Malware Defense Tools

The anti-malware page has specific recommendations for each category of defense software. On another page, I listed, on another site, the defense software that I use for my own computers.

The short list of malicious computer code includes adware, spyware, Trojans, hijackers, dialers, network worms and keyloggers, in addition to viruses and email worms. Antivirus programs only do a good job with viruses and email worms. Only firewalls block most network worms. And what about spyware, Trojans and all the rest?

Specialty software has emerged to take on those other strains of malware. The purpose of anti-spyware and anti-Trojan software is obvious. Broad spectrum programs like Spybot Search and Destroy and PestPatrol take on everything except viruses and some worms.

Defense arsenal (in order of importance)

Firewalls:: Scope: They all block most hacker tools and network worms. A few block some malware. Most block outgoing data from spyware that is already resident. (However, the average user doesn't know what to block, so lets it through.)
Antispyware:: Original scope: Remove adware and spyware (not viruses though). Current scope varies, but tends to be broad -- spyware, Trojans, network and email worms, spyware, etc., but not viruses. Some anti-spyware programs are able to block spyware too.
Antivirus:: Scope: Blocks viruses and email worms. There is a trend to extend antivirus programs to spyware, Trojans, worms, spyware, etc. In general, they don't do a comprehensive job with those other categories though.
Anti-Trojan:: Scope: Their focus is on Trojans, but protection tends to be broad -- spyware, Trojans, network and email worms, spyware, etc., but not viruses. Some intrusion prevention is usually included
Intrusion Prevention Software:: Scope: These programs block most kinds of viruses, worms and other malware by looking for the typical behavior of these attacks. They are not a replacement for firewalls, antivirus, anti-trojan and other defensive software though. They do not remove infections that were already present.

Conclusion: There's overlap, but none of these tools are equally effective in all areas. You need a firewall, antivirus and antispyware for basic to strong defense. Add anti-Trojan and intrusion prevention for robust defense.

"Step 4" recommends specific programs to install. The "recommended software" page has descriptions of those and other programs that I think are among the best.

All kinds of snake oil salesman and scam artist have emerged to take advantage of the malware flood. The list of bogus anti-spyware programs is a long one. Stay away from unknown protective programs, no matter how attractive they appear.

Using anti-malware software

Anti-malware programs rely on "signatures" -- much like antivirus programs -- and "heuristics" to detect pests and vermin. Heuristics means looking for behaviors that give away the presence of malware. The behavior could be in code that is actually running, or code patterns in files. The signatures must be kept up to date or the anti-malware will soon be obsolete.

Anti-malware programs work in one or both of two modes. When something is detected it can be removed automatically, or give you a choice of what to do.

"Scan" mode, where the program goes through your computer "with a fine tooth comb" looking for malware.
Real time monitoring, used to detect if anything bad is running, or coming in from the Internet.

To remove or not to remove...

You may find it quite confusing to use anti-malware programs at first. They are somewhat arcane and complex. They also trigger false alarms. You need to know how connections and data transfers work on the Internet to fully understand them. Don't let those factors stop you though.

False alarms: You don't want to remove things blindly, only to find that something that you use is gone. Don't panic: take it one step at a time. Be sure you've backed up at least your documents and data. Good anti-malware programs do backup of what they remove, but it's not something to rely on. Use the program's Help file. Get advice at the "Malware/Spyware Removal" page. Get someone to help if you need to.