It starts out with the small suspicion that something is wrong. You notice your laptop takes much longer than usual to complete a simple task. Or you open that file for your big report only to find it a mess of garbled characters and unreadable text. For a brief moment, you consider the possibility that you’ve gone crazy. Then you actually pray this is true, because you’d much rather accept that explanation over the more likely alternative: Your computer is infected.
But hold on. Before you embark on that disk defragmentation spree, know that there may be hope for you yet. One of the trickiest problems in PC troubleshooting is figuring out whether a machine is sick or if it is simply old and needs upgrading — especially because malware creators do their best to conceal their nefarious activities. This allows them to stealthily gobble up your computing power to run their self-serving processes.
Fortunately, there are several signposts that can help you tell whether your laptop is indeed infected, or just outdated. To help spend less time fretting and more time deciding what your next steps should be, we enlisted the expertise of Jacques Erasmus, chief information security officer for Webroot, and Catalin Cosoi, global research director for BitDefender, both leading antivirus companies.
Pop-up windows — especially those that occur frequently and unexpectedly — can be indicative of malicious software installed on your computer.
“Pop-ups are certainly a sign that you may be infected,” said Erasmus. “This is normally a sign of adware or a trojan clicker.” Erasmus explained that malware authors get money for each click and pop-up served.
“Basically, adware tries to increase rankings of websites through advertising,” Cosoi said. “By clicking on those [pop-ups] you’ll increase the revenue for displays, companies, and increase the rankings on Google searches.”
One or two pop-ups might be harmless, but be wary when they start to occur more and more frequently. Clicking on them is never a good idea. “Some of them can lead you to different malware samples,” Cosoi confirmed. “They’ll convince you a certain product or service exists to hook you, but it could just be more bad software installing itself on your PC.”
So the next time you come across that ad for designer handbags at 97 percent off or a closing sale at the Amazon electronics department, think twice about whether this would be a likely promotion, or if it just seems too good to be true. With a badly infected PC, you’ll end up paying a lot more in time than whatever savings that ad promised.
It’s a scheme known as Internet banking fraud, where malware can embed itself in your computer and detect when you access online banking sites. The software can record your username and password and transmit it to the offending party, after which the information is used to make withdrawals, move money to another account or make purchases.
“To confirm if you are infected, look at the time of login for any evidence of additional fields that you would not normally see at the bank login page,” Erasmus advised. “These may be asking for additional pieces of information such as an ATM PIN number, or asking for more letters of your password.” Say, for instance, that the bank normally asks for three letters of your password and now it’s asking for six. This may be a clear sign that you have a banking trojan on your machine, which does form injections to try and steal your credentials.
Cosoi also weighed in. “There are two ways offenders can gain access to your bank account,” he explained. “One of them is by installing malware in your computer, which contains keylogging components.” These programs will record every key you press, letting offenders have access to your credentials. And then they can further use your account to make withdrawals, for money laundering, or to take money from your account and transfer it to theirs.
You can also fall victim to phishing scams. In other words, you might find yourself on a fake page that tries to pose as your bank account. “They try to look exactly like your bank, with an area for a login as well,” warned Cosoi. “But logging in actually brings you to a different website — and you gave them your credentials.”
Public computers, such as the ones in Internet cafés and airports, are especially susceptible to this type of threat; never use them to access sensitive information such as your online bank account.
You work regularly on the same PC, and though you don’t glance at your settings every day, you’re pretty confident you remember how you’ve set them up. So you’re taken aback when your desktop suddenly looks a lot different than it did the day before. What’s going on?
Your computer may be infected, Cosoi said. “Different user settings that change without the user’s intervention, like your homepage, icons that point to different applications — things like that can indicate your PC is sick.”
If something looks wrong, chances are it is.
If your computer gets bogged down doing menial tasks that it used to do effortlessly, it may be infected with malware. Some pieces of code are carefully programmed to go undetected, and their main objective is to steal part of your computing muscle to power malicious activities online, such as spreading viruses, generating spam and installing spyware on other computers. It’s a big sign you may have a virus, though detecting whether the source is malicious can be tricky.
Erasmus agrees. “This could be an indication of an infection; however, this could also be due to some software you have installed that might be consuming a lot of CPU cycles,” he said. “It really is a mixture of various factors which will all come together to indicate an infection.”
So what should you look out for? “Some signs to watch out for are when websites are loading slower, or opening applications takes longer than usual,” Cosoi suggested. However, only a positive virus scan result can confirm that you actually have a virus rather than a legit program that is slowing down your computer.
When your PC is infected with a virus, it’s possible that the malware will force-connect you to websites in the background and send information back and forth with these sources. So how does malicious code wreak havoc on your PC in the first place?
“You can get infected by using pirated software, downloading or opening attachments in your spam folder, or even just by visiting different websites,” explained Cosoi. He said that malware writers exploit the vulnerability in a web browser and then manage to inject a little piece of code called a downloader. The downloader will then start connecting to different servers or different websites.
When it comes to malware on your PC, it’s best not to take any chances. Take advantage of your antivirus software and scan your system regularly to see if you’re infected. Any decent antivirus package — including free ones — will give you advanced notice of an infection, hopefully before you see one or more of these warning signs. They’ll also help you remove the malicious files. That said, you must remain vigilant by keeping your antivirus software up-to-date and watching for the above warning signs.