Specialized Anti-Virus Software
I don’t need to proselytize over the importance of using anti-virus software or the need to update it on a regular basis. While your anti-virus software works tirelessly in the background, you surf the Net knowing you’re 100 percent protected. Or are you?
There are those in the security community who believe in the defense-in-depth approach to malware resistance. Multiple layers of defense build upon one another to lock out viruses, spyware and hackers. While most anti-virus software is fine for the majority of malware threats you will encounter, there are times when something a bit more specialized is warranted.
Here are several tools to help you get started:
- Stinger (vil.nai.com/vil/stinger/) can be implemented to cope with an already-infected system and detects and removes specific viruses. Using McAfee scan engine technology, including process scanning, Stinger also utilizes digitally signed DAT files and scan-performance optimizations. Stinger can recognize and remove 40 viruses, Trojans and variants. Users simply click a button to select the drives and folders they want to scan. Users also are able to select the action to be performed after a virus is detected: delete, prompt, quarantine or rename.
Figure 1: McAfee Stinger
- avast! Virus Cleaner (www.avast.com) is available free of charge from ALWIL Software. It is a specialized anti-virus tool that not only helps users remove selected viruses and worms from their systems, but also makes repairs to the system registry, startup folder and more if necessary. It also deactivates viruses present in the system’s memory. Avast! Virus Cleaner can detect the following: MyDoom and Beagle/Bagle, Badtrans, Bugbear (including B variant), Nimda, Opas (or Opasoft, Opaserv), Sircam, Sobig (including B, C and D variants) and Yaha (or Lentin).
- Panda Quick Remover (www.pandasoftware.com/download/utilities/) from anti-virus giant Panda Software, lives up to its name by automatically repairing and restoring your system and registry configuration after detecting any of the following common viruses and worms: Badtrans, Vote, Sircam, Anna Kournikova, Help, Kak Worm, Navidad, Shell Scrap, Klez, Nimda, Funlove, Cool Notepad, I Love You, Matrix, Pretty Park and Verona.
Figure 2: Panda Quick Remover
- A-squared (a2) (www.emsisoft.com/en/software/free/) by Emsi Software GmbH is a complement to the anti-virus software and desktop firewalls of computers running Microsoft Windows. Unlike specialized anti-virus products that detect only classic viruses or those that incompletely guard against other malware like Trojans, dialers, worms and spyware, a2 covers these effectively.
It’s important to remember that anti-virus software should be installed and updated when the computer is initially configured. Subsequently, the anti-virus software should be updated regularly with new virus definitions. If your vendor provides an automated update feature, be sure to configure it to do so on a weekly basis at a minimum. If your vendor provides e-mail alerts whenever a new virus is discovered in the wild, be sure you’re signed up. While Macintosh and Linux viruses have been few and far between, you should nevertheless be sure to install and update anti-virus software for these machines to prevent spreading Windows viruses to users of that operating system.
Douglas Schweitzer, A+, Network+, i-Net+, CIW, is an Internet security specialist and the author of “Securing the Network From Malicious Code” and “Incident Response: Computer Forensics Toolkit.” He can be reached at firstname.lastname@example.org.