Anti-Virus Protection
Current Alerts - Strategies & Information - Hoaxes - Anti-Virus Software
Evaluating Antivirus Solutions
You must have a current antivirus software running on your computer. You cannot have complete security without protecting yourself from computer viruses. The latest releases are very destructive and it is often difficult to repair the damage they cause.
Ensure your protection is always current. Some vendors offer free versions of their programs for personal use—you have no excuse for not running antivirus software.
Current Alerts
Current Alert Listings
You can find current alert listings on the AVG, McAfee and Norton websites. You can also subscribe to the McAfee Dispatch which broadcasts such warnings.
You can view the screen shots of several virus infections if you think you might have triggered a virus on your computer.
JPEG Vulnerability
There is a Windows vulnerability for JPEG images (GDI+) that can be exploited to infect your system like any other virus. This infection requires only that the person view the image. Even the simple process of loading a Website with an infected JPEG is enough for you to be infected if you haven't correctly patched this vulnerability.
There is more information on the Microsoft Website about the affected Microsoft products and how to patch them. The most effective method to protect yourself is to run Windows Update and install all the High Priority (Critical) updates and to run Office Update if you have Office 2000 or later installed.
Strategies and Information
Viruses are a game of cat and mouse between the vendors that produce the anti-virus software and those programmers that play on the dark side by creating annoying (and often destructive) bugs on your computer.
More recently, these attacks have become multifaceted (blended threats). You require more than one form of security software, and even that may not protect you in the case of at least one form of worm: the Storm Worm. AVG's exploit (malware) threat videos show how a blended threat can expose you even on websites you'd think were safe.
Preventing the Spread of Viruses
There are several things you can do to prevent the spread of viruses to your computer and disks:
Update Your Windows Software
Windows is more vulnerable to viruses both because it is poorly built to deal with security and because it is so common that it becomes a target. Why bother writing a virus for a rarely-used operating system where the knowledge level of the average user is more sophisticated?
- Ensure that Windows Updates (Microsoft Update) is set to automatic.
- It is a good idea to check manually for updates from time-to-time as this will allow you to view additional non-critical updates and ensure that automatic updates are being installed correctly.
- Always install service packs. I've had issues with installing Vista Service Pack 1 on Vista Basic on systems with low resources—another reason to avoid Vista Basic.
Purchase and Use Current Anti-Virus Software
- Regularly download and install the updates (at least once a week on when using dial-up Internet access or automatically when using an "always on" connection such as cable or ADSL).
- Even with automatic updates, it is a good idea to check manually for updates. While automatic updating programs keep up with the new virus definitions, they usually will not download and install program updates automatically (unattended) since the installation requires restarting Windows.
- Upgrade when your vendor no longer offers updates.
- I strongly recommend that you consider a complete new version rather than a subscription renewal for older software. This will give you get better protection since the renewal doesn't update the base engine of the antivirus program.
Avoid Contamination
- Always check re-writable media (USB drives, CDRW, floppy disks etc.) that have been used on someone else's machine. Write-protect floppies whenever possible.
- AutoRun is a convenient method of automatically launching programs when a CD or USB drive, etc. is installed. However, this can be used by malicious programs to infect your computer. You may wish to considerdisabling AutoRun (Microsoft documentation) to avoid Memory stick worms.
- Download files into a standard directory then run your anti-virus program before you use them.
- Do not use pirated software. Use only legitimate software coming from trusted sources.
- Do not respond to pop-up warnings about infections on websites you visit. Most are scams that will likely infect your computer and leave with a false sense of security. Chose from brand-name vendors.
- Do not allow unauthorized access to your computer. This includes well-meaning friends or relatives who may be more knowledgeable than you about computers, but are often adding software that increases your vulnerability.
- Use strong passwords that include a variety of characters (mixed-case letters and number and character, where permitted) rather than recognizable words. Passwords should be varied and changed regularly.
- Use a software firewall like ZoneAlarm which, when configured properly, will stop Internet access to virus and other malicious programs provided you don't automatically give permission for every program requesting such access. A hardware firewall will not stop outbound activity.
