| Home > About PCs > Maintenance > Security software |
Even if your Windows PC is not equipped to connect to the Internet, I believe you should still have antivirus software. All it takes is one diskette or CD somebody gives you. There was even a case I read about in the 1990's where Intel was shipping install CDs of some sort of network utility that turned out to have a virus on them.
Never attempt to have two antivirus programs or security suites installed on the same PC at the same time. These types of software expect and need to be in full charge of security, and it's pretty much guaranteed two of them will conflict badly. Before you install a new antivirus program you need to completely remove the old one.
Sometimes I encounter seniors who seem to be operating under the assumption that one can avoid computer viruses in a similar way to traditional ideas about avoiding VD, by being discriminating in one's online contacts. It's not a good analogy. If you have a Windows computer, and you don't have up-to-date antivirus software, you are sticking your neck out. Get AVG Antivirus Free Edition, at least.
Most top-quality PC security software is commercial shrinkwrap software, and much of it is set up on a subscription basis, meaning you're expected to buy it all over again periodically. There's some justification for this situation in that anti-malware has to be continually updated to meet new threats. It's reasonable that for-profit companies such as Zone Labs and Symantec expect to be compensated for this ongoing effort.
The flip side of the coin: as long as all really effective anti-malware costs money, then only Internet users with money will be effectively protected. This implies a pool of marginally protected or unprotected Internet users who are vulnerable to malware attacks, sort of an ongoing handy resource for those people who get their jollies writing malware. Would the whole Internet community be better off if there were strong security freeware available to all users for download?
I've been scanning with antivirus (AV) software for years; my whole system periodically, and every program file and floppy disk that comes to me from somebody else. In the 1990's I saw three viruses in action. The first one was a rather nasty conventional virus of the type called a boot virus, that also installed itself in RAM, and it was on a couple of diskettes I received by snail mail. I identified it and destroyed it before it got on my hard disk or any of my own floppies, recovering intact for use the legitimate files on the diskettes, and I was able to notify the organization I'd received it from (happened to be a physics lab at MIT) and help them in a small way to obliterate it from their network. I think you'd have to say that encountering me was a net loss for that virus.
Conventional viruses either attach themselves to executable program files, install in a disk's boot area, install in RAM, or do some combination of those things.
The other two viruses I mentioned were Word macro viruses called Concept and Wazzu. In early 1997 I read that those were the two most commonly seen macro viruses, which figures. Macro viruses are possible because the macro languages of Microsoft Word and Excel are actually Visual Basic, a complete programming language with file and disk access. Macro viruses travel with the document files of Word and Excel (extensions DOC and XLS). In addition to scanning foreign executables, we also need to form the habit of scanning Word and Excel documents that might arrive as email attachments, or on diskette. As of late 1997 there were over a thousand known Word macro viruses.
You can also avoid problems with Word macro viruses if you exchange Word documents in RTF format instead of the native Word DOC format. RTF doesn't include macros, therefore no macro viruses to worry about. RTF also makes it irrelevant which Word version someone else has, or even whether they have Word at all, or even Windows: pretty much all modern word processors can open RTF files, including Mac, OS/2, and Unix software. RTF format preserves almost all formatting, including headings, indents, boldface/italic, specific fonts, text colors, and even named paragraph styles.
The main disadvantage of RTF format is that document files including pictures tend to balloon in file size when converted to RTF. Apparently the picture gets encoded in text as a bitmap.
If you're sending word processor documents that just need to be printed and read, not edited, there's always the open Adobe Acrobat PDF format. You can convert almost any document type to a PDF file using the free utility CutePDF Writer.
There's also a Word options setting that can help on the defense side: open Word and do Tools, Options, General, find the check box Macro virus protection and make sure it is checked (on). Then whenever you open a Word file that has macros in it, you'll get a warning dialog that says "The document you are opening contains macros or customizations. Some macros may contain viruses that could harm your computer."
This dialog has three buttons across the bottom: Disable Macros, Enable Macros, and Do Not Open. "Disable Macros" opens the document with its macros disabled, "Enable Macros" opens it normally, and "Do Not Open" cancels the open file operation entirely. If someone sends you a Word document and this dialog pops up when you try to open it, it can also serve as a reminder to scan the file for viruses.
There