DayCom Solutions
    Website & Custom Software Development - Support


Main Menu
Contact

KDay@DayComSolutions.com


About Malware

Malware includes computer viruses, worms, trojan horses, most rootkits, spyware, dishonest adware, crimeware and other malicious and unwanted software. More detailed information on various types of Malware can be found at https://safeweb.norton.com/safety

About Protection Programs

There are numerous 'protection' programs available. Basically, they fall in one or a combination of three different categories:

1. Anti-virus Software - can be and usually is included in 'Internet Security' software (below)
2. Registry Scanner / Cleaning Software - also can be included in 'Internet Security' software.
3. Internet Security - which usually include anti-virus software.

NOTE: Internet Security programs are often referred to as "Anti Virus" program.

About Anti-Virus Software

Anti-virus software will scan the computer on which it is installed and look for files that are 'infected' with a virus or similar malware. Some anti-virus programs have the added capability of scanning other computers on the network, also. Most all AV software has the capability of scanning ALL drives mounted on the computer on which the software is installed.

Some AV software is better than others at detecting such problems, while others may miss some threats. Once an infected file is found, the software will attempt to neutralize the problem. If it can not, it will move the file to a protected area where it can be deleted or neutralized at a later date.

To be effective, anti-virus programs must be updated frequently to keep up with the constant stream of new threats that are continually being generated.

Most AV software can be set up to UPDATE automatically and to perform scheduled scans. This is a great help because many people forget to perform these needed routine functions.


Cleaning / Removing malware from an infected computer.

Once a virus or other malware is detected, it must be removed. There are numerous ways in which a virus can affect their host computer. This subject is beyond the scope of this article.

Many AV programs may 'miss' some virus infections while others may find them, but not be able to neutralize them.

A program that we have found to be very effective for finding and cleaning up infected files is the FREE version of MalwareBytes; although MalwareBytes Free Version is a very good program to use if you have an infection it is not an Internet Security program.

Beware when searching on the internet; it has been brought to our attention that apparently, if one does a Google search on MalwareBytes they can end up on a website that has nothing to do with the actual program we are talking about. Read the descriptions very carefully. The actual website for the MalwareBytes program we are referencing here is www.malwarebytes.org . MalwareBytes has both a FREE version and the 'Pro' version. The 'Pro' version costs money. We recommend trying the 'free' version - so make sure you get the correct one. Later, if you wish to pay the fee and upgrade to the Pro version, you can.

As of this writing, the MalwareBytes the FREE version is a 2.8 MB file and is called "mbam-setup.exe"
1. Download the program - we recommend downloading it to a 'dnld' directory (you create) on your hard drive and running it from there.
2. RUN the install program you just downloaded - it will install the program on your computer. (You can later REMOVE it if you like.)
3. Open (run) the MalwareBytes program you just installed
4. Do an UPDATE to make sure you have the latest virus definition files
5. Do a SCAN on your computer

Click here to see detailed instructions for downloading and running MalwareBytes

This FREE version will scan and find and clean viruses, if you have any. It is a VERY good virus removal tool. The FREE version will NOT update automatically and will NOT scan automatically. YOU will have to do that periodically by manually selecting 'update' and 'scan'.

The PRO (paid for) version will do automatic updates and scans and also has a number of other added features and capabilities.

NOTE: The free version of MalwareBytes is ONLY an anti-virus program - it is NOT what is called an 'internet security' program. But it is very good at removing virus and other malware, should you have any.

MalwareBytes can be installed and used in ADDITION to other AV / Internet Security program you may be using - it does not scan incoming mail and website pages.

Cleaner/Scanner Program UPDATE:
Another excellent 'cleaner' program we have been using with great sucess is VipreRescue.
For a Review of VipreRescue by PC Mag


A word about Registry Scanning Programs

There are many so called 'registry scanning' and 'registry cleaning' programs available, such as RegCure, RegFix and many, many more

Briefly, the Windows Registry is a database which stores settings and options for Microsoft Windows operating systems. It contains configuration information and other settings for hardware, operating system software, most non-operating system software, and per-user settings. The registry also serves some additional purposes.

One person reported doing a Google search for MalwareBytes and came up with a link to a website that offered to scan the computer for problems. The person went ahead and let the program perform the scan and it reported that there were HUNDREDS of problems and further reported that only a small amount - about 20 or so - could be fixed with the 'free' version; the rest - which numbered in the hundreds - could be fixed by purchasing their upgraded product.

Programs and scans that show hundreds of 'problems' are usually Registry Scanning programs. We did try out one such program some time ago. Every time it ran it found a large number of 'problems' in the Registry that it would subsequently 'fix'. We might add, it found these large numbers of problems even after periods where the computer on which the software was installed was not used or used very little. It is not clear as to whether this ever did any good or not. There was no noticeable increase in speed or performance of the computer after such 'fixes' were completed. We did not renew that program when it came due again and have not noticed any detrimental effects. In short, it is not clear to us whether such Registry scanning programs actually do any good or not - other than to put money into the hands of their promoters.

