Country Flag  Download Center: United States

Norton Security™
Internet security and antivirus. All in One.

SAVE NOW!



 Save Big on Top-Selling 
 Norton Products 

 

<< Back to Learning Center

Learning Center


How To Detect A Malware Infection


Malware is a general term describing software that is place on a computer without the owner's knowledge or consent. Malware, once installed, launches some type of attack on the system. This may include destroying data, stealing data or monitoring some/all activities on the computer and sending that information back to a third party.

There are many ways to get infected. Viruses often come attached to emails. This is why you should NEVER open an attachment from someone you don't know. It is also why many companies will not accept attachments to emails.

Some cookies are actually spyware in disguise. Cookies are convenient for setting your preferences at your favorite shopping site, but some take their "memory" a bit too far. Some may actually monitor your activity on websites other than the one that set them. For example, they may monitor visits to competing websites. The site owner may then even sell that information to a third party.

A lot of "free" software is anything but. It comes bundled with malware, usually in the form of spyware. Agreeing to allow the distributor to send you relevant advertising usually means you've agreed to allow spyware onto your computer. Otherwise, how would they know what is relevant? Other software distributors simply sneak it into the code within the legitimate software.

If, after visiting questionable websites or downloading unknown software, you suddenly start having problems, suspect malware. Even if you don't believe you've done anything to invite malware in, sudden unexplained problems suggest it's there. Some of the more common indicators of a potential infection are discussed here.

A sluggish system is a common indicator. Much malware does manage to operate silently in order to avoid detection. But it can also degrade system performance and even crash systems. This is especially true once you have acquired a collection of these troublesome little beasts running in the background.

Some other symptoms you might encounter, depending on the type of infection:

  *An unexplained decrease in memory, corrupted files and programs/files that either disappear or appear suddenly are symptoms of a virus infection. Many viruses are more annoying than dangerous. However, there are also many that corrupt files or even entire systems. Multiple viruses can soon clog your whole system.

  *An increase in popup ads appearing from nowhere suggests an adware infection. So does frequent re-direction to a site that you did not type into the address bar, or new browser taskbars that you did not install. Adware is a type of spyware that monitors browsing habits in order to display ads relevant to the user. Although generally benign in intent, invasion of privacy is a real concern if enough information is collected to connect you to a specific location.

  *New menu items or icons suggest spyware infection. Other spyware indications are bounced emails that you didn't send and strange problems with installed programs (they just don't work right). Spyware monitors your computer and internet use. Some spyware is relatively benign, like the above adware. Other programs can capture sensitive information. For example, Keyloggers capture passwords as you type them, allowing others to access your personal and financial records.

  *a mysterious change in your preferences and settings may indicate a Trojan. Examples might be your wallpaper is suddenly different or your windows color or screen saver settings change by themselves. Often you cannot change it back. Trojans are often used to allow an outside entity to gain control of your computer.

Rootkits are much more difficult to detect. These insidious programs are actually designed to hide themselves from normal malware detectors. And every time detectors are updated, rootkits are also updated to avoid them. They can be part of the other malicious code mentioned here, thus making THEM more difficult to detect.

Once you have determined that you probably have malware, what do you do next? It may be possible to identify known malware programs in either the list of processes running or the add/remove program panel, but it's not recommended to try to manually remove them. In most cases, the programs have additional components that are well-hidden on your system and will not be removed. These will continue to cause problems.

Instead, use a LEGITIMATE anti-malware program to detect and remove these programs. There are some free programs that do a decent job of detection. However, some free "cleaner" programs are actually malware in disguise, and even the legitimate ones are not all equally reliable at removal. If you are already having problems, your best bet is to purchase good anti-malware software from a reputable vendor.

Once your system has been cleaned, keep your anti-malware updated and run regular complete system scans.