- Have clearly defined rules about computer usage for your children. Limited-access accounts are recommended.
Rein in Your Curiosity
Social engineering can be used to increase our vulnerability to spreading viruses. The human element of curiosity is a significant risk factor—one that no antivirus program is going to protect you from.
- Hoaxes are just one form of deceptions that takes advantage of this trait.
- The ILoveYou virus exploited the human desire to be loved to get people to open an infected message.
- People usually trust a "free" CD that comes in the mail.
A search on the Web for a particular piece of software or warning should give you more information than you need to make an informed decision. Problematic software generally shows up in such a search. In the case of risky software, you don't want to be the first kid on your block to try it.
Do Not Report Infected Messages to the "Sender"
Virtually all infected messages (as well as spam) have forged headers. The "sender" listed in the message is almost certainly not the one that transmitted the message. Please don't waste Internet bandwidth telling a person that they have sent an infected message.
Use BCC:
Use BCC: (blind carbon copy) when sending messages to groups rather than revealing a list of related addresses to everyone the message goes to.
- Many e-mail programs harvest all the incoming addresses into their e-mail address book.
- Many virus worms automatically spread by sending infected e-mails to everyone through the address book listings (without warning the infected computer's owner).
- You have no control of the message once it is sent. Forwarding mail with all the addresses intact is an invitation to spammers.
Use an "Opt-In" Approach
Be kind and don't assume that everyone wants to get the cute jokes and other material that floods your mailbox. Many people have significant amounts of e-mail. Ask people before placing them on your list. This is known as an opt-in list (as opposed to the opt-out that spammers favour).
Turn Off and Remove Unneeded Services
- Many services installed are not necessary for the average user but provides additional vulnerable points for virus infection (blended threats).
- Home users with Windows XP do not normally need Windows Messenger Service. This is not MSN Messenger and will not affect the operation of any other messaging service. Gibson Research Corporation offers tools to disable Windows Messenger Service.
- Most users do not need server capability or telnet.
- If uninstalled, you do not need to maintain the patches for vulnerabilities for these services.
- Removal may also help your computer run faster since these services require memory (RAM) resources while running.
Prepare For Recovery
- Maintain regular backups of your computer, especially critical data. It is better to be over-prepared than regret your laxness later.
- Keep current copies of key system files on diskette or other removable media.
- Follow a regular backup strategy.
Be Aware of Weaknesses Within Your Software
- Maintain the current updates for your operating system. It is particularly important for Windows users to install Critical Updates using Windows Update on the Microsoft Website.
- Do not install patches e-mailed to you. These are usually harmful.
- Turn off Active-X in the Internet Explorer Options section or ask to be prompted before it is loaded. Active-X gives the author the ability to do anything you can do on your computer (including introducing a virus) without asking you first. Java is safer because it doesn't have this permission.
- Do not select "Use Word as your e-mail editor" in Microsoft Outlook.
- Enable Microsoft Word macro protection. This was the gateway for the Melissa virus.
- There are better and safer e-mail programs than Outlook Express. Be sure the program you choose doesn't use Internet Explorer components to view HTML (enhanced) messages or you will be subject to IE's vulnerabilities when viewing these messages.
- Don't use MSN Messenger, I'd suggest uninstalling it.
- Parents: allowing your children to run MSN Messenger can place your data at risk!
- If any user runs MSN Messenger, this program runs when the computer starts, making it a vulnerability to all users on the same computer, even if they're not logged on.
- Recent versions of Yahoo! Messenger can communicate with MSN Messenger and other instant messenger programs and is much safer to use because it isn't integrated as tightly with Windows.
Hoaxes
Most Warnings Are Illegitimate
You've received a message that suggests you forward it to everyone in your address book. What do you do?
Don't forward it. Delete the message!
It doesn't matter what the content is. Any request to forward information to everyone is highly suspect when it is sent to a group of people. Other's don't like junk in their In Box any more than you do.
99.9% of these are hoaxes or some other form of malware. I suggest you stop and take a closer look at the message before taking any action. (I am appalled at how often people repeatedly forward these things without checking them out.)
