The Complete Guide To Antivirus Software
There’s no shortage of scary stuff popping up regularly in the media to capture our attention. Antibiotic-resistant bacteria, chatter about massive asteroid impacts as early as the year 2032, theories of the super-volcano under Yellowstone erupting, bee colonies collapsing, biodiversity loss, global warming, weapons of mass destruction, corruption and more all seem to be ticking time bombs.
There’s another concern that should be higher on the list and so few people take the time to consider – our reliance on computers and the internet.
Our reliance on the internet has created cyberterrorism vulnerabilities on a global scale. While most cyber attacks have a much smaller impact and tend to be localized, or their risk minimized before they can spread, there are others that pose a larger threat.
A single well-constructed computer virus could wreak havoc on food and drug production, public transit, environmental controls in factories, safety controls in power plants, national security, and the economy. In the last years’ cyber attacks on businesses, including those involving a computer virus, have doubled.
But it’s not just businesses at risk.
According to the Microsoft Security Intelligence Reports and Consumer Reports, 16 million households have experienced a serious virus problem in the past two years.
- 8 million households had spyware active in the last 6 months
- 1 million households lost money or had financial accounts compromised from malware and phishing attacks
- 32% of the world’s computers are infected with some type of malware
- The estimated financial impact to households by viruses is $4.55 billion
The virus with the most expensive impact was MyDoom. In 2004, the MyDoom virus rapidly infected computers across open networks and impacted roughly 25% of all emails and resulted in damages totaling some $38 billion. There were others that followed which led to significant costs and damages:
- So Big – $37.1 billion
- ILOVEYOUE – $15 billion
- Conficker – $9.1 billion
- Code Red – $2 billion
- Melissa – $1.2 billion
- SirCam – $1 billion
- SQL Slammer – $750 million
- Nimda – $635 million
- Sasser – $500 million
Viruses are coded in various forms and they don’t just infect computers by way of opening an infected email attachment. To understand how easily your computer can become infected, and how to combat the issue, it’s important to first know what kind of viruses exist.
Defining a Computer Virus – What Types Exist
A computer virus is type of malware (malicious software) designed to be a nuisance (at a minimum) or to cause damage to some extent. There are other types of malware but a computer virus is unique from other forms because aside from being coded to be destructive in nature they’re also self-replicating. Like a real-life virus, this software is capable of copying themselves across files, networks, and computers without consent.
Simply put: they’re incredibly contagious.
Not every piece of software that attacks a computer is a virus. Self-replicating viruses are just one type of malware. Others, capable of causing damage and evens stealing information, are also common among PC users. This can include:
Trojans: This malware hides, pretending to be legitimate software (or comes embedded in normally safe software) and once active on a system it becomes a doorway for other software/malware to infect your computer.
Spyware: This includes any software designed to silently spy on a user while collecting data. The goal is typically to gather sensitive personal data like usernames and passwords, social security numbers, credit card information, and more.
Worms: Worms target entire networks, sometimes doing damage as they travel. Unlike a virus that replicates itself, worms instead move from PC to PC.
Adware: Adware is more of a nuisance form of malware than doing any significant damaged to a system. This kind of infection forces ads and can hijack browsers to display specific content. In some cases, adware is coded to open up security vulnerabilities for other malware to infect the system.
Ransomware: This malware infects the machine and locks the system down through encryption, making it impossible to access files. Once locked down the user is faced with paying a ransom in order to receive the key that unlocks the encryption. Unfortunately, in many cases the hijackers don’t provide a working decryption key and instead disappear once the ransom is paid.
But then we get into some of the more commonly known viruses…
Resident Virus: These live in RAM (memory) and lead to corruption of the file system, interfering with the normal performance of your PC.
Multipartite: These viruses infect executables as well as the boot sector and perform silent, unauthorized actions in the background
Direct Action: This type of virus attacks very specific types of files, or specific files, while aiming to replicate itself across. On the upside, they don’t typically destroy or damage the host file(s).
Overwrite: An overwrite virus takes over the content of a file and overwrites it, destroying the original data. The only way to get rid of this type of virus is to completely (permanently) delete the infected files.
Web Scripts: This type of virus is encountered online usually through hijacked links that drive the user to a specific page where malicious code downloads and often executes a virus.
Directory Viruses: This type will change the file path once infection takes place. As the virus takes hold you may have difficulty locating the files and folders for specific programs, and in some cases, programs may stop working altogether.
Polymorphic: This type of virus is coded with encryption that makes it change every time it infects a new system. Not only do these replicate like other viruses but their ability to morph can make it difficult for antivirus software to locate and quarantine.
How Do Computer Viruses Spread?
