How Antivirus and Antispyware Work

Article (PSA-0004)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: How Antivirus and Antispyware Work
Original release date: July 18, 2017

Both antivirus and antispyware software monitor your computer for potential threats.
If your computer is connected to the internet, you should have a functioning, properly licensed and updated antivirus and antispyware program. At a minimum the software you choose should offer “real-time” scanning, as well as “scheduled” scanning functionality.

“Real Time” scanning allows the software to continually scan files as they are downloaded to your computer, and will notify you if the file(s) you receive contain malware.

“Scheduled” scanning allows the software to scan all the existing files (or selected files) on your computer hard disk in a systematic effort to locate existing files that “look like” a virus.

  • For those of you using Microsoft Windows 7, Microsoft offers a free anti-virus product called Microsoft Security Essentials in 32-bit and 64-bit versions. It can be used by home users and small businesses with up to 10 computers. See Microsoft Software License Terms for more information.
  • For those of you using Microsoft Windows 8 or higher, Windows Defender comes integrated with the operating system and provides antivirus and antispyware protection.
  • Both Microsoft Security Essentials and Windows Defender come at no additional cost – there’s nothing to buy, no subscriptions and no nagware – yeah I know, awesome!

Most antivirus and antispyware tools can identify suspicious software based on a list of known threats called “definitions.” Definitions should be updated automatically by the software and new updates should be provided when new threats are discovered.

Preventing Infection with Antivirus and Antispyware Software

Antivirus and antispyware software are basic tools that no home or business should be without.

In short, a single antivirus program, a single antispyware program and a single configured firewall is adequate. Installing more than one of any of these programs can generate a few notable issues. Let’s take a few moments to look at the biggest issues.

  1. Each program running on your computer is using some of your system memory (RAM). The more programs running, the more RAM is used. When there is no more RAM available, your computer will begin to use your hard disk as a “type” of RAM. Hard disk access is not as fast as RAM access, and when your system has to start using the hard disk as RAM it greatly degrades the performance of your entire system.
  2. Having more than one of these programs running on your system can result in a software conflict. If both programs are scanning your computer for “malicious activity” there is a high probability they will see each other as “malicious activity” causing a software conflict. This particular problem can be extremely frustrating and can lead to the next very challenging side effect.
  3. Files necessary to the other scanning program can often be identified as “malicious”, and will be quarantined (made inaccessible) or removed, leaving the program corrupted. Trying to repair a program in this condition can be problematic to say the least.
  4. Finally, maintaining the licensing and updates for your programs can be time consuming and expensive. I am a firm believer that “less is better”.

What to Do if You Suspect Infection

There is no guaranteed way to keep malware out. Installing and using antivirus and antispyware software, along with a healthy dose of “common sense” is a good start. But what does it look like when these tools fail? And what can you do about it?

The following may indicate your computer is infected with malware:

  • Lots of pop-up windows or unexpected messages on your screen
  • Unexpected toolbars appear in your web browser
  • New icons or programs appear on your computer
  • Your web browser home page changes or you are redirected unexpectedly to unknown websites
  • Your computer suddenly seems slow, freezes, or crashes during regular use

If you suspect infection, you should:

  • Download the most recent definitions for your antivirus and antispyware software
  • Run a full scan using both tools (this will usually be much more in-depth and will take longer than the regular monitoring scans)
  • Follow the software’s instructions to remove suspected malware

If removing malware this way doesn’t work, or if the malware returns when you reboot your computer, you should seek professional help from a qualified computer service provider. There are a few qualified local service providers, but PSA, LLC offers a “no-fix, no-pay” work guarantee – most shops do not. Call us at (707) 506-6228 for service.

Conclusion

No home or business should be without malware protection. Antivirus software, along with a firewall, coupled with a healthy dose of common sense are the key components to protecting your computers and networks from malware.

Security, Is More Better?

Article (PSA-0002)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Security, Is More Better?
Original release date: May 25, 2012

Is more protection really necessary? When is enough enough? Anti-virus, anti-spyware, anti-malware and firewalls, where does it all end?