The promoters of registry cleaners try to say they are the cure all for all slow computers. They can and sometimes do help some in this area, but user beware. All cleaners, bar none, can be both good and bad. Such 'cleaning' programs can, and usually do, remove entries from the Registry that should not be removed. Removing these items may or may not affect your system right away but could become a problem later during new installs or uninstall operations. If you are a geek or an IT professional these problems are usually not difficult to resolve. But the normal home or small business user would most likely require a service call and the associated down time and cost.

Bottom Line: whenever you modify the Windows Registry you are taking a chance that the system could crash. Microsoft always advises backing up the Registry before any changes are made. Registry scanner programs modify the Windows Registry - there is always a chance that thing can go terribly wrong whenever the Registry is altered.

If you suspect you already have a malware infection

If you already suspect you have an infection, we recommend downloading and performing an immediate scan with either:

  • Malwarebytes - http://www.malwarebytes.org
  • VipreRescue -http://live.vipreantivirus.com
  • there are other products available, but we are familiar with and have sucessfully used the above two.

About Internet Security Programs

NOTE: Internet Security programs are frequently referred to simply as "Anti Virus" programs; although Internet Security programs do include anti virus protection, they have additional features and protection capabilities.

In addition to checking the files on your computer for virus and other infections, Internet Security Programs run constantly in the background and monitor incoming email, files you download and the pages you download from websites you visit. Because they do run in the background, they of course affect the performance of your computer. In short, they slow things down. Some are better/worse than others. Some work well on some platforms, but not as well on others.

Some of the most popular are internet security / antivirus programs are frequently not recommended by independent IT folks due to considerations of system performance and a lack of good support. Of course, you hope you do not need support, but make sure it is available and is FREE for whatever product you buy. Some companies have support, but will charge for it if you use it.

So which Internet Security programs are 'ok' or 'good' to use? It's like Ford and Chevy - there is a lot of opinion involved. But there are some definite differences - such as speed, cost and support, to name a few.

If you are employed by a large corporation and are required to use their "corporate edition" of internet security, by all means, do. It is free and is usually not the same as the commercially available versions put out by the same company. Obtain an installation CD from one of your IT folks where you work and install the program on your computer using their instructions.

Remember - not all Internet Security programs are good at removing infections; you can still install and periodically run a program such as MalwareBytes IN ADDITION to the Internet Security program you run on your computer. They do not interfere with each other. (Installing two internet security programs WILL usually interfere with each other and it is NOT recommended!)

To repeat: Do not run TWO Internet Security programs at the same time on a given computer. This can cause untold problems and slow down system performance!

ALSO - if you CHANGE from one Internet Security program to another, be sure FIRST to UNINSTALL the old one BEFORE you install the new one!

To uninstall some programs may require downloading and running an additional 'removal' program. Such removal tools sometimes target a specific provider. They can be easily found by searching on the internet.


Internet Security Programs Available

There are many 'good' internet security programs available. Without getting into a complete comparison - which you can do on the internet on your own anyway - here are a few that we have tested or still use. Of course, results can vary from computer to computer, and from Op System to Op System. A program that runs well on Windows XP, for example, might not run well on WIndows Vista. Also, be sure you get the correct program for YOUR computer, making sure you get the 32 Bit or 64 BIt version, as appropriate.

Here are a few things you might want to consider when selecting an Internet Security / Anti Virus Program

1. Reputation - does the program have a lot of problems? You can search the internet and obtain this information.
2. Effectiveness - does the program successfully and reliably detect (and remove) infections? Or does it 'miss' a few?...
3. Speed - does the program excessively slow down a computer on which it is installed? Again, an internet search will yield this information.
4. Does the provider have good support? IS THEIR SUPPORT FREE, or will it cost if you need it?
5. HOW MANY Computers can you install this on for the price? Many only allow ONE installation. Some allow multiple installations for the same price. (This is of course only a consideration if you have more than one computer.)

There area other considerations.

We have found that many Internet Security programs will run with varying results.

The AV/Internet Security program we currently use for Windows based systems is Sunbelt Security's VIPRE ( http://www.sunbeltsoftware.com ). We have recently switched to VIPRE for two main reasons: (1) VIPRE is not a 'resource hog' in that it does not seem to slow things down albeit an effective AV and Security choice; (2) Pricing Structure. VIPRE (as of this writing) is $29.95 for one computer, $39.95 for two computers, and $49.95 for unlimited computers. Since we have a rather large number of Windows based systems in various desktop and notebooks and virtual machines consisting of Xp, Vista and 7, the $49.95 price structure is by far the most economical for a fast running and effective solution.

We used to run Trend Micro Internet Security on our Xp systems, but found what appeared to be a compatibility problem with Trend Micro and Vista; this is the problem that is most often attributed to Norton where the Vista machine periodically loses the internet connection and reports "Network Connected - Local Only" (rather than "Network Connected, Local and Internet."). For this reason we discontinued use of Trend Micro in lieu of VIPRE, since it can be licensed for (and works on) all the Windows platforms we work with, which include Xp, Vista and Windows 7.

