CreditsLast Updated 2014-03
This Deepening looks at how participants can be active users of antivirus software for their devices, and how to make informed decisions around which to use and why. If you are not holding a multi-day training, prepare take-home instructions for what participants should do if their antivirus software identifies malware.
Leave a note anywhere on this page - look for the Hypothes.is toolbar in the upper right-hand corner.
Because of the time required for a full scan, trainers should consider assigning an evening “homework” task for participants, to carry out a virus scan of their computers after making sure they have updated antivirus installed in the classroom. Instruct them to quarantine any malware they find. Set aside time for a boot scan the following day for any devices with malware. If any participants have advanced malware issues, set aside time outside of the training to help them address it.
Do a survey of participants who have licensed, registered operating systems and updated antivirus software (this can include FOSS software):
- Those that do are welcome to use their antivirus software but may choose to use ClamWin or ClamXav.
- Those that do not should run ClamWin or ClamXav for the purposes of this exercise, depending on their operating system and requirements.
- Participants are not obligated to use ClamWin or ClamVax in the future ahead of the workshop, however emphasize that they should choose one antivirus program so they don’t conflict during active monitoring mode.
Distribute copies of ClamWin Portable (for Windows users) and ClamXav (for Mac Users), with updated virus definitions already downloaded.
The portable apps version of ClamWin (for Windows) does not have active monitoring mode, but it is also available as ClamWin Sentinel; ClamXav, which is a full app for OSX, has “sentinel” mode available, which is an active monitoring mode feature.
Instruct participants to open the program and explore its options. By clicking on Tools and Preferences, they should instruct the program to quarantine infected files so potentially important information isn’t lost during the first scan. If you have time, have them select a small folder on their computers for a practice scan during the training.
Security experts generally advise that users reinstall their operating system and applications after they confirm they have been infected, because it is increasingly hard for anti-virus applications to protect themselves once the operating system has been compromised. Although most users are unwilling to do this due to the time and hassle involved, put this forward as the best way to ensure their devices are safe after finding malware.
If at all possible, work with the host organization and the participants to identify a trusted individual with the skills assist them, if necessary.