A computer program written by a bratty child or a terrorist whose
intent is both vandalism and spreading automatically to other computers.
In a Nutshell
Viruses will never hurt you if you follow these
four simple rules:
- Don’t use Microsoft Internet Explorer. Use some other browser such as Opera.
- Don’t use Microsoft Outlook or Outlook Express. Use some
other email program such
- Never open email attachments.
- Never put a floppy in your machine that someone else gave you,
unless it was shrink wrapped.
Boot track viruses
infect your hard disk when you accidentally boot while an infected
floppy is inserted. My launder
utility will kill any boot virus on a floppy, even ones that
have not been written yet. My BootSave
utility will restore your hard disk boot track that has been
infected. However, you must inoculate your disk (make a copy of the
intact boot track) by using it before you get infected.
piggy back on exe files. They arrive most commonly as email
attachments or on floppy. Sometimes even files you download from
websites are infected. They cause no damage until you execute the
corresponding file. You can do a directory list safely. You can
insert an infected floppy safely (subject to my earlier warning
about the sneaky boot track viruses). Norton Antivirus or the McAfee
Virus Scan will check all the files on a floppy, all incoming email
and all your hard disk files against a weekly updated list of known
viruses. The trouble is the kids make them up by the thousands and
this technique is defenseless against a brand new virus. Never
execute a file that arrives by email, even if it comes from a
friend. These are most often infected.
These are the most dangerous of all because you can pick them up
just browsing the Internet. Turn off ActiveX and only turn it on
when dealing with a site you are absolutely sure is trustworthy.
Turn off the autodownload feature as well. The CometCursor virus is
the world’s first commercial virus that spreads itself by this
technique. It does no harm other than make your cursor look like
Nelson Mandela’s head, but it installs itself without your
permission. It is very hard to kill once you are infected.
Worms manage to spread without actually attaching themselves to
executable files. They typically use the Swiss cheese security in
Microsoft Outlook to spread themselves by sending email to everyone
in the address book. This can cause a chain reaction than can shut
down the mail system, even of those who have solid virus protection.
Well-known people just get swamped by incoming garbage emails.
A virus that just puts up some silly message but does no damage.
is a virus that just does damage, but makes no special attempt to
spread itself. It may masquerade as a silly game, but will erase
everything on your hard disk.
There are no known Java viruses, that piggyback on class or jar
files, though in theory they are possible. The Applet security
system makes it impossible for virus to infect your system via Java
Applets you run in your browser. However, their is one called Reveton.N
that exploits a hole int the Applet security. The security hole it
exploits is still present in JDK (Java Development Kit) 1.7.0_17.
There are some lesser viruses which can hide inside Microsoft word
documents in the form of autorun macros.
DNS (Domain Name Service)
Some Estonians came up with a clever idea for a virus that has
infected about 50% of business machines. It
inserts a fake
server. So when you go to your bank, it takes you instead to a fake
bank site, where you give your credentials. If your
stops working on 2012-07-09. That is when
FBI (Federal Bureau of Investigation)
takes down servers designed to keep infected machines running.
Stuxnet was a very sophisticated virus, presumably created by
combined efforts of the American and Israeli governments to sabotage
the Iranian nuclear fuel concentration lab. It used multiple
OS (Operating System)
vulnerabilities, costing about $100,000
each on the black market. It worked by sabotaging the software that
controlled centrifuges to make them spin so fast they damaged
themselves. The assumption is
USB (Universal Serial Bus)
flash drives containing the software were dropped near the facility.
Some idiot put one into a secure computer looking for pornographic
pictures. If the Iranians had known what was coming, they could have
protected themselves by putting the programming for the centrifuge
ROM (Read Only Memory)
which could not be tampered with using viruses. To create such a virus
the authors had to know what sort of computers and operating system
the Iranians were using. They also needed the operating manuals for
the centrifuge controllers.
The Americans exploited detailed information of the Iranian
equipment. In a similar way, the Chinese can exploit their extremely
detailed knowledge of US weapons systems, since they are the ones who
do so much of the manufacture.