Trend Micro (www.trendmicro.com) worked very well with our Xp machines, and seemed to be an excellent product, albeit too advanced for some users. One of the reasons we used Trend Micro is that the $49.95 version allowed installation on THREE computers. At that time, TM was one of the more cost effective alternatives, owing to the fact that that is was more economical to us than a program that costs $30, but will only allow installation on one computer. But this is of course, only a consideration if you have more than one computer.

After experiencing the now infamous (Network / Local Only) problem with Vista, we removed Trend Micor and installed the free version of Avast! We used the FREE Avast! version for some time and it seemed to be a good product, also.

We have also 'tested' 'The Shield Deluxe' - which was the most economical version, allowed multiple installations and was VERY highly rated all over the internet. I think (but not sure) it caused problems with a 64 Bit Vista machine - causing it to lose internet connection (aka the "local only" problem). At least, after uninstalling it, the problem seems to have cleared up. We have also received reports from customers that the original version of Shield Deluxe worked fine, but they had multiple problems when they renewed the subscription and updated to a newer version. Most all our customers have discontinued running The Shield Deluxe because of such problems.

But other people that have installed and use Shield Deluxe report that they are very happy with it. So - it's a matter of preference and implementation and other factors. The Shield Deluxe uses the highly acclaimed Kasperski engine and is the most economical and gets very high ratings, but we found it to be a resource hog as it slowed things down considerably - especially during a scan.

Because we have so many computers in the business, we switched all the Windows PCs over to Sunbelt Software's Vipre. We get virtually unlimited computer installations for under $50 (as of this writing) and the Vipre product is not as rescource-hungry as many, and seems to update and work well on our multiple platforms and is also effective at catching and removing threats. Virpre can be downloaded (and paid after a trial period) from the internet:

A NEW offering (FREE) from Microsoft

Another possible program that seems to run efficiently has recently been made available from Microsoft called "Microsoft Security Essentials". For more information and download, see:
http://www.microsoft.com/security_essentials/

DIsclaimer

Again, this article is NOT meant to be a comprehensive tutorial or description of anti virus and internet security programs. It is meant to get you going in the right direction - and to share some of the things we have experienced. You can obtain more detailed descriptions and in-depth analysis on the internet. You might want to start with "Ask Leo" at:
http://ask-leo.com/viruses_how_do_i_keep_myself_safe_from_viruses.html

The Ask Leo newsletter has a lot of topical articles and very good information for Windows users and is one of the very few newsletters to which we subscribe at this time.

There are many different venders and versions of Internet Security, scanning and anti-virus programs available. Some may work well on some platforms,but not others. Also, as such programs evolve and updates and revisions are made, what was a good program may become a problem, and visa-versa.


We hope any of this is some help - and not just confusion.....


Bottom Line

  1. if everything you have going in the way of AV and IS software is working for you now, you might be well advised to stay with it.
  2. if you think you might have an infection of some sort, download, install, update and scan with MalwareBytes - or a similar program if you know of one. REMEMBER - the MalwareBytes Scan is independent of whatever Internet Security / Anti-Virus program you may be currently running
  3. Sometimes it really helps to run a second scan - we often use VipreRescue
  4. if you are not happy with or are looking for a new solution for Internet Security there are many options - we have referenced but a few.
  5. BUT ALWAYS - ALWAYS! If you are running a Windows based PC:
    • use an internet security / anti-virus program- keep it UPDATED DAILY, and run a SCAN on a REGULAR basis!
    • don't click on links in emails unless you know they are safe - even IF the email seems to have come from someone you know
    • don't click on links on websites
    • Be careful what sites you visit - it is possible to get a malware infeciton just by loading a page
    • Be ESPECIALLY wary of ZIP and EXE files that are sent as attachments
    • Suspect ALL email before you click! There are a lot of very clever spoofs being sent around regularly

Some Internet Security / Anti-Virus Programs we curretnly run and are getting good results

  • Vipre (Sunbelt Software) - NOTE the spelling -
    • 1 license - $29.95; 2 licenses - $39.95; unlimited installations for $49.95
    • Easy to install
    • Is not a 'resource hog' - does not seem to bog the computer down
  • MalwareBytes (other than the actual "Scan" program
  • Avast!
  • Microsoft Security Essentials
    • Is currently a FREE program
    • seems to run ok - seems to block threats
    • does not seem to bog down the compuer
  • Many Others - but before you buy, READ the blogs and reviews!

good references:

Sunbelt Software (Now GFI / Vipre) Home: http://www.sunbeltsoftware.com/

 

| Home | Software Development | Web Development | Web Process | Experience | Web Site Links |
    Support Area
Copyright ©DayComSolutions.com 2005-2012
All Rights Reserved