CHAPTER 3.

0:
Security Troubleshooting
And Solutions
 3.2 Prepare Protection Against
Malicious Software

3.2.1 Identify Malicious Software Protection Program

3.2.2 Identify Signature Files Updates
COURSE LEARNING OUTCOME:

CLO 1: Explain common threats and attacks using various tools and
techniques for secured environment in organization.
( C3, PLO 2 )

CLO 2: Perform personal skills with proposed documentation in

troubleshooting and solving on security issues.
( A2, PLO 7 )
3.2.1 Identify Malicious Software
Protection Program
Definition - Malicious software
• When the performance of our hardware begins to behave unusually, our
default reaction is to think that it’s a virus. Though a virus is always a
possibility, it might be a specific type of infection known as malware.
• Malicious software, malware refer to any software designed to cause damage
and brings harm to a single computer, server, or computer network and gain
access to sensitive information.
• Software is identified as malware based on its intended use, rather than a
particular technique or technology used to build it.
• Malware can be in the form of worms, viruses, Trojans, spyware, adware and
rootkits, etc., which steal protected data, delete documents or
add software not approved by a user.
Potential attack techniques used by malware

• Spyware - malware used for the purpose of secretly gathering data on an unsuspecting user, spies on the
data being send and received with the purpose of sending that information to a third party. Example ,
a keylogger, it is specific kind of spyware that records all the keystrokes a user makes -great for stealing
passwords.
• Rootkit - a program or, more often, a collection of software tools that gives a threat actor remote access to
and control over a computer or other system. It's a kit of tools that (generally illicitly) gain root
access (administrator-level control, in Unix terms) over the target system, and use that power to hide their
presence.
• Adware - malware that forces your browser to redirect to web advertisements, which often themselves
seek to download further, even more malicious software.
• Ransomware - malware that encrypts your hard drive's files and demands a payment, usually in Bitcoin, in
exchange for the decryption key. Without the decryption key, it's mathematically impossible for victims to
regain access to their files.
Malicious Software Protection Program
• One of the preventive measures against popular malware is only use Trusted Antivirus
and Malware Software.
• Do a research and read reviews because not all antivirus programs are equal. A program
might be good at catching some malware, but not more sophisticated attacks.
• A good malware software protection program would be able to detect any malware hiding
in your computer and notify you with an alert.
• Antivirus software like Norton, Kaspersky, Comodo, AVG, Avast, and Webroot may cost
just a bit more than self-described “free antivirus” applications, yet all have a longstanding
tradition for being effective and recognizing security threats.
• Investing in high quality antivirus software is a small price to pay compared to the harmful
hijacking or cryptojacking that could occur on your personal devices.
Malicious Software Protection Program – latest 2021
Malicious Software Protection Program
 Features of Best Malware Removal Software of 2021
These are the features that take into consideration for rate the best malware removal software:
• Malware removal and protection - measured how well the program was able to recover a computer
system after a malware infection, and how quickly and effectively each threat was removed with and
low CPU load.
• Additional features - all of the tools worked exactly as advertised such as threat prevention tools like
Wi-Fi scanning, a virtual private network (VPN), a password manager, and dark web monitoring.
• Ease of use - the products are intuitive and user-friendly for all types of users,  make malware removal
not a complicated process.
• Customer support -  come with a high-quality support according to how much information and help
they provided as soon as possible when the users face a problem with the malware removal tool.
• Value - the quality of protection offered by each program matches the price. A malware removal
software that provides a good amount of cybersecurity features for the price, as well as helpful add-ons
like free trials, money-back guarantees, or first-time discounts are much recommended.

