Malware Removal

Malware is an all encompassing term used in the computer industry to describe any software installed without the users consent and designed to do harm to the user, the computer, or other users & computers on the internet.  It includes virus', adware, hijackers, ransomware, and bot or zombie programs.  Anyone can get malware.  You can have the best anti-virus software installed and you can still get malware.  Most people don't understand that just clicking the wrong link on a website can invite malware into your computer and your anti-virus software will not catch it.  The most common scenario these days is a video link.  Lets say you want to open a video or audio clip on the internet but when you click the link to watch it, you get a message that says something like "You must install xxxvideo/audio playerxxx to watch this video.  Click here to install."  When you click that installer link, you've just infected your computer.  Education is the key to knowing when to click and when not to click.  When in doubt.  Don't do it.

    
There are many different types of malware. Here is a list of the most common types and what they do:


Adware - This has been around for a long time.  Adware is obvious, it is intrusive, and simply designed to get your attention and possibly get your to buy something.  Adware is most commonly noted by popups or re-directing your internet requests to an ad server.  This type of malware is not really dangerous.  It is simply annoying and will keep you from accomplishing what you wanted to accomplish on your computer.  Removal can be difficult but most of the time a good anti-virus or anti-malware program will remove it or keep it from installing in the first place.


The Original -Virus - This term is the one used incorrectly by most to describe all malware simply because it was the first term ever used to describe it.  Also, most virus these days can be described as something else in this list.  However, a traditional "old school" virus is not adware, a hijacker, or zombie.  It is the kind that usually attaches itself to your email and sends itself to everyone in your address book and it is generally the most damaging of all malware because it simply wants to do harm to your computer.  Virus' can do anything from erase your hard drive to corrupt your data to lock you out of your computer.  The people who write these virus' typically have no other desire than to cause you problems.


Hijacker - A hijacker is a program designed to run in the background quietly so you don't know it's there.  Hijackers are generally noted by the lack of internet speed or the inability to connect to the internet at all.  They steal your bandwidth and use it for their own purposes.  Many times they also use your computer to store files.  Sometimes they fill up your hard drive and crash the system.  The people who create hijackers have many reasons for doing it.  They may need your bandwidth to help them download very large files.  These are the files they are storing on your computer as well.  They may not want to pay for high speed internet so they hijack yours.  There are a lot of other reasons for this type of malware.  It is generally very hard to detect and hard to clean.  They may use something called a rootkit.  It can hide the infection very well and cause it to reproduce after its been removed.


Ransomware - One of the more recent types of malware, there is no recovery from this infections without paying the ransom.  This malware will encrypt all of your personal files including documents and pictures.  This renders them useless because they cannot be opened.  There will be icons all over the computer with links to a website.  When you open one of these links it starts a countdown.  You now have 24 hours to obtain $500 in Bitcoin (anonymous internet money).  If you don't do it within 24 hours the ransom doubles and continues to double every 24 hours.  If you pay the ransom, you MIGHT receive the unencryption key allowing to unlock your files.  To be perfectly honest, this is one of the most brilliant pieces of malware I've ever encountered.  Don't get me wrong.  I hate that these guys write this malicious software, but from a purely "black hat" or greedy standpoint, this malware stands to make its creator a lot of money and it's unlikely they will ever be caught.


Zombie bot - Zombie infections are similar to hijackers in that they try to hide in the background and are very difficult to remove.  A zombie computer is one that has been given instructions by a master computer to do what's known as a DoS attack or Denial of Service.  These are generally used by third world country crime organizations.  They gather thousands of computers together and instruct them all to start attacking a website.  These are generally high traffic and high income websites but also websites that are less likely to cooperate with law enforcement due to the nature of their business such as gambling sites or porn sites.  The website becomes so busy with traffic that it crashes.  Shortly after the crash the website administrator is usually contacted by the crime organization demanding money before the attack will stop.  Many will pay because it's cheaper to pay the extortionist than it is to keep their website offline.  However, if law enforcement becomes aware they will require the website to upgrade its security.  This is generally more costly than paying the extortionists.  That's why they go after the "shady" websites.  These infections are as difficult to remove as the hijackers. 
NOTE - Recently MIcrosoft has acknowledged the increasing difficulty in removing some of these malware programs.  They have, in a sense, given up on trying to clean infected computers.  A press release was issued in 2009 recommending that all maintenance and IT professionals keep mirror images of clean operating systems for the computers they manage.  If a system becomes infected they advise that the system be wiped and reloaded losing all data.  They claim that it is becoming too time consuming to clean every infection and completely cleaning all infections from a system may now be impossible.


MAJR Maui Computer Services has been cleaning infected computers for many years.  We have seen few systems we could not completely clean.  That doesn't mean we will always be able to clean every system.  It does mean that we are very experienced in this area and we will continue to clean systems that others cannot.  The most important thing to remember is always have anti-malware installed and always keep it updated. 
 
Think your system may be compromised or infected? Call us for a free consultation 808-269-8433 Serving all of Maui