First off, each case is different and depends on how the computer is used, and what the computer is used for. As a general rule of thumb, computer security can be broken up into two basic categories: “Online” and “Offline”.

Internet Connected Security Considerations:

1.) If your computer is connected to the internet, you should have a functioning, properly licensed and updated anti-virus program. At a minimum the anti-virus software you choose should offer “real time” scanning, as well as “scheduled” scanning functionality.

“Real Time” scanning allows the anti-virus program to continually scan files as they are downloaded to your computer, and will notify you if the file(s) you receive contain anything suspicious. This is “preventive protection”.

“Scheduled” scanning allows the anti-virus software to scan all the existing files (or selected files) on your computer hard disk in a systematic effort to locate existing files which may “look like” malware. This is “active protection”.

 
For those of you using a Windows operating system, Microsoft offers free antivirus protection.

  • For Windows 7 you can download and install Microsoft Security Essentials. Not only is this free for home users, but it can also be used, free of charge, for small businesses with up to 10 computers.
  • For Windows 8, RT, 8.1, RT 8.1 and Windows 10 the anti-malware software is built right in. It’s called Windows Defender.

 

2.) If your computer is connected to the internet, you should have a functioning, properly licensed and updated firewall. A firewall is software or hardware that checks information coming from the Internet or a network, and then either blocks it or allows it to pass through to your computer.

A firewall can help prevent hackers or malicious software (such as worms) from gaining access to your computer through a network or the Internet. A firewall can also help stop your computer from sending malicious software to other computers.

A “Software” firewall is installed directly on your computer. Microsoft operating systems have shipped with a software firewall built-in since the release of Windows XP service pack 2.

A “Hardware” firewall in most homes and small businesses will be your router. Routers provide protection to help prevent your computer from being “seen” from the Internet. With a hardware firewall there’s nothing to install on your computer.

There are “paid for” firewall products available, but I would recommend taking a close look at the built in firewall of the operating system you are currently using (if it offers one) before running out and purchasing the newest firewall product. For the majority of computer users the built in firewall is more than adequate.

Non-Internet Connected Security Considerations:

If your computer will not be connected to the internet, ever, then you are at liberty to relax your protection considerably, allowing more of your systems resources to be used on applications. However, there are still some very important considerations. If you will be using storage media containing files from other computers which are connected to the internet, then there is still the possibility of infection. If your computer will never be connected to the Internet, and you will never load files from another machine onto your computer, then you can bypass anti-virus security software all together. If your computer will be using files from another computer then you should have an anti-virus program installed.

Is More Protection Really Necessary?

In short, for a computer connected to the Internet, a single anti-virus program, a single configured firewall and a healthy dose of common sense is adequate. Installing more than one anti-virus program can generate a few notable issues. Let’s take a moment to look at the most critical of these issues.

(1) RAM Depletion. Each program running on your computer is using some of your system memory (RAM). The more programs running, the more RAM is used. When there is no more RAM available, your computer will begin to use your hard disk as a “type” of RAM. Hard disk access is not as fast as RAM access, and when your system has to start using the hard disk as RAM it greatly degrades the performance of your entire system.

(2) Software Conflicts. Having more than one anti-virus program running on your system may result in a software conflict. If both programs are scanning your computer for “viral activity” there is a high probability they will see each other as “viral activity”, causing a software conflict. This particular problem can be extremely frustrating and can lead to the next very challenging side effect.

(3) System Corruption. Files necessary to the other anti-virus program can often be identified as “malicious”, and will be quarantined (made inaccessible) or removed, leaving the anti-virus program corrupted. Trying to uninstall or repair a program in this state can be problematic.

(4) Unnecessary Complexity. Finally, maintaining the licensing and updates for your anti-virus programs can be time consuming and expensive.

Revisions

  • May 25, 2012: Initial Publication
  • May 24, 2016: Rewording For Better Clarity