Anti-Virus Protection

Software | Strategies | Hoaxes | Fixing Issues | Evaluating Solutions

You must have a current antivirus software running on your computer.

You cannot have complete security without protecting yourself from computer viruses. The latest releases are very destructive and it is often difficult to repair the damage they cause.

Ensure your protection is always current. You have no excuse for not running anti-virus software because some vendors offer free versions of their programs for personal use.

Anti-Virus Software

While you can purchase anti-virus packages in retail stores, these sites offer software at reduced rates, 24-hour access, instant updates, and on-line technical support.

Recommended Anti-Virus Solutions

ZoneAlarm Security Suites - Maximum Security, Minimum Effort

Other Anti-Virus Solutions

These may be excellent anti-virus solutions, but I have not tested them recently. Most require a great deal of your system resources (mainly RAM) to run and many disable ZoneAlarm, my recommended firewall. More about evaluating solutions.

About Norton Anti-Virus

Norton Antivirus became known for the huge impact on the system resources and very long scan times — issues since corrected in recent versions.

Norton also had an issue with ZoneAlarm, my recommended firewall solution, and insisted on uninstalling it. Visit the Symantec's Message Board for more information about running Norton with ZoneAlarm.

Return to top

Strategies and Information

Viruses have been characterized as "a game of cat and mouse" between the vendors that produce the anti-virus software and those programmers that play on the dark side by creating annoying (and often destructive) "bugs" that attack your computer.

These threats are now much more dangerous and can have serious implications for your personal privacy as well as for your finances.

Blended Threats

More recently, these attacks have become multifaceted (blended threats) requiring more than one form of security software, and even that may not protect you in the case of at least one form of worm: the Storm Worm. AVG's exploit (malware) threat videos show how a blended threat can expose you even on websites you'd think were safe.

Zero-day Exploits & Fake Warnings

Zero-day exploits are those that take advantage of weaknesses in software that have either not been patched by the vendor or the vendor is unaware of them. Frequent updates of Adobe Flash and other software are an attempt to keep up with these issues.

Fake Security Warnings

Watch for fake security warnings — results from a security scan on a site other than valid antivirus vendors. Suddenly having dozens or hundreds of infected files is unlikely unless you have been running without security protection for some time. Knowing how your security software actually warns you of threats is critical if you want to avoid these nasty infections. You don't want to provide them with your credit card any more than you would a street-corner hoodlum.

Phishing Attempts

Never follow links in an email to to sites requiring login information — especially those threatening to close your account and requesting your user name and password. Instead, type the correct address directly into your browser to visit the real site. Report the message to your financial institution and delete the message and attachments unopened. More….

Current Alert Listings

You can find current alert listings on the AVG, McAfee and Norton websites. You can also subscribe to the McAfee Dispatch which broadcasts such warnings.

If you think you might have triggered a virus on your computer view the screen shots of several virus infections.

Prevent the Spread of Viruses

There are several things you can do to prevent the spread of viruses to your computer and disks:

Look for more detailed information in the following sections.

Purchase and Use Current Anti-Virus Software

Avoid Contamination From Foreign Flash Drives, etc.

Rein in Your Curiosity

Social engineering can be used to increase our vulnerability to spreading viruses. The human element of curiosity is a significant risk factor—one that no antivirus program is going to protect you from.

A search on the Web for a particular piece of software or warning should give you more information than you need to make an informed decision. Problematic software generally shows up in such a search. In the case of risky software, you don't want to be the first kid on your block to try it.

Use Email Wisely — Particularly When Formwarding Information

Today it is too easy to forward information to everyone at the touch of a button.

Instead, take a moment and decide if you'd forward the item if you had to retype it or photocopy it, then pay to snail-mail it to all the folks you're intending to send it to. In most cases this isn't true.

The following are additional areas where care needs to be taken when either responding or sending a message. If you've had to change your email address because of the amount of junk you're receiving, pay special attention: this is why!

Do Not Report Infected Messages to the "Sender"

Virtually all infected messages (as well as spam) have forged headers (false address information). The "sender" listed in the message is almost certainly not the one that transmitted the message. Please don't waste Internet bandwidth telling a person that they have sent an infected message.

Use BCC:

Use BCC: (blind carbon copy) when sending messages to groups rather than revealing a list of related addresses to everyone the message goes to.

Use an "Opt-In" Approach When Forwarding Mail

Be kind and don't assume that everyone wants to get the cute jokes and other material that floods your mailbox. Many people have significant amounts of legitimate email to deal with and such messages are usually unwelcome. Ask people before placing them on your list. This is known as an opt-in list (as opposed to the opt-out that spammers favour).

Turn Off and Remove Unneeded Services

Prepare For Recovery

Be Aware of Weaknesses Within Your Software

Notes about Microsoft Update

Windows is more vulnerable to viruses because it is poorly designed from a security perspective. It is widely distributed and the sophistication of the average user is not very high (Microsoft made Windows to be "easy" not secure). Why bother writing a virus for a rarely-used operating system where the knowledge level of the average user is more sophisticated?

JPEG Vulnerability

There is a Windows vulnerability for JPEG images (GDI+) that can be exploited to infect your system like any other virus. This infection requires only that the person view the image. Even the simple process of loading a website with an infected JPEG is enough for you to be infected if you haven't correctly patched this vulnerability.

There is more information on the Microsoft website about the affected Microsoft products and how to patch them. The most effective method to protect yourself is to run Windows Update and install all the High Priority (Critical) updates and to run Office Update.

Return to top

Hoaxes

Most Email Warnings Are Illegitimate

You've received a message from a friend that suggests you forward it to everyone in your address book. What do you do?

Don't forward it. Delete the message!

It doesn't matter what the content is. Any request to forward information to everyone is highly suspect when it is sent to a group of people. Other's don't like junk in their In Box any more than you do.

99.9% of these are hoaxes or some other form of malware. I suggest you stop and take a closer look at the message before taking any action. I am appalled at how often people repeatedly forward these things without checking them out.

Hoaxes are Social "Viruses"

Hoaxes are social viruses that take advantage of our compassionate nature. Features like the following should trigger you to investigate further:

Avoid Spreading Ignorance

Begin with a simple Internet search for unique specifics in the message. This will give you information to test the legitimacy of any message.

Other Hoax Information Sites

You might also wish to check out:

Return to top

Fixing Issues with Anti-Virus Software

Fixing Issues with AVG

I've deployed AVG on dozens of systems and have found it to be an effective protection, particularly for the home user with a limited budget — but nowhere near as effective as ZoneAlarm Internet Security Suite (about $30 per year for up to 3 computers).

Be Sure to Run the Current Version

Be sure you are running AVG version 2012 (released September 1, 2011):

If you're having difficulties with your AVG and are running the most current version, have a look at the potential solutions below.

Be Sure You're Getting the Right Product

Hint: read all the screens carefully so that you get to the correct download page. Upgrades with a price indicated are not free (nor is TrialPay — you're required to purchase other products to get your "free" product). See my Recommended Windows Software for more information and direct download options.

Experiencing Problems with AVG?

If you're having problems with your AVG Free, have a look at the AVG FAQ. There are tabs with the following options:

The AVG Technical FAQ lists some more technical issues and their solutions. There are both general categories as well as items specific to certain versions. Although help is provided for earlier versions, you should always be running the most current version.

You can also look for help on the AVG Free Forum.

PocoMail & Barca with AVG

If you're using PocoMail or Barca with AVG, there is a potential problem with allowing AVG to certify incoming and outgoing email. This is easy to fix:

  1. Open the AVG User Interface by double-clicking on the icon.
  2. Click on the Tools menu and select Advanced Settings.
  3. From the Advanced AVG Settings window that appears, click on Email Scanner from the menu on the left.
  4. Uncheck Certify email under Check incoming email (and outgoing, if it is selected).
  5. Click OK to save your settings.

I tend to do this with all AVG installations because the certification means nothing to the recipient. You can't trust the sender for security — you have to take care of it for yourself.

Save Backups of Installation Software & Licenses

If you do purchase your software on-line, be sure to save a copy of the installation file(s) (preferably on removable media) so you can reinstall it if you need to repair it or suffer a catastrophic loss of your operating system.

ISP-Provided Packages

Many ISPs (particularly those offering broadband services) now include anti-virus protection either included as a part of their regular services or for a fee. Some ISPs activate it automatically, but most require some action on your part. This can be an excellent first line of defense, backed up by an installed anti-virus program (since not all viruses are spread by email).

However, many of the packages provided by ISPs to install on your computer (such as Shaw Secure) are very intensive users of system resources and are not necessarily the best products available. Try my recommended solutions instead, particularly if you're a home user where some excellent free options are available to you.

Return to top

Evaluating Antivirus Solutions

Assessing Antivirus Solutions

You can do a search for the various sites that evaluate antivirus and other security products. Be sure to include your specific needs into the evaluation process.

Consider Other Related Risks

Antivirus protection can no longer be considered a stand-alone issue. There are other security issues tied in with virus protection including privacy (malware and spyware), identity protection, parental control, security issues with instant messenger (IM) software and firewall protection.

Compatibility of Products

If you buy individual products, ensure that they are compatible with each other. If you buy multiple packages or suites, ensure that they are not going to overwhelm the available resources on your computer—in particular, RAM (memory) and available disk space. Many current packages are very large and not all play nicely with other security software.

For example, newer versions of Norton Antivirus is now a suite, with a built-in firewall that insists on uninstalling other firewalls (including my recommendation, ZoneAlarm). While this protects you from running multiple firewall products (they can conflict and deny you the protection you think you're getting) it doesn't provide for an option for turning off the Norton firewall without receiving continuous warnings from the Norton software.

Unnecessary Components

If you don't run Instant Messenger (IM) software, you don't need to run protection against the dangers posed by IM software (provided you've uninstalled or disabled the built-in MSN Messenger software). Be sure any product containing that protection has the option to disable any such unnecessary feature, saving you some resources where not required.

This assumes that you are aware of the risks of disabling components. Microsoft enables the Windows firewall by default and checks for the presence of a current antivirus solution — unfortunately necessary as many people simply don't add protection and fail to ensure it is updated frequently. Think of it as driving without car insurance when that unfortunate moment occurs when its needed.

Return to top

More About Related Issues

Protecting Your Online Identity

The following related pages offer more information about protecting your online identity:

Securing Your Computer

The following related pages offer more information about securing your computer:

Return to top

www.RussHarvey.bc.ca/resources/antivirus.html
Updated: November 10, 2011