An essential requirement for any computer that has
access to the Internet today is the use of anti-malware software.
Attackers are constantly creating new methods and techniques to infect
your system with malicious software (malware).
Years ago, malware was
less focused. It would sometimes wait until a specific day and pop up a
relatively harmless message like "Legalize Marijuana." Other malware
would delete data or corrupt the hard drive. However, malware is much
more focused today. Attackers want money and data.
Most malware today has the
specific goal of gaining information about you or your organization. The
information about you may be used to steal your identity, impersonate
you, or hack into your online bank accounts. The number of people who
have lost money from Internet-based attacks continues to grow. Other
times, corporate or governmental espionage is used to gain secrets.
Malware is commonly used to exploit weaknesses and unpatched
vulnerabilities in systems.
Anti-spyware
Anti-spyware software
is intended to protect against spyware. Spyware is software that can
install itself or run on your computer without your knowledge or
consent. It often is used to monitor your online activities, collect
personally identifiable information, and report this back to the
attacker.
Antivirus
Antivirus software
is intended to protect against viruses, worms, Trojan horses, rootkits,
and other malware. Many current antivirus software products also
protect against spyware.
Malware is identified
through definitions. Each piece of malware has a specific signature
similar to a fingerprint that can be used to identify it using
anti-malware software. Just as it's important to keep systems up to
date, it's also important to keep anti-malware definitions up to date.
1. Windows Defender
Windows Defender
is built into Windows 7 and is designed to protect against spyware.
It's configured to run automatically in the background and protect the
system against spyware. You can launch Windows Defender by clicking Start, typing Defender in the Start Search box, and pressing Enter.
Windows Defender provides two types of protection:
Real-time protection
Windows Defender alerts
you when spyware attempts to install itself or run on your computer
without your consent. It also alerts you when programs attempt to change
important settings.
Scanning protection
You can launch
Windows Defender at any time to perform an on-demand scan to check your
system for spyware. It is also configured to scan your system
automatically on a regular basis.
When scanning the computer
you can do a quick scan, a custom scan, or a full scan. A quick scan
scans the most likely places on your hard disk where spyware is likely
to be found. A custom scan allows you to pick which drives and folders
you want to scan. A full scan checks all files on the hard drive and all
currently running programs. Not only does a full scan take longer, but
it can also affect the performance of the system as it is running.
Figure 1
shows the options for Windows Defender. You can access this page by
clicking Tools on the toolbar and selecting Options in the Tools And
Settings page. Notice that Automatically Scan My Computer (Recommended)
is checked. This enables Windows Defender.
Check For Updated Definitions Before Scanning is also checked by default. This ensures that Windows Defender is kept up to date.
2. Third-Party Anti-malware Software
Most companies purchase
third-party antivirus or anti-malware software. Two of the major
companies that sell third-party antivirus software are McAfee and
Symantec.
Both of these companies
sell corporate editions of the software that can be centrally managed
from a server. This server can deploy the software to the clients,
verify that scans are being run regularly, and keep the software up to
date with current definitions.
Windows 7 verifies
that antivirus software is installed, running, and up to date. If
antivirus software that meets all of these conditions isn't detected,
the Action Center will report it as a discrepancy.