- Don’t open or run any email enclosures except *.gif,
PDF (Portable Document Format),
HTML (Hypertext Markup Language)
COM (Component Object Model),
OCX (Object linking and embedding (OLE) Control extension)
are the most dangerous.
- Avoid putting floppies or
flash drives from outside your shop into any of your machines. If
you must, scan them with a virus checker first.
- Run a nightly virus scan such as Norton Antivirus or Windows
Security Essentials (free) using freshly updated virus
definitions. The most dangerous and plentiful virsus are the
brand new ones.
- Don’t surf the web with Internet Explorer unless you disable
- Don’t install software unless it comes from a reputable
source. Avoid installing any software you don’t absolutely
- Make sure your Internet connection goes through a firewall.
- Don’t let people use any of your machines who you
can’t trust to follow these rules.
- If you become infected, get help quickly from someone who knows
what to do. If you don’t know what you are doing, you can
easily lose all your data and easily reinfect yourself. You must
disinfect and/or protect yourself from reinfection from every single
CD (Compact Disk)
burned, backup tape,
SSD (Solid State Disk),
- Never click on a pop up that claims your computer has a virus.
- Don’t click on links or attachments in e-mails even from
people your know unless there are techo-savvy.
- Turn on your browser’s pop-up blocking feature.
- Never download anti-virus software from a pop-up or link sent to
you in an e-mail.
- If you’ve received a scareware
message, please contact your local police office and the Canadian
Anti Fraud Centre (1-888-495-8501) to report it.
- Turn off Java Applets unless you are visiting trusted site. This
is a temporary security measure that should soon be relaxed.
Free Anti-virus Software
Originally there were only three free Antiviruses, but now almost
every company offers a stripped down free version. Most companies now
also offer a premium edition and an Internet edition (which is
actually a firewall). You have to read the websites carefully to
discover the differences in features and price. Consider that reviews
might be talking about the super premium plus edition, where you are
interviewing for the entry level one. I have a long memory for
companies that good or evil. I think these three original free vendors
deserve continued support:
Microsoft has Defender bundled with Vista/W2008/W7-32/W7-64/W8-32/W8-64. It is automatically and
frequently updated. I don’t know why it is not considered a proper
by Lavasoft. Comes in three versions free,
per month (with firewall) and
a month. It tries to install a browser-ad. Just say no, and say no
to accepting the user agreement and it will install anyway. The only
this unusual about it is you can configure which of 16
sorts of places viruses can hide you want to scan. It is the new kid
on the block. I don’t see the point in the product. We already
have more than enough anti-virus scanners. We need something
radically different that can deal with unidentified viruses.
Avast. The home version is free. You get it free for the first
60 days just by downloading, then you
register your email address to get it free for a further 12 months
at a time. This is not explained anywhere. I found out by emailing
for clarification. It is comprehensive with a ridiculously
complicated toggling user interface designed like a child’s
Transformer toy with secret compartments. I suggest downloading one
of the more adult skins which are a bit more intuitive. The company
is Czech. Avast detects viruses, and can sometimes repair them. It
has also has a checksum scheme to detect virus infection by unknown
viruses. Avast has bigger brothers. Avast is a bit braindamaged in
that it scans the recycle bin for viruses finding infected files you
have already deleted. I have been unsuccessful at installing it
though it worked fine on
Alwil has ignored my emails.
- Microsoft Security Essentials
is available free to use on Windows 7. Its updates come as part of the usual Windows 7 updates about twice a day.
You control it from the green tent icon in the hidden icons on the far right of the task bar.
- Clam Antivirus and the
ClamWin front end. It is run by a team of unpaid volunteers who are
rather impatient with anyone who does not understand and follow
their undocumented rules. Clam just finds viruses. It does not
remove them. All you can do is delete infected files.
online. The offline version is not free. The online version
IE (Internet Explorer)
because it is an Active-X program. It quite thorough, reporting
programs with security vulnerabilities as well as actual malware.