Hoaxes are Social "Viruses"
Hoaxes are social viruses that take advantage of our compassionate nature. Features like the following should trigger you to investigate further:
- Any request to forward the message to everyone in your address book almost certainly a hoax.
- Hoaxes use emotional rather than factual approaches to lure you in.
- Hoaxes depend on our concern for our computers (such as "virus" warnings) or greed (chain letters that pay big dividends) or compassion for others (such as saving a sick child).
- Many cite "authority" sources, most of which never issue such warnings. If in doubt, check the authority's website for confirmation.
Avoid Spreading Ignorance
Begin with a simple Internet search for unique specifics in the message. This will give you information to test the legitimacy of any message.
- Do not forward e-mail "warnings". Most are false.
- Check for accurate virus information from antivirus vendors such as McAfee, Norton or F-Secure.
- Learn more about Hoaxes & Hypes from IBM's Antivirus Research.
Other Hoax Information Sites
You might also wish to check out:
- Snopes.com Rumour Has It has an extensive categorized listing of urban legends and rumours.
- HoaxBusters which maintains a site dedicated to the various on-line scams and hoaxes that don't necessarily relate to virus activities.
- The Identity Theft Resource Center has many useful resources, including a listing of specific scam warnings.
- TruthOrFiction.com lists rumours, inspirational stories, virus warnings, humorous tales, pleas for help, urban legends, prayer requests and calls to action with details about their truth or fiction.
- How to Spot Virus Hoaxes a Mile Off - Bogus warnings can hurt more than real viruses. PC World Magazine tells you how to detect them.
- Cyber-Museum of Scams and Frauds lists various financial schemes promoted by e-mail and other means.
Anti-Virus Software
You can purchase several anti-virus packages in retail stores. These sites offer software at reduced rates, 24-hour access, updates, and on-line technical support.
Recommended Solutions - Other Solutions - About Norton
AVG-Specific Issues - Evaluating Antivirus Solutions
Recommend Anti-Virus Solutions
- I'd recommend ZoneAlarm Antivirus (Kaspersky).
• Get ZoneAlarm Internet Security Suite (complete security) for only $20 more. - Kaspersky Anti-Virus is very highly rated.
- AVG Free Personal Edition provides excellent basic protection for home users with light requirements for free and automatically scans upon the initial boot each day.
- AVG Professional Edition provides more complete coverage and the ability to schedule your anti-virus scan. There are separate versions for networks and servers.
Other Anti-Virus Solutions
Many of these are excellent anti-virus solutions, but either have not been recently tested by me or require a great deal of your system resources (mainly RAM) to run or disable my recommended firewall, ZoneAlarm). More about evaluating solutions.
- Panda Cloud Antivirus is free alternative with a very minimal footprint. The video is very informative and entertaining.
- Microsoft Security Essentials is free but requires that you run the Microsoft Genuine check to validate your Windows installation. I have not tested this solution on my computers.
- Windows Defender for Windows XP (it is included with Vista/Windows 7).
- McAfee Anti-Virus.
- Panda Anti-Virus.
- Sophos Anti-Virus.
- AntiVir PersonalEdition Premium. FreeAntiVir PersonalEdition Classic.
- avast! 4 Professional. Free avast! 4 Home Edition. Non-profit & government discounts are available.
- CA Anti-Virus from Computer Associates.
- Command AntiVirus (formerly F-Prot).
About Norton Anti-Virus
Norton Antivirus became known for the huge impact on the system resources and very long scan times — issues corrected in recent versions.
Norton also had an issue with ZoneAlarm, my recommended firewall solution, and insisted on uninstalling it. Visit the Symantec's Message Board for more information about running Norton with ZoneAlarm.
Fixing Issues with AVG
I've deployed AVG on dozens of systems and have found it to be an effective protection, particularly for the home user with a budget.
If you're having difficulties with your AVG, have a look at the potential solutions below.
Update to AVG Version 9
Be sure you're using AVG version 9 (version 8.5 is obsolete):
- AVG 7 or 8 Professional Edition users can get a free upgrade (you'll need your current license number).
- Non-commercial home users can update to the free basic protection, although the licensed software provides added security.
Be Sure You're Getting the Right Product
Hint: read all the screens carefully so that you get to the correct download page. Upgrades with a price indicated are not free (nor is TrialPay — you're required to purchase other products to get your "free" product). See my Recommended Windows Software for more information and direct download options.
Experiencing Problems with AVG?
If you're having problems with AVG, have a look at the AVG FAQ or these update issues:
PocoMail & Barca with AVG
If you're using PocoMail or Barca with AVG, there is a potential problem with allowing AVG to certify incoming and outgoing e-mail. This is easy to fix:
- Open the AVG User Interface by double-clicking on the icon.
- Click on the Tools menu and select Advanced Settings.
- From the Advanced AVG Settings window that appears, click on E-mail Scanner from the menu on the left.
- Uncheck Certify e-mail under Check incoming e-mail (and outgoing, if it is selected).
- Click OK to save your settings.
Save Backups of Installation Software & Licenses
If you do purchase your software on-line, be sure to save a copy of the installation file(s) (preferably on removable media) so you can reinstall it if you need to repair it or suffer a catastrophic loss of your operating system.
ISP-Provided Packages
Many ISPs (particularly those offering broadband services) now include anti-virus protection either included as a part of their regular services or for a fee. Some ISPs activate it automatically, but most require some action on your part. This can be an excellent first line of defense, backed up by an installed anti-virus program (since not all viruses are spread by e-mail).
However, many of the packages provided by ISPs to install on your computer (such as Shaw Secure) are very intensive users of system resources and are not necessarily the best products available. Try my recommended solutions instead, particularly if you're a home user where some excellent free options are available to you.
Evaluating Antivirus Solutions
Assessing Antivirus Solutions
You can do a search for the various sites that evaluate antivirus and other security products. Be sure to include your specific needs into the evaluation process.
Consider Other Related Risks
Antivirus protection can no longer be considered a stand-alone issue. There are other security issues tied in with virus protection including privacy (malware and spyware),identity protection, parental control, security issues with instant messenger (IM) software and firewall protection.
Compatibility of Products
If you buy individual products, ensure that they are compatible with each other. If you buy multiple packages or suites, ensure that they are not going to overwhelm the available resources on your computer—in particular, RAM (memory) and available disk space. Many current packages are very large and not all play nicely with other security software.
For example, the 2007 version of Norton Antivirus is now a suite, with a built-in firewall that insists on uninstalling other firewalls (including my recommendation, ZoneAlarm). While this protects you from running multiple firewall products (they can conflict and deny you the protection you think you're getting) it doesn't provide for an option for turning off the Norton firewall without receiving continuous warnings from the Norton software.
Unnecessary Components
If you don't run Instand Messagner (IM) software, you don't need to run protection against the dangers posed by IM software (provided you've uninstalled or disabled the built-in MSN Messenger software). Be sure any product containing that protection has the option to disable any such unnecessary feature, saving you some resources where not required.
This assumes that you are aware of the risks of disabling components. Microsoft enables the Windows firewall by default and checks for the presence of a current antivirus solution — unfortunately necessary as many people simply don't add protection and fail to ensure it is updated frequently. Think of it as driving without car insurance when that unfortunate moment occurs when its needed.
More About Related Issues
Protecting Your Online Identity
The following related pages offer more information about protecting your online identity:
- Passwords and Encryption — Protecting Your Electronic Signature
- Avoiding Spam — Unsolicited E-mails and Mailing Lists
- Phishing — Obtaining Information by Deceit
- Proper E-mail Address Etiquette — Using To:, CC: & BCC: Correctly
Securing Your Computer
The following related pages offer more information about securing your computer:
- Security Basics — Preventing Unauthorized Access
- Firewalls — Your First Line of Defense
- ZoneAlarm Security — Recommended Firewall Products
- Your Privacy At Risk — Spyware Detection & Removal
- Passwords and Encryption — Protecting Your Electronic Signature
- Web Security — Vulnerabilities in Internet Software
- Windows Security — Vulnerabilities in Windows
www.RussHarvey.bc.ca/resources/antivirus.html
Updated: July 23, 2010
