Anti-Malware Software
The success of any malware program lies in its ability to avoid and resist detection and removal. The basic design of malware makes the process of keeping your computers clean more difficult. It is nearly impossible to manually identify and remove all traces of malware—there is just too much active malware threatening any computer connected to a network.
The only reasonable approach to addressing the problems of malware is to use a collection of programs specially designed to combat malware. Such programs include antivirus and anti-spyware software. Collectively, these software packages are also called anti-malware software. While there are some overlapping features, each type of software generally performs different functions. Both types of software are necessary to create and maintain a secure computer system.
Antivirus Software
Antivirus software can help detect and mitigate some types of malware. There are many antivirus programs available that can identify many known types of malware and help respond to the threats malware programs present. Most antivirus software focuses on viruses, worms, and Trojan horses, but may also address rootkits and spyware. Current antivirus software provides the ability to prevent, detect, and remove malware instances.
Many quality antivirus software products are available. TABLE 5-2 lists several of the more commonly used antivirus products for Windows. Note that Table 5-2 is just a sample list of some common antivirus products.
TABLE 5-2 Common Antivirus Software for Windows |
|
|---|---|
| PRODUCT | WEBSITE |
| Bitdefender Internet Security | http://www.bitdefender.com/ |
| Kapersky Internet Security | http://www.kapersky.com/anti-virus |
| Norton Security | http://us.norton.com/antivirus/ |
| McAfee AntiVirus | https://www.mcafee.com/en-us/index.html |
| Comodo Internet Security | https://www.comodo.com/home/internet-security/free-internet-security.php |
| F-Secure Safe | http://www.f-secure.com |
| G Data InternetSecurity | https://www.gdatasoftware.com/ |
| BullGuard Internet Security | https://www.bullguard.com/products/bullguard-internet-security.aspx |
| Panda Antivirus | http://www.pandasecurity.com/usa/homeusers/solutions/antivirus/ |
| Avast AntiVirus | http://avast.en.softonic.com/ |
| AVG AntiVirus | http://www.avg.com/us-en/buy-antivirus |
| Avira Antivirus | http://us.avira.com/ |
© Jones & Bartlett Learning. |
|
The most common method used to identify malware is to compare known malware code with processes running in memory or files stored on disk. Each instance of malware has a unique set of instructions, called the malware’s signature, which identifies any copies of the malware on your system. The organized collection of known malware signatures is stored in a signature database. The antivirus software uses the signature database for signature matches when scanning processes or files. Any process or file that contains instructions that match a known malware signature is flagged as malware.
Another method some antivirus software uses to identify malware is called heuristics. Heuristics is the practice of identifying malware based on previous experience. The actions malware programs tend to carry out are stored in a database. When searching for malware, a heuristic scanner compares observed behavior with stored malware behavior. A match indicates the process in question is malware. The heuristic approach is more complex and slower than signature matching, but can detect previously unknown malware if its behavior is similar to a known malware instance.
Anti-Spyware Software
Anti-spyware software is another type of anti-malware software. It helps detect and mitigate malware. As the name implies, the primary target is spyware. While many antivirus software suites may include an anti-spyware component, there is value to using one or more additional stand-alone anti-spyware products. There are so many spyware instances that it makes sense to use multiple anti-spyware software products to ensure you identify as many instances on your computers as possible.
There are many good anti-spyware software products available. TABLE 5-3 lists several of the more commonly used anti-spyware products for Windows.
TABLE 5-3 Common Anti-Spyware Software for Windows |
|
|---|---|
| PRODUCT | WEBSITE |
| Microsoft Windows Defender, included in Windows workstation versions since Windows 7 | https://www.microsoft.com/en-us/windows/comprehensive-security |
| SpyBot Search and Destroy | http://www.safer-networking.org/ |
| SUPERAntiSpyware | https://www.superantispyware.com/ |
| Malwarebytes AdwCleaner | https://www.malwarebytes.com/adwcleaner/ |
| EnigmaSoft SpyHunter | https://www.enigmasoftware.com/products/spyhunter/ |
© Jones & Bartlett Learning. |
|