Malware is malicious software that can infect a computer or network causing problems that range from sluggishness and reboots, to loss of data and identity theft. In some cases the only way to rid a computer of certain types of malware is to wipe the drive, reformat it, and reload the operating system and programs. The best remedy is prevention, so let’s consider the different types of malware protection.
The first rule of thumb in malware protection is to avoid engaging in risky online behaviors that virtually invite trouble. Delete email that arrives from unknown sources without opening it, and do not open or forward “chain-email,” even if it arrives from a friend. These are emails or attachments that circulate the Internet and might be funny, animated clips or little games. They can appear benign but often harbor a Trojan horse, virus or worm. By viewing the item you can infect your computer without realizing it.
If you use an email client rather than a Web-based email service, do not enable HTML in the client. HTML-enabled mail opens your system up to a host of threats that cannot reach you through a text-based interface.
Equally important, only download software that has been reviewed or recommended by trusted sources, and is hosted on a reputable website. According to a 2008 statement by a Symantec spokesman, the amount of software available online that carries malware rivals legitimate software and might even be exceeding it.
Assuming your behaviors are not inviting infection, what kinds of software can you employ to provide malware protection? Let’s take a quick look at the different types of programs available.
Anti-virus software looks for signatures of known viruses, Trojans, backdoors, scripts, bots and worms. If it finds malware, it can delete it in most cases. A good anti-virus program will update its database several times a day to stay current with known threats in the wild. These programs also incorporate heuristic algorithms, or the ability to detect unknown viruses by their behaviors. Like any other software, some anti-virus programs are better at their job than others. Look for independent lab results to find a good program. Only install and use one anti-virus program at a time.
Anti-Adware and Anti-Spyware software usually comes bundled as a single package. These programs detect adware, spyware and their telltale signs, such as increased popup advertisements and browser hijacking. The latter occurs when you attempt to visit one sight but get redirected to another, often a pornographic site or a site pushing a hard sell. Adware and spyware can log browsing habits, interfere with surfing, hog system resources and slow your computer to a crawl. Guarding against spyware and adware is a basic part of any malware protection plan.
Keyloggers are small programs that record keystrokes to a log for later review by a third party. Network administrators use keyloggers for legitimate purposes, but they are also used in the wild to steal passwords, bank account numbers and other sensitive information from infected computers. Keyloggers are passed to remote machines surreptitiously using any Internet connection, then logs are regularly retrieved the same way. Keyloggers pose a real threat because they bypass encrypted technologies by recording information before the encryption can take place. Top anti-spyware programs incorporate keylogger detection, reducing risks of identity theft.
Rootkits are perhaps the worst type of infection because of their “mercurial” nature. There are several types of rootkits but in essence they are small routines that write themselves into the basic functions (or roots) of the operating system. From here they perform all kinds of tasks from installing keyloggers to opening backdoors for spybots. Like a lizard losing its tail, if you manage to detect and remove a rootkit, there might be hidden routines left on the system that will simply rebuild or “grow a new tail.” While there are rootkit detectors, should you find a rootkit, the only way to be sure the rootkit and all of its peripheral infections are gone is to wipe the system, reformat the drive, and rebuild.
Software designed for malware protection can come in suites or as stand-alone programs. A suite should include several programs or a single multi-layered program that includes all forms of malware protection. Stand-alone programs focus on one of the areas above, and might incorporate one or two tangential types of protection.
If you have never used malware protection, the first job upon installing the software will be to scan and clean the system. Once done, leave malware protection programs running in the background to reduce the risk of future infections. A firewall is also a basic part of system protection. Though it does not detect malware, it can prevent hackers from infiltrating your computer or network.