Unfortunately, it refuses to believe you when you tell it there is a
false alarm. It insists on blocking you any time you run or use that
program in any way. Further, it insisted on fixing what it
considered my unwise use of Take Command even though I told it not
UN (United Nations)
hired Kaspersky, a Russian company, to track down the Flame virus, a
highly sophisticated virus used for international espionage.
has a free version and several pay versions.
The free version has nothing to configure, not even the drives or when to run scans or when to update definitions.
It continuously scans in the background when the machine is idle. It can detect unknown viruses.
It monitors suspect programs in a sandbox to see if they misbehave. It seeks out rootkit viruses.
It searches out malware in HTTP (Hypertext Transfer Protocol) you download. This is quite impressive for a free program.
Make sure you ask it to do an initial scan as part of the install or it will presume all is perfect to start.
You must register so that they can send you ads for the pay products.
I had to get rid of it because it kept interfering with the Excelsior Jet install. Even when I told it to exclude
JetSetup.exe from blocking, when the file appeared again during the install, it treated it as if it were a totally new file.
Microsoft plans to release a free virus checker code named Morro.
Perhaps it will just be Defender ported to the older operating
systems. This should save MS money on phone support. Much the way
vaccination works, it should greatly reduce incidence the of viruses
by removing sources of infection.
In addition to a batch scan of the entire hard disk, a virus scanner
will often by default install all manner of continuously running
protection including, Instant Messenger, email, network, Outlook, P2P,
web, and standard (check or every read/write/execute of disk). Viruses
cannot hurt you unless you execute them. So as long as you never run
email enclosures and run a batch scan every once in a while you should
be OK. You might set up a scan on mail in and out since that is fairly
low overhead, and is the source of most viruses. A standard check will
slow your machine to a crawl and buys you little extra security. If you
download software, it would not hurt to scan it for viruses, though
reputable download sites like Tucows do that for you.
The current way of stopping viruses is incompetent. Its purpose is to
force customers to keep paying over and over for virus protection. It
works analogously to an airport security system that checks the id of
every incoming person and looks it up in a databank of known
terrorists. There are no inspections, no profiling, no X-rays. There
are no restrictions on terrorists getting into sensitive areas.
Further, if a known terrorist wears a disguise they can past the gate
too. The way terrorists get into the database is to be caught
red-handed causing damage, then their twins or clones are also
excluded. The lists are broadcast to other airports. The terrorist
organisations can easily defeat the system by sending new agents or
old agents in disguise.
The current way of stopping viruses is stupid. It requires
identifying every possible virus, then looking specifically for each
one. This is like shutting the barn door after the horse has fled.
Further, the brats can invent new viruses faster than they can be found
and identified. It is only a matter of time until someone uses
AI (Artificial Intelligence)
to manufacture millions of new viruses a day, which will overwhelm all
the attempts at cataloging them. Virus companies persist in this inept
strategy because it locks in customers who need a new version of the
software daily. The torrent of new viruses means small companies
Viruses could be stopped in their tracks, including future viruses,
simply by enforcing a rule that all executables,
modules, be digitally signed by their authors, the same way the Java
Applets are. Then a virus can be detected simply by verifying the
digital signature. It is all but impossible for a virus to cook up a
valid digital signature for an executable it has modified. If vendors
posted the originals, digitally signed, then any contaminated modules
could be automatically restored without human intervention. This would
not stop Trojans, but it does identify who created them, making
prosecution and civil legal action easy. The problem is half-assed
anti-viral utilities that require constant updates are big business.
They don’t want a solution that works once and for all.
One interim solution would be to have disk partitions or
SSDs (Solid State Disks)
that were read-only. You would put your executables and
DLLs (Dynamic Link Libraries)
there, (or rather installs would.) Access would be by password, good
only for one install instance. They would all have digital signatures,
or at least digests, that would be checked on copying in. This would
make it very difficult for a virus to modify an executable. The
problem is, it would require all vendors to digitally sign
executables, and use the
API (Application Programming Interface)
to install executables and other files on different drives. The most
important vendor to comply would be Microsoft, who currently puts all
its data and executables on C: