What are viruses and spyware and what can I do about them?

PART 1: VIRUSES

A computer virus is an unwanted program that invades your computer and, usually, results in problems which can range from a slowdown to making your computer unusable and irretrieveable destroying all files on your hard drive.

How does my computer get a virus?

Back in the early days of computer viruses (viri?), before the internet and networks, viruses were spread by diskettes (aka floppy disks or floppies). Early anti-virus programs scanned all diskettes when you put them into the computer, and notified you whenever a virus was found, so that you would not copy that file, or files, onto your computer.

With the advent of the internet, blackhat hackers (not all hackers are bad) found a better way to spread their nasty creations by using email attachments. Although viruses can be still be spread from computer to computer via floppies (rarely now), flash-drives, and CDs that you receive or create, this is not as common as email attachments..

Spyware is software that collects personal information without your knowledge or permission.  Some spyware is fairly innocuous, but some are downright nasty.  An example of relatively innocuous spyware are cookies for a website that track what you view from the website and then use this information to present ads aimed at your interests. These are cookies that do not leave your computer. On the other extreme is spyware that can hijack your intern Home page so that whenever you start up your internet browser you see their website instead of your Home page.  (Munky.com is a common offender).  This can be very annoying and downright frustrating.

One source of spyware is when you go to an internet website.  Some websites try to install spyware as soon as you enter their site, and do not notify you about it.  This is reprehensible. Game and free music download websites are notorious for installing spyware on computers.

Spyware is also often installed when you download “free” programs from the internet.  Usually, eliminating the spyware does not pose any problems, but be aware that some free programs will not run without their spyware.  If you uninstall spyware and find that your free program will not run, anti-spyware software allows you to re-install that spyware if you wish.  You just have to decide if the “free” software is worth the price of admission (the spyware).

Beware of spyware posing as antispyware! If you see an ad suddenly pop up on your computer telling you that you computer is infected...but if you just click the button it can be fixed, this is spyware posing as antispyware. If you click the button, and then decide to not buy the program, the spyware installs on your computer and you get continuous popup ads telling telling you about your "infected" computer, and so forth. It won't go away unless you buy their program (which is generally useless as an antispyware program), or reformat your hard drive (then reinstalling Windows, all of your programs and data - which will take several hours or more of your time), or hire a PC troubleshooter to get rid of the infestation. Another word for this is extortion!

If your computer does not have an internet connection, then spyware should not be a problem.

PART 3: HOW CAN I KEEP MALWARE OUT OF MY COMPUTER

Since there is less and less distinction between viruses and spyware, the term malware has come into use as an inclusive term. There are 3 basic components of a good anti-malware program.

1. An antivirus component.
2. An antispyware component
3. A 2-way firewall

You can get these separately, if you want to pick and choose the best of each. However, an integrated internet security suite often loads faster and is less likely to noticeably slow down your computer.

Several internet providers ISPs have free internet security suites available as part of their service.  However, they are not automatically installed on your computer.  Go to your ISP’s website and follow the instructions for downloading and installing their anti-spyware program. Note, however, that internet security suites provided free by ISPs are usually not the pick of the litter, although they are better than nothing.

Real-time vs on-demand. Some anti-malware software run full-time on your computer, in the background. These are called real-time applications. Other anti-malware programs only scan when you tell them to do so. These are called on-demand applications.

Real-time applications attempt to immediately identify malware when it enters your computer and to remove it before it can install itself or do any damage. Kaspersky Internet Security has been consistently better in testing than any freeware programs and almost all other propietary (paid) programs. Bit Defender is another security suite that has been getting top results.

On-demand applications are useful for finding malware that has already infected your computer - sort of like taking antibiotics after you have an illness.

Real-time anti-malware applications offer the best protection, but are never 100% effective (it's a war out there) and on-demand applications can be used to find and remove malware that your real-time applications may have missed. Because even the best internet security suites are not 100% effective, on-demand antimalware applications can help. Malwarebytes Free (www.malwarebytes.org) is a free on-demand anti-malware application that seem to work very well at catching what falls through the cracks.

Keep your definitions updated

Anti-malware software publishers spend a lot of time researching malware and keeping up on the latest variants. They publish updated "definitions" frequently. If you don't keep your malware definitions updated, the programs cannot protect you against the newest variants. Most anti-malware programs come with a 1 year subscription to their updating service. Where things fall apart is when users get too cheap to renew the subscription, or don't bother to register their program. Without registering and having a current subscription, anti-malware programs cannot download the newest definitions, and cease to protect your computer.

Although backing up your data is an important security step, your CD or other media containing you backed-up data may have malware files on it and restoring your data after a particularly nasty virus trashes your computer, just puts the virus back on your computer. So pay a few bucks and make sure your anti-malware subscription is current.

When it comes time to renew your anti-virus program's subscription, if you shop carefully. Some clients have told me that they wait until a rebate is available and then buy the newest version of the software - complete with a 1-year subscription - for less than the cost of the annual subscription fee, after rebates. Keep your eyes and ears open.

PART 4: INTERNET SECURITY SUITES FOR BETTER PERFORMANCE

For the best protection I strongly recommend integrated internet security suites rather than separate antivirus, antispyware and firewall programs. Among other things, computer response is was noticeably quicker. I suspect this is because there is only one program running in the background instead of three. Also, integrated suites usually also provide additional features such as spam filters that integrate with Outlook, Windows Mail, Windows Live Mail, and Outlook Express.

Using separate antivirus and antispyware programs, along with a good 2-way firewall, used to provide the best internet security protection. Internet Security Suites that combined all three types of protection were convenient, but tended to be doggy and noticeably slowed down your computer. Also their antispyware modules were not all that good. Most newer suites are much faster and virtually unnoticed when running. Norton Internet Security seems to almost always be at or very near the top of lab tests, with Bit Defender and Kaspersky also up there but not quite as consistently.

My current preferred recommendation is Kaspersky Internet Security. Although Norton (Symantec) and Kaspersky Internet Security are often at the top of testing, I have recently become seriously disappointed with Norton software because it aggressively tries to get users to install the Norton Toolbar which replaces your search engine with ASK, which I (and most of my clients) consider to be a PUP (Potentially Unwanted Software) that they do not want on their computer. Because of the affiliation with ASK, I can no longer recommend Norton Internet Security or 360 with a good conscience.