February 12, 2010
Unless you have never opened an EMail attachment or you have never surfed the Internet, you have had viruses and malware find their way onto your computer. Hopefully in those previous instances your resident malware scanner or anti-virus program was able to detect and clean those before they could do any damage. Or perhaps they did do some damage and you have found yourself dealing with the aftermath of the infection. Like many others, perhaps you are asking: Is there a better way?
Fortunately there is a better way, and it starts with two realizations:
1. Your chance of getting infected is directly proportional to the nature of sites that you visit on the Internet. As you get further and further into sites that are not kid friendly, your chance of infection goes up dramatically.
2. There is no one anti-virus program anywhere that can stop and clean all of the current threats. Not even the paid commercial ones. If you continue to rely on only one program, then you will continue to be at increased risk. Read on for some steps to fix this.
So it quickly becomes apparent that more than one program is required, and yet it is difficult to run more than one resident antivirus because two or more of them will step on each other, if they will even install. At Awesome Computer Help, we have developed a three pronged strategy to provide better protection for your home computer(s), using programs that will not step on each other. Before listing the three programs though, we must state that it is really important that your copy of Windows is updated to the most recent service pack (sp3 for XP and sp2 for Vista). It is just as important that your computer is current on all of the security patches for Windows that have been released by Microsoft. Not having those installed is a sure fire way to get your computer attached covertly to a zombie network, after which time your computer will participate in whatever malicious purposes that the zombie net is used for. A zombie in this case is a virus infected computer that someone else has control of, and usually the normal user of the computer has no idea.
Part One: Your resident scanner. This can be any one of a number of different programs. All the commercial ones qualify, and I will not get into any subjective discussions as to which commercial package might be better than another one. I will say that I found the CA Anti-virus and Internet Security Suite to be buggy, so I recommend avoidance of that one.
In addition to those paid ones, there are several free ones that are also pretty good. Those include AVG Free Anti-virus, Microsoft Security Essentials, Avast Free Anti-virus, avira free anti-virus, and probably some others. I have found that the free ones are quite good, but if you know that you often surf kid-unfriendly sites then I would not recommend a free one. You can do a google search on any of the above and fond their download locations. Please remember that before you install a new resident anti-virus program, you need to uninstall your previous one.
Part Two: Stand Alone Scanner. There are several stand alone scanners on the market both free and paid that are not resident so they will not conflict with your software that was installed in Part 1. My current favorite one of those is called MalwareBytes Anti-Malware. Home users only need the free version of this software. It can be downloaded from http://www.malwarebytes.org. It is a quick download and a quick install. Please note that if your computer is already infected, the install of malwarebytes may not complete properly or it otherwise may not run right. Once Malwarebytes is installed, you can launch it and then go to the Update Tab. In the free version you must update Malwarebytes manually. Press the button for Check for Updates. Remember to do this right before scanning each time you wish to use the stand alone scanner. When do you run the stand alone scanner? Anytime you believe there is a reason to. If there is any chance your machine has an infection, then run it. If you see your other anti-virus program prompt about finding a virus, then run it. If you just want some peace of mind knowing your computer is clean, run it to verify that. Scans take a little time and can range from 45 minutes to 3 hours in my experience.
Part Three: Gate Keeper. My current favorite for this kind of function is a little program called Threatfire, which you can find at www.threatfire.com. There is a Free Version that is good for home users. Threatfire is also a resident program, but it typically does not conflict with your Part 1 Scanner because it does different things. Where all the other scanners are reactive in nature (meaning they do not clean a virus until it is already on your system or in an EMail you have received), ThreatFire is proactive to an extent. What it does is to sit at all the Gates between Windows and the Internet and watch all of the traffic. If it sees anything that looks malicious, especially the fake antivirus or ScareWares, it will throw up a dialog asking the user what they want done with this apparently malicious process. Best option is to quarantine. Since it does watch all traffic, it can slow the computer some, so this is not a good choice if your computer is sitting on the minimum requirements for your operating system. This would mean an XP machine with 256MB RAM (or in some cases 512 MB), Vista machines with less than 2 GB RAM, and Windows 7 machines with 1GB RAM or less. You can always install it to test if is slows you down too much, and then uninstall again if it does. Also it is possible that threatfire will throw up a box while you are installing another program. You can tell ThreatFire to ignore in that case.
As the writers of malware programs get more cunning in their designs, the home computer users will need to pay better attention to their security setups. Implementing the three step process just described will help a great deal, but even this is not 100% protection. Combine all of it with a user who is paying attention, and being careful about where they go on the Internet, and it can be a very effective plan. For any of you who are reading this too late, for those already infected, give us a call and we can help you, even remotely if need be.
To your safe computing, Joseph