monetized by the software creator through selling it to third parties.

  1. Adware

Most of the time adware and spyware come hand in hand. An Adware just like the name suggests displays advertisements on your computer even when it shouldn’t be doing that. Part of the adware is often a spyware that secretly monitors your browsing habits. This information is then used to display more targeted ads.

Generally many folks are not bothered by adware and in the real sense adware come bundled with legitimate programs, e.g., the Ask Toolbar bundle alongside Oracle’s Java.

  1. Keylogger

A keylogger runs in the background of a computer and records all the keystrokes made. The information it collects could be anything from usernames, passwords and credit card number to all other forms of sensitive data. Once this info is gathered, it is then uploaded to a malicious server where cyber criminals analyze it and pick the information they want.

Other malware such as viruses, worms, and Trojan can act as keyloggers. Keyloggers have been used for years now in business as well as at home by jealous spouses.

  1. Ransomware

This form of malware holds your computer captive and demands a ransom. A ransomware may encrypt files, lock your hard drive or freeze the system. It will then display a message demanding that a ransom is paid to the malware creator for the damage or restrictions to be reversed.

Some ransomware malware are so dangerous that even after the ransom is paid the encrypted data can’t be retrieved. For this, it is always recommended that you have excellent backups for all of your data.

  1. Bot

A bot is usually created to serve a particular purpose automatically. Harmless bots can, for instance, be found in computer games, internet auctions, and online contests. Malicious bots have however found a place in cybercrime where that are used to create botnets (computer networks that can be controlled remotely) employed in DDoS attacks. Other bots are used as:

  • Web spiders that destroy server data
  • Spambots that spam websites with ads
  • Malware distributors disguised as popularly searched items on the net

 

How a Computer Gets Infected

Some of the common avenues used by malware to gain access to your computer include:

  1. Spam Email

An attacker may trick you into downloading malicious files from your email address. They will send you a file attachment in form of a delivery receipt, tax refund or an invoice among many other things. They might even lure you by telling you that opening that attachment will reward you with money.

The attachment nonetheless has a malware, and when you open it, you end up installing the malicious software on your computer. Telltale signs of malicious emails include poor spelling and grammar from email addresses you have never seen before. Remember that through phishing, a criminal may tailor an email address to look like that or a person you know or from a legitimate business or organization.  They may also hack into email accounts and use them to send malicious spam.

To avoid falling victim of this:

  • Don’t open suspicious looking email
  • When an email asks you to update personal or sensitive details, do not click the link in the email
  • Open email attachments with caution especially from people you do not know

 

  1. Infected Removable Drives

External hard drives and USB flash drives are a major portal used by viruses and worms. The malware installs itself immediately the external storage device is connected to the PC. Worms can also infect computers connected to the same network.

To avoid malware infections of this nature:

  • Disable autorun for removable devices
  • Scan all removable devices for malware before using them

 

  1. Malware Bundled with other Software

Software from third-party website or peer-to-peer networks often come with extra applications that get installed along with the downloaded software. This can include toolbars and programs that act as adware. Usually, you may get an option to choose not to install such software when installing the downloaded software.

Most keygens (software key-generating programs) have been found to install malware on computers where they are used. To avoid such forms of malware:

  • Always download from official software vendors
  • Read through the installation procedure not simply clicking okay and next

 

  1. Compromised Webpages

A compromised website will try to exploit the vulnerabilities in your PC to infect it with malware. Even legitimate websites sometimes get hacked and consequently compromised. Since most computer vulnerabilities i.e. within the installed software, it is prudent to keep all of your software up-to-date.

  1. Other Malware

Some malware download more malware into your computer. Therefore, a computer with such a malicious program will keep getting new threats as long as the malware is present.

 

Signs of Computer Malware Infection

  • Sudden impaired performance- you may notice that the PC begins to run slower than before. Close inspection may reveal lots of unexplained processes running in the background.
  • Failing maintenance programs- malware will typically damage or disable programs that might identify and remove it such as Windows Update, Antivirus, Regedit, Msconfig, Task Manager, etc.
  • Browser changes such as new unwanted toolbars that never go away, constant unwarranted pop-ups or changes in home and search page preferences
  • Posts appear on your social network accounts that did not originate from you. Your email account may also begin to send out random spam email
  • Your PC is held ransom by a software
  • A security program that you did not install pops up scary messages
  • Unusual hard drive activity even when on standby. This could also come with running out of space on the hard drive
  • Increased activity on the network that is unexplained
  • Remember that even when everything seems normal there might be a Trojan within that is quietly stealing your data or even a bot waiting for commands to take over your computer

 

Eliminating Malware from a Computer

In case you realize that your computer is infected here’s how to get rid of malware

  • Disconnect the computer from the internet and all other networks
  • Shut down the PC
  • Restart is in Safe Mode– press and hold F8 during power-up, various options will come up; select Safe Mode with Networking
  • Delete all temporary files– you can use Disk Cleanup on Windows for this
  • Download and install a malware scanner. Even if you have an antivirus program installed, it is recommended that you use a different scanner to check for malware. Some of the high-quality free on-demand scanners include BitDefender Free Edition, Kaspersky Virus Removal Tool, Malwarebytes, Norman Malware Cleaner, and SuperAntiSpyware.
  • Scan for malware using the malware scanner
  • From the results of the malware scan, you can now remove all the files that you think are malware infected

NOTE: you may find that the malware scanner disappear or refuses to work on installation. This is a sign that you are dealing with a rootkit or critically deep infection that resists elimination by damaging the malware scanner. For such a situation, it is recommended that you reinstall Windows.

  • Fix the web browser– some malware may modify the browser setting to make it easy for them to re-infect the PC. Go to the browser setting and restore it to the default settings or personal preferences.

 

Anti-Malware Strategies

Anti-Virus And Anti-Malware Software Applications– These offer real-time protection against all forms of malware. They stop malware operations before they even begin on the computer. Top commercial antivirus programs are:

  • Bitdefender Total Security
  • Kaspersky Total Security
  • Avast Premier
  • McAfee LiveSafe
  • AVG Ultimate
  • Symantec Norton Security with Backup
  • Trend Micro Premium Security
  • BullGuard Antivirus

Backup All Important Data Safely

Imposing Air Gap Isolation to prevent transmission of malware in computers on a network

Keep the Operating System and Software Up-To-Date

Be Knowledgeable. Knowing how malware work is the best way of remaining protected.