Sources : https://www.safetydetectives.com/blog/best-malware-removal-software
Norton 360
 It uses advanced machine learning, heuristic
scanning, and a massive malware database to
detect and remove even the most sophisticated
malware.
 During the test, Norton’s real-time protection
detected and blocked 100% of the test malware
downloaded to the PC.
 When turned off Norton’s real-time protection and
downloaded those same files onto the hard drive,
Norton’s full system scan detected and fully
removed every single malicious file — the scan took
around 40 minutes to complete, and it didn’t slow
down the computer at all.
 Bitdefender
 It has a fast, cloud-based malware scanner which keeps
devices 100% protected without affecting CPU
performance. 
 Bitdefender caught and removed all of the
malicious files downloaded — and because
Bitdefender offloads scanning to the cloud, it’s
able to perform virus scans faster than most
competitors, and with very little CPU load.
 In addition to standard features like a
 User able to stream HD video, play high
firewall and web protection,
Bitdefender also has advanced tools performance games on my PC, and run Adobe
like ransomware protection and Photoshop with zero interruption while
remediation, USB scanning, a secure Bitdefender was performing a full disk scan.
browser for online finances
McAfee
 McAfee Total Protection’s anti-malware engine
utilizes artificial intelligence and machine learning -
it detected and removed every single piece of
malware during the testing.
 Minor drawback, the system lagging a bit after
downloaded McAfee. And McAfee’s full system scan
significantly slowed down the computer’s speed but
it has a wide range of well-designed features that
make up for this slowdown
 However it has an excellent mobile protections – a
real-time scanning, web protection, parental
controls, and anti-theft for Android and iOS in a
single easy-to-use app.
TotalAV
 TotalAV is simple, easy to use, and provides some
of the most comprehensive malware removal and
protection around.
 The top-tier plans offer a cloud-based scanning
option — the cloud scanner detected and removed
99% of the malware on the system, and it barely
slowed the computer down during scans.
 Extra features offers by TotalAV - Web attack
prevention, Performance optimization tools, VPN,
Password manager, Identity theft protection
(additional purchase).
Avira
 Avira has a strong, fast, lightweight, and free
malware scanner — it’s offered with no restrictions
in Avira’s free package.
 Avira’s scanner is just as good as Norton or
McAfee’s scanner, completely removing all
malware, it detected every single piece of malware
before user could install it on the computer. Avira’s
free plan even has ransomware protection.
 Avira’s Safe Shopping browser extension is one of
the online privacy tools where it blocks trackers,
invasive advertisements, and phishing sites which
can steal your data.
Malwarebytes
 Malwarebytes provides premium anti-malware scanning
and removal, with new features of anti-phishing
protection and a VPN.

Intego
 Intego’s macOS malware removal software provides
significant improvements over macOS’s built-in anti-
malware protections.
 Intego’s firewall automatically adjusts protections based
on your network activity, and the file backup tool
provides great options for custom folders, syncing across
multiple drives, and scheduling automatic backups.
5 Best Malware Removal + Protection Software [2021]: Top Anti-
Malware Tools

• 1. Norton — Best malware removal and overall protection in 2021.

• 2. Bitdefender — Full anti-malware software (very fast scans).
• 3. McAfee — Excellent scanner for total malware + virus removal.  
• 4. TotalAV — Fast and easy-to-use anti-malware program with good PC optimization.
• 5. Avira — Best free malware removal software (with free security protections).

Source :
https://www.safetydetectives.com/blog/best-malware-removal-software/
3.2.2 Identify Signature Files Updates
 SIGNATURES FILE UPDATES
 Signature files or definitions are an important part of how antivirus and antimalware
software works.
 These files contain information about different viruses and malware, which is used by the
software to detect, clean, and remove detected threats.
 Antivirus software performs frequent virus signature, or definition, updates. These updates
are necessary for the software to detect and remove new viruses.
 New viruses are being created and released almost daily, which forces antivirus software
to need frequent updates.
 If you haven’t updated these files, then your antivirus software isn’t nearly as effective.
 SIGNATURES FILE UPDATES
 For example, in Windows Defender, these files are automatically updated as part of the Windows
Update process. By clicking on the Update tab, you can see the last time antivirus and antispyware
definitions were downloaded by your system
 Also known as a virus definition file, virus signature file is a file used in cybersecurity solutions,
including antivirus software, that contains the digital identities of known viruses. Viruses
themselves are programs; they are just malicious programs with the ability to self-replicate and
spread.
Example: Signature File Updates