The initial infection, where the virus infects your computer, happens one of three ways:
- Through removable media inserted into a device (memory cards, USB sticks, floppy disk)
- From downloads on the internet (P2P file sharing, downloaded app extensions, clicking malicious ads/links)
- From opening infected email attachments
After that initial infection they can spread and infect other files as well as other systems sharing the same network.
What is Antivirus Software
Computer viruses may be devastatingly harmful to individual users and businesses, but there are ways to protect yourself. Countless companies have developed software to counter malware and protect PCs around the world.
Antivirus software is a piece of software designed specifically for the purpose of blocking viruses and other malware from infecting a computer and compromising data. Beyond detection and intrusion prevention, the best antivirus programs are able to safely quarantine and remove a virus.
How Does Antivirus Software Work
Computer viruses tend to be carefully written so they’re hidden and undetectable by the user. This allows them to execute their programming in the background while continuing to replicate. While it may be impossible for the average user to detect these invasive programs, your antivirus software knows the red flags to look for indicating a potential threat and it acts accordingly.
This is accomplished when a few different features work together.
Antivirus software typically uses two methods of scanning. The first, reactive scanning, occurs anytime you try to run a program or file that has never been run before. The scan checks for any match to known malware. If any red flags are spotted, then the program is halted, and the user is given a warning of a potential threat with options to quarantine and deal with the virus.
If the scan completes without any issue, then the program opens normally.
Reactive scanning takes place in the background, so you’ll never know it’s running unless there’s an issue with a file or program.
In addition to scanning new files being run, a good antivirus program typically includes active scanning of browsers and web-based activity (typically inbound activity.) This allows your antivirus software to block malicious Java scripts or ActiveX scripts you might encounter online.
The other scanning method is an active and complete full system scan. These scans cover every file, shadow, and corner of your system looking for potential threats. Most antivirus software allows you to schedule full system scans at regular intervals along with the ability to manually trigger a full system scan with the click of a button.
New viruses are released on a daily basis, and it’s surprisingly high. According to one report from Symantec, programmers and data thieves often work faster than companies can defend themselves. Symantec found that more than 317 million new pieces of malware were released during 2014 alone.
That’s close to a million new threats per day.
How Does Your Antivirus Software Keep Up?
Thanks to always-on broadband connections your AV software is able to automatically update. The software routinely connects to a massive database containing a list of all known malware. Behind the scenes, the developers of your AV software work diligently to log threats making regular updates to their database. As new viruses are discovered and logged, your software is updated so it knows what how to identify new threats.
But your software isn’t limited by the malware database. A good antivirus platform is also capable of heuristic analysis. This allows your software to compare the activity of your programs to a known list of malware behaviors. If a file you’re trying to run behaves like a piece of malware your antivirus software can flag it for quarantine and notify you – even if it’s found in the malware database.
The only downside to this approach is that some programs which are completely safe do behave similarly to malware which can trigger a false positive.
Malware and Virus Removal
The ability to effectively remove malware is an indicator of quality AV software. Unfortunately, many developers in the industry see detection and remove as separate things. This means that anti-malware and antivirus software is sometimes sold in separate bundles – one for detection/prevention and another for removal.
That separation is most commonly seen in free antivirus tools, where the scan and detection is given for free but an upgrade to a paid professional version is necessary to unlock virus removal.
Types of Antivirus Software
This is where it’s important to understand that not all antivirus software is created equal. For example, virtually every new computer comes with a free trial or a basic subscription to a major antivirus program like Norton or Kaspersky.
Some cable providers, like Comcast, even provide free and discounted subscriptions to well-known antivirus programs.
Before putting your complete trust into a piece of software make sure you understand the features and functionality to ensure it provides the right kind of protection.
Free Anti-Malware Protection
There’s no shortage of free programs available to help protect your PC and your information. These free anti-malware tools are available online and typically have a solid reputation for protecting and identifying threats. The most popular brands, like Windows Defender, Avast, AVG, and Bitdefender are frequently updated and highly effective at identifying threats and preventing infection from even the most currently released malware threats.
The downside is the free version of these tools may have feature limitations, such as the aforementioned requirement to subscribe or purchase a full version in order to remove threats.
Other free platforms may offer a comprehensive suite, with all features unlocked including removal, but only during a trial period. Once the trial expires, you’ll have to upgrade to a paid subscription or purchase the full suite in order to maintain protection.
Comprehensive Paid Antivirus Protection
The paid antivirus platforms tend to be the most beneficial for individual users and it’s what you should consider if you want the best protection. Not only will these software suites include all the necessary malware detection and removal, they often include active web monitoring, malicious URL monitoring, antispam filters, fill shredders, data backups, vulnerability scans, phishing protection and more.
Standalone Email Protection
Software integrations and plugins are available that provide supplemental protection. These can be ideal if your spam filters aren’t adequately capturing and filtering our spam, including unwanted emails with potential harmful links and attachments. Quality email protection not only scanned all incoming email for threats but it ensures that no viruses have attached themselves to outbound emails.
Email filtering and protection is commonly bundled with the comprehensive premium antivirus packages but there are some standalone email protection tools available for free
Browser Protection Tools
You don’t have to go to a malicious website in order to be targeted by phishing scams online. Sometimes a perfectly legit site could be the target of code injection that puts your security at risk. That’s why it’s a good idea to use security extensions that offer additional protection online. Like email protection, this is a feature commonly bundled with antivirus software suites but countless toolbars are available for free that can grant extra protection – a good investment if you’re working with an older browser containing known security vulnerabilities.
Mobile is an entirely different technology from desktop computers and your mobile devices need their own form of protection, especially if you frequently use your phone and/or tablet for handling personal matters and tending to finances.
- Scanning apps and games in real-time
- The ability to lock down and encrypt apps containing sensitive information/data
- Encrypting photos
- Scanning connected networks for potential threats and more
How to Choose The Right Antivirus Software
All the variable features available with different antivirus software can make it difficult to ensure that you have the right level of protection for your device. There’s no shortage of free antivirus software and for most people a free AV option is probably just fine.
At least, if you’re fairly safe when you’re surfing the web. That means you’re not constantly surfing and downloading from unknown or untrusted sites, not sharing files, and not randomly clicking on links in every email you receive.
If you’re vigilant with your online activity a free tool to help monitor activity and regularly scan for threats might be enough.
Those with more varied activity including file sharing, streaming, gaming, and doing business on the web should likely invest in a more comprehensive solution. Here’s what to look for when choosing antivirus software:
Get software suites – look for bundles that include all the features you need. A comprehensive antivirus suite will include key features like:
- File shredding
- Online protection
- Email protection
- Active/reactive scanning
- Automatic updates
- Multiuser/multidevice support
- Reputation based protection
- Behavior based protection
- Virus removal
- Parental controls
- Backup and restore options
Check the resource use – The more your software does, the more resources it will need to use in order to function even if it’s running in the background. This might cause a problem for older machines with limited memory. Don’t get antivirus software with more features than you need unless you’re certain your computer can handle the load. Check for information on resource usage when comparing antivirus programs.
Know the types of software – Remember that anti-malware is not antivirus software. Anti-malware can help with dealing with the problem after an infection, but anti-malware software doesn’t really prevent infections from a virus.
Get a free trial – If antivirus software comes with a free trial, then take advantage of that. This is the best way to test the system load and bundled features to see if it provides everything you need without bogging down your computer.
Don’t stress over the firewall – Don’t let the inclusion or lack of a firewall feature be a deciding factor, especially if you have a newer computer. The built-in firewall bundled with Windows is just as good as anything you’ll find bundled with your antivirus software.
Check detection rates – You want software that actually works as intended, so choose software that has been tested and has a higher detection rate. Independent labs like AV-TEST and AV-Comparatives provide monthly testing to help consumers understand the quality and performance of various antivirus software.
Commercial and peer reviews – It’s always a good idea to check software reviews. While they shouldn’t be the sole deciding factor, reviews posted by peers as well as established, trusted organizations (Like BestOnlineReviews) can help you find the pros and cons of different software suites while weighing the features of top programs in side-by-side comparisons.
Software Isn’t Enough – How to Keep Your System Safe
Even with highly-rated antivirus software you still need to take careful steps and be smart about how you use your computer on the web. You’ll dramatically reduce the odds of getting a computer virus by following some general safety tips:
- Don’t click on a link unless you’re absolutely certain what’s on the other side
- Don’t open email attachments unless you know with 100% accuracy what the attachment contains
- Never trust any indicator telling you that your PC is infected, especially from a web notification. Only trust notifications from your antivirus software
- Never enable macros in Microsoft Office, especially if a warning, email, or attachment tries to direct you to do so
- Only download files from trusted sources
- If you’re not sure what a file is, don’t run it
- Never plug in removable media like a USB drive unless you own it and know what it contains
- Only install trusted, peer-reviewed browser extensions
With our reliance on the internet and always-on connectivity, the danger of a computer virus is very real. There’s simply too much risk to operate a PC without any kind of antivirus software. The best way to protect yourself is to find the best antivirus software suites, compare features, and test them to find what works best for your computer and other devices. Once installed, take a careful and steadfast approach in protecting your hardware and data from infection. Security software alone won’t keep you safe – the second-best protection from a computer virus is sound judgment and strong internet savvy.