As a consultant, I work on many, many different computers throughout the year. Though the machines are used in a wide variety of industries and organizations, I still see a large majority of them suffering from the same handful of issues. In the hopes of lowering those numbers in 2015, here are the six most common, self-inflicted issues I’ve seen on client computers this year:
- Fake Flash/Media Player Installs – By far, this was the most common mistake I see most computer users make, and it’s easy to understand why. Though you can sometimes encounter fake Flash Player pop-ups while surfing well-known sites (especially if they’ve been hacked as well), you’ll usually come across these fake notifications while surfing in the “darker” corners of the internet, especially if you clicked a link in an email or Facebook post.
If you see a pop-up like this, stop and immediately go to: http://www.adobe.com/software/flash/about/. (If you are paying attention, your hovering over that link to see if it’s legit!) That page will tell you whether or not your Flash player is working, and what version is installed. Right below is a handy list of the latest version number. If the two numbers match, then you already have the latest version of Flash Player. Congratulations, you avoided a possible malware incursion! If you see a similar pop-up for some media player you’ve never heard of, stop and investigate. First off, do you really need to see whatever it is that requires another piece of unknown software to be installed? When in doubt, check with an IT professional!
- McAfee Security Scan Plus – When you update Adobe Flash through the official website, the main installation page will also offer to install McAfee’s Security Scan Plus by default. According to McAfee, this software will supposedly protect computers from malware infections, but I’ve yet to see this software be effective, primarily because it’s usually installed unintentionally and in addition to already-installed, more competent anti-malware. You’ll want to uncheck the box in the middle pane to prevent Security Scan Plus from being installed alongside your Adobe Flash Player update.
But what if I don’t have any antimalware already installed? Will this protect me? The old adage “something is better than nothing” does not apply here. Security Scan Plus is almost universally reviled in the tech support industry. There are much better, free programs that are more effective. If you on Windows 7, try Microsoft’s Security Essentials. Windows 8 already comes with Microsoft’s Windows Defender pre-installed (the Win 8 version of Security Essentials). If you are still running Windows XP, Security Essentials will work until July 2015, and then you will have to find another program.
- Ask Search Toolbar – Given the number of times Java updates throughout the year, it’s not surprising how frequently I find Ask’s search toolbar installed on client computers. To be fair, it’s not malware in the strictest sense: the product does exactly what you’d expect it to do, if you actually intended to install and use it. Ninety-nine percent of my clients never intended to install it, and are puzzled why their search results are no longer provided by Google or (less commonly) Bing or Yahoo. It will get installed whenever you update Java and fail to uncheck the option (just like #1 above).
This toolbar is another PUA (potentially unwanted app) that is widely disliked by the IT support community, primarily because of it’s questionable distribution tactics, poor search engine performance, and the additional performance burden it puts on Internet Explorer as a toolbar.
- Automatic Software/Driver Updaters – there isn’t one particular application in this category that can be called out, primarily because there are dozens of these shyster websites. At best they are a nuisance, and at worst they could lead to a serious malware infection. They are typically installed from pop-ups clients see while surfing the web, and most trick the user into installing their program by misleading them to believe an important driver or application is missing or out of date.
Once installed, the program rarely does what it’s supposed to, and frequently will ask for money to actually do the updates which, after paying for a subscription, it still won’t do anything, or if it does anything at all, it will install even more outdated drivers and possibly other malware. Avoid this software like the plague – you don’t need it. Windows and OS X both automatically scan for updates (if they are set up properly) for all necessary drivers and will either install them silently, or ask you to update ASAP.
- Fake Antivirus Warnings – This one used to be in the top spot in 2013, but many folks are a bit more savvy this year and have since installed legitimate anti-malware after being duped previously. Unfortunately, the black hats are taking that into account and are now using even more convincing pop-ups that look like commonly installed anti-malware. Unless your computer is already compromised, you’ll typically only see fake virus pop-ups while surfing the web, which should be one of the clues that helps determine if they are fake.
The only way to avoid falling for this scam again is to know what your anti-malware looks like, especially the warnings. Nearly all of them will pop up a warning in your system tray – so if you only see the warning while web surfing and nothing in the system tray, it was likely just a fake pop-up. If you happened to panic when warning popped up and clicked the “clean/disinfect/scan” button, the next clue will be if the software asks to install something on your computer. Your anti-malware is already installed – it shouldn’t need to install itself again – so this is another clue that you are about to be duped into installing some malware.
- PC Performance Boosters/Optimizers – With very few exceptions, most of the software that appears in pop-ups that promises to improve your PC performance will in fact do the exact opposite. The most common snake oil I come across is the various registry “optimizers”. Though some of them may actually do some form of registry cleaning, most of them only excel at optimizing the flow of cash from your wallet to their pockets. If you get a pop-up while browsing the web warning your computer needs optimization, stop visiting that website immediately, and to be completely safe, immediately run an anti-malware scan.
The only cleaner that I trust to recommend to my clients is CCleaner from Piriform. I use this software regularly, and it is straightforward enough that even my most technically-challenged clients can use it with minimal assistance.
The above six gotchas, while common, are only a small subset of the wide variety of hijinks I come across while assisting my clients. It would take way more time and patience than anyone has to completely brief you on today’s malware threats. As always, you can avoid most self-inflicted issues by paying close attention to what is being shown on screen. Most of the time there are clues that will reveal the shadiness of unusual activity on your computer, and for the times when you are in a rush or don’t understand what you are seeing, stop what you are doing, close all programs, run an anti-malware scan, and, as always, call an IT professional for a second opinion!
Image courtesy of Stuart Miles / FreeDigitalPhotos.net