Ken's Korner Newsletter Logo
February 2015
Your Antivirus may not be enough!
Trojans Viruses & Worms

Yes, you can get a "malware infection" even if you do have current antivirus software running on your machine. How can that be? Well the short answer is only with your help. Willingly or un-willingly, (usually the latter) you put that malware on your machine. What is worse is that since this infection is "under the radar" your antivirus will not be able to find it.

So how do you get rid of this malware? None of the antivirus software, free or paid for, will work since the malware is protected by the operating system. For a Windows system you will have to start and run the machine in safe mode. That is not a simple process for your average user. It makes your computer a very primitive machine without the normal video, audio or even Wi-Fi features but it removes the environment that the malware needs to live and breed in.

Now the antivirus software can find it and kill it. It usually takes several antivirus programs to get all of it. Two of my favorites are Malwarebytes and HitMan Pro. You may have to restore some files from a backup if they were deleted buy the antivirus scan. If the infection was a system file you may need to repair or re-install the operating system. That can be a monumental undertaking.

How does this work?
Your antivirus is prevented from finding and fixing this by the operating system. When you first start your computer it is very primitive. The "chip" has enough "smarts" to check for a clock, memory and is there a boot sector on the hard drive. Even the boot sector is too small to hold all the information to bring up your computer but it does have instructions on how to find the rest of the startup stuff. The operating system, (Windows in most cases but other operating systems have the same problem) has not even started yet.

After the startup has loaded all the devices like your sound card, video card, USB devices and so on we start the Windows operating system and hand over this whole package of devices that are ready to run to Windows. Windows will prevent the antivirus from scanning anything in this group because it thinks this is protected and that you want these programs to be running. Of course this is where the malware is hiding. It is "under the radar" so to speak.

How did it get in here?
The short answer is, you put it there. Willingly or un-willingly, usually the later, it took some action on your part. When people have a problem with their computer they call me. I can direct them to a link on my website where they click the link and I have access to their machine. In my case there is a window that opens and alerts the user that I have access to their machine and they can terminate that at any time. It is considered benign because the user has to initiate the contact. They are informed that I have access and they can terminate it from their end with the click of a mouse.

But what if there was no alert window to tell you that someone else had access to your machine? No clue is visible from the user's side that anything has happened. The malware is loaded in seconds and you're compromised. Often the malware's first act is to contact other sites and bring in even more malware.

The virus seldom comes from the e-mail but rather the link in the e-mail that you clicked on. And these people stay up late trying to create a link that entices you to click it.

Websites that cater to gambling and pornography sites tend to be malware central. Free downloads frequently include other software bundled up with the one you wanted. Sometimes one of those is the one that got you.

Available antivirus programs will protect you from the "simple" malware and there is a lot of that out there. I prefer Microsoft Security Essentials for Windows 7 and Windows Defender for Windows 8 but there are other AV programs available. I recommend the free ones because the paid ones don't seem to offer any better protection. Don't waste a bunch of money on them.

If you think you are immune to this because you have an Apple think again. In fact if you have been thinking this way you are probably infected by now. There has been something of an "Urban Myth" that Apple computers don't get viruses. That is not even close to true. And UNIX, in its many forms, is vulnerable too!

Go back to the top

Power cycle your devices!

Turn your device off. Most computers as well as laptops, tablets and smart phones need to be restarted from time to time.

This is actually a legitimate fix for a great number of problems. In the computer world it is known as "Power Cycle". Turn the power off, wait ten seconds and then restart it.

NOTE: Many modern devices like smart phones and tablets normally do not actually power down all the way. They just go to sleep. To fully power down some devices will take special steps.

Start with the easy way! Close all programs and just shutdown from the menu choice. Not log off, restart, sleep or hibernate but shut down. Most computers will power down if you press and hold the power button. This works even if the computer has become unresponsive. If you want to be absolutely sure pull the plug.

Some laptops and other portable devices may not be so easy. The first step is to unplug it. If the device has removable battery or batteries then remove them. Wait a minute and then put the battery, (batteries) back in place.

In some cases the battery is not removable. In that case pressing and holding the power button usually works. In extreme cases you may have to press and hold several buttons at once to get the device to power cycle. If all else fails Google-up instructions on how to restart or power cycle your specific device.

Why does this work?
System files can become corrupt for many reasons and that list is too lengthy to go into here. The real question is how to fix it. When you first start up the device it builds a list of what it has to work with, memory, timer, storage and any other attached devices like cameras. The information need to operate these "things" is assembled and then handed over to the operating system and now it is "on".

The process of shutting down and starting up deletes everything and starts with a fresh build. This works on most modern electronic devices including cell phones and tablets.

Go back to the top

Copyright © 2015. All Rights Reserved.
Ken's Korner Home Page