The Tech Question I'm Most Asked...

Is this: "How did I get a virus?" and/or "Why didn't my antivirus software catch it?"

I'm never really sure how to answer because I can't know for sure, but these are probably the reasons:

1. You Didn't.
Well, not really. A lot of the so-called viruses we get are actually just fake antivirus/antimalware programs that brings up a list of "infections" and then tell the user they need to purchase the program to remove them. Conveniently, most of the time this results in them calling us to remove the trojans they think they have, and then we can remove the actual problem. Unfortunately, some people do pay up.

Here's the deal. Legitimate antivirus software will never, ever charge you to remove a virus or malware. The fake scanners (often with names like Antivirus 2010 or Windows XP Antivirus) look convincing, and many copy images from Windows and actual antivirus software, and some of them actually look better than the real deal.

Legit software may require you to purchase a full license to get extra features, like real-time scanning (MalwareBytes does this) or a subscription to continue to receive updates (such as Symantec), but you will never be charged to scan and remove malicious software. A final tip: If there are spelling errors in any of the messages you get, or your desktop background is changed to alert you of an infection, it's definitely fake.

2. Your Antivirus Sucks.
Again, sort of. I know what you're thinking--"wait, didn't you say you never have to pay? Then what about buying it new in the box?" Yes, if you do your homework then you absolutely can pay for antivirus protection. Our university, for example, purchases a license to allow the entire university to use Symantec. But we pay for the initial software and continual updates. We don't pay extra to remove the stuff it finds. That's just stupid.

So if we have this fancy contract, why are people still getting this stuff? Well, it turns out the people who make the nasties, like us, have access to antivirus programs, and they can find program-specific loopholes. Symantec remains one of the most popular antivirus programs, so if they can find a way to get past only Symantec, they're still hitting a pretty large user base. So in a sense, the more effective your software, the more likely someone will make it useless.

Hey, problem solved, right? You can just get every kind of antivirus software!

Please don't do this. The more you have installed, the worse they tend to work. You can still run scans with programs like MalwareBytes, that do not run continually, but there is absolutely nothing to gain by installing more than one antivirus suite.

3. You did it.
Some really nasty viruses use a whole host of loopholes to get in, but some of them knock politely at the door, and you let them right in. (People will always deny that they could have possibly done this.) Before you use something, Google it. Find out what other people say about it, and look at more than one site before deciding. Be responsible, and you won't download something you shouldn't have.

But sometimes it's trickier than that. It's pretty common knowledge by now that you shouldn't open an e-mail attachment you can't identify, but it goes beyond that. Even Facebook and Myspace have their own brand of malware that can be send in messages, comments, and even applications. It's not like you need to be paranoid and cut off contact from everyone in fear, but pay attention to things. If your cousin that you haven't spoken to in two years sends you a comment about a photo-sharing site, you should listen to your scepticism.

4. LimeWire
God, why are people still using Limewire? Which brings me to...

5. Porn
It's a running joke at this point. "Pop-ups? Ha, must have been downloading some porn, eh?" But it wouldn't be said if it didn't happen. People want to see other people naked (and doing naked things) and they're willing to install any number of things to do it. But come on--the internet is browser-based. Meaning you don't need to download an image viewer from a shady site to get your naked ladies.

The other common trick is to claim that a video codec is required to view a video. Guess what? It's not a codec. And laugh all you want, but the first major malware outbreak for Macs happened this way. C'mon, internet. The internet is mostly porn anyway, so pay a little more attention and stop downloading this crap.

In Closing
Just pay attention. The people who make these are ultimately out for one thing--money. So for the love of God, don't give them your credit card number. At best, they're still getting forty bucks for a program that doesn't do anything, and at worst, they have your number and they're going to hang on to it. Pop-ups are registering more ad views, which means more money for the people making them, and a higher possibility (however slim) you'll go to their sites. And if you end up with a trojan that brings your computer into a botnet, it will essentially become a whore who will be sold and made to do terrible things. Is that what you want for your computer?