Misconceptions, misunderstandings and education about Antivirus and Antispyware software.

The battle against malware is a 24 x 7 endeavor. Marketing employs action hero actors depicting various scare tactics to protect you from the evils lurking. Sales people are quick to sell you each and every form of the “New and Improved” virus fighter while they leave out the crucial small print. In the conclusion a myriad of gaseous cloud loopholes are left with confusion and an angry mob that only start’s with finger pointing and pass-the-responsibility accusations.

With just a little bit of up front education things can be better understood by the end-users. Malware is a generalized tem for a variety of malicious software which includes viruses, rootkits, Trojans, worms, bots, adware and other forms of software that are more or less undesirable applications that rarely are beneficial on a users computer. In the last four to five years the designers of malware have become a lot more malicious and devious as to how they can deceive and trick you into accepting or placing malware on your system. From there it becomes like a magnet for more malware.

Most users are under the impression that all they need to do is install an antivirus program and they are safe for the life of the computer. To start off with most antivirus programs are only 90 to 98 percent effective. On top of this some companies come out with several new virus definitions daily. What that means is that several times a day they come out with new code to detect various strains, changes or variations of malware. I’ve seen on systems where just updating the month old definitions, find and quarantine over 28 new infections. So that antivirus you bought 4 years ago and keeps giving you an error and you just click it to have it get out of your way because you’re in a hurry to get to a website of your favorite social site. That should be your first clue that it’s already too late.

A user does NOT need to go to a porn site these days to become infected with over 4,000 forms of malware. One way to hypothetically post a billboard and an invitation to malware is the improper use of BitTorrent and Peer-to-Peer Software (P2P). Please note that the use of peer-to-peer file sharing programs will inevitably result in infection. The security system cannot protect the computer from malicious files that the user voluntarily downloads from unknown sources. The security system requires the cooperation of the computer user to function effectively.

To guard against malware and maintain a healthy machine involves a proactive and participating part in the user and this starts with downloading and verifying the latest definitions at least weekly and running a full or comprehensive system scan weekly.

I will continue to add more to this column, ways to improve and educate on the ways of preventing malware.


Definitions of commonly used Malware terms (adapted from Wikipedia articles):

Adware: software with advertising functions integrated into or bundled with a program.

Antivirus: software that attempts to identify, neutralize or eliminate malicious software.

Backdoor: a hidden method for bypassing normal computer authentication systems.

Downloader: software that downloads and runs another software, usually a Malware.

Dropper: software that installs a Malware without being infectious itself.

Malware: any malicious software, eg: viruses, trojan horses, worms, etc.

Rootkit: a program (or combination of several programs) designed to take fundamental control (in Unix terms “root” access, in Windows terms “Administrator” access) of a computer system, without authorization by the system’s owners and legitimate managers.

SPAM: unsolicited junk e-mail.

Spamtrap: an e-mail address that is created not for communication, but rather to lure spam. In order to prevent legitimate email from being invited, the e-mail address will typically only be published in a location hidden from view such that an automated e-mail address harvester (used by spammers) can find the email address, but no sender would be encouraged to send messages to the email address for any legitimate purpose.

Spyware: software that is installed surreptitiously on a computer to intercept or take partial control over the user’s interaction with the computer, without the user’s informed consent.

Trojan: software which appears to perform a certain action but in fact performs another. Contrary to popular belief, this action, usually encoded in a hidden payload, may or may not be acutely malicious, but Trojan horses are notorious today for their use in the installation of backdoor programs.

Virus: computer program that can copy itself and infect a computer without permission or knowledge of the user. However, the term “virus” is commonly used, albeit erroneously, to refer to many different types of malware programs. The original virus may modify the copies, or the copies may modify themselves, as occurs in a metamorphic virus.

Worm: malicious programs that copy themselves from system to system, rather than infiltrating legitimate files.

Update 4-28-11: I plan to include a list of familiar names to go with the definition type in the near future as some malware names are not easily distinguishable