My clients come to me with a variety of problems. One of the most common of these is that of malware infection. ‘Malware’ is a fairly broad term which describes any software that makes its way onto your system and performs functions without your knowledge or consent. Some the most common symptoms are sluggish performance, especially on the Internet, problems with your Internet connection, pop-up windows appearing on your screen, sometimes occurring even when you’re not using your web browser and other performance-related issues. If not dealt with, these problems can render your machine frustratingly slow or even unusable.

There are many types of malware, some harmless, some very harmful. Often, these systems have many severe infections by the time I see them and in such cases, the process of removing them can be complex and arduous. But if you install and regularly use the kinds of software mentioned in this article, your calls to a professional like me to resolve problems such as these should be rare, indeed.

My object, in writing this article, is to introduce you to some of the basic concepts related to malware and to help you understand what to do about it. I’ll also include links to some excellent, free tools and utilities with which to combat malware and, if you choose, to better educate yourself on the subject.

Before going on, I want to make clear that this is not intended to be a definitive article on this subject nor does it deal with or address all of the security needs of a computer system or network. It IS, however, intended to provide you with the tools and concepts necessary to setup effective, basic protection against the most common kinds of threats, for your system. There are other hazards to computer and Internet use and there are other products designed to deal with them. Please don’t treat this as the last word on the subject; it is meant, rather, to be the first word …

Viruses are the oldest kind of malware. Originally, viruses were devised by hackers to see if they could write programs that would penetrate remote computers and networks and then reproduce themselves in those systems. Many of them were relatively harmless or minor nuisances. It wasn’t long, however, before more virulent forms of virus were released that did things like covering the screen with random characters or even erasing your hard drive. You can find out more about viruses by reading this Wikipedia article or this CERT article on the subject.

New viruses are being written every day. Take my word for it; somewhere in Peoria, Illinois or St. Petersburg, Russia, or somewhere in the world, someone is writing a virus that will appear on the the Internet in the next day or so. As if this date (1/1/2009), Symantec’s virus definition feed reports the presence of over 2,820,860 virus threats for Windows and that number is growing daily.

Many reputable anti-virus products have been developed to seek out and eradicate viruses from your computer; several are excellent and free to individuals for personal use. The best, in my opinion, is AVG Free, which can be downloaded by clicking on the name.

Adware is another, more recent kind of malware. Adware can take the form of advertising-supported software that displays advertisements while you are using the software. Many online games and other products function in this way. Adware can also take the form of software which runs in the background, often without your even knowing it, that automatically plays, displays, or downloads advertisements to your computer. In addition, adware often collects information about you in order to display advertisements in your browser based on the information it collects from you.

You may, of course, accept such software and as long as you use it knowing that it’s there and approving of the functions it performs. There are some who really like a particular game that comes with adware; users sometimes choose to play a free, adware-sponsored version of a game or program rather than pay for an ad-ware free one. The choice is, of course, yours. But you should be aware of what is going on and should keep in mind that:

a) information on your Internet activities, and sometimes other computer activities, is being collected by the software and being sent to someone to be used by them and

b) this sort of software often opens channels and creates vulnerabilities that allow other kinds of adware and some other kinds of malware to access your system. This generally results in an accumulation of malware that slow down your computer

In my opinion, you should avoid all adware. If you choose to use software that incorporates adware or other sponsored content, you should do it very selectively, knowing who is collecting the information, what information is being collected and how it is being used. This information can often be found in the End User License Agreement (EULA), the Information Policy or Privacy Policy of the software’s vendor or publisher. There are several excellent programs that will ferret out and eradicate adware; a number of them are free. The best, in my opinion, is Ad Aware, which can be downloaded by clicking on the name.

Spyware is yet another hazard of having your computer connected to the Internet. Spyware is much like adware in that it often gathers information about you and your computer usage and relays it to the publisher, sponsor or other interested parties. Unlike adware, spyware generally does not display advertisements or other content. Like the other kinds of malware discussed here, new threats are being generated on a daily basis. The last time I looked (1/1/09), SpyBot performed searches for almost 300,000 known spyware threats. A number of very good anti-spyware programs are available and can be downloaded from sites like www.download.com. Here’s a link to their anti-spyware software list. My favorite is SpyBot Search & Destroy; click on the name to go to a download page.

Some General Notes – If you’ve read this far, you no doubt recognize that the kinds of malware we have discussed here have a number of similarities:

• they make their way onto your system or network without your knowledge,
• they perform actions deleterious to your system’s efficiency or functionality
• they often allow or create avenues for other malware
• new threats are being generated regularly or even constantly

These commonalities mean that your strategy for dealing with them will also share several common principles. For example:

• Since this software is stealthy, with new threats appearing every day, you must assume that your computer is at risk as long as it is connected to any network (including the Internet).
• Since new threats are constantly emerging, the people that develop anti-malware software are constantly updating their utilities to keep up with the new threats. Anti-malware programs will work well for you, but they can only remove threats they know about. Therefore, you must keep your anti-malware software up-to-date by updating the definitions files for these programs.
• You must see that these utilities are run regularly, since they cannot perform their functions if they are not run.

Protect yourself – Free – You can give your system effective protection at little or no cost, using the free offerings I’ve mentioned. For some years, now, I’ve considered the following to be an adequate basic malware protection regime:

AVG Free – This excellent, free program will, if properly setup, update itself daily and run itself daily. I’ve installed it on well over 200 of my clients’ systems over the last 6 years, or so, and I believe I’ve had only one report of a virus infection on a system running AVG and that was resolved in less than an hour with an update. The installation wizard will automatically choose prudent, effective settings for the program (though you can adjust them to suit your needs).
SpyBot Search & Destroy - SpyBot is another excellent, free offering. It can be setup to update itself and to run itself automatically, though its setup wizard does not help you do this during installation. To access the update and scan schedulers, open the program, pull down the ‘Mode’ menu and choose ‘Advanced Mode’. Click on the ‘Settings’ button, then on ‘Scheduler’. There’s a very good step-by-step tutorial here.
Ad Aware – Ad Aware is another, excellent, free program; it does a great job of removing adware from your system. The free version of Ad Aware has no automatic scheduler; you must update it and run it manually. This should not be considered a big deal, however, as it takes only 15-30 minutes to update and run the program.

If You Can Afford It – if you can afford the paid versions of these products, or if you are business or organization, I strongly urge you to purchase the paid versions of these products for a number of reasons. For one, the paid versions include advanced capabilities, automatic scheduling and other features that justify their cost. For another, it’s awesome that these companies or organizations make these products available to you and if anyone deserves your hard-earned dollars, they do. And in the case of businesses and organizations, you’re on your honor to do so. In the case of SpyBot, for example, no price is charged at all, though a donation is asked for. Pretty enlightened, if you ask me … vote with your dollars.

A Final Word – Again, bear in mind that these are some basic protective tools that will help you avoid some of the more common Internet-related hazards. It is my hope that this will result in more pleasant, trouble-free computer and Internet use. Best Wishes to You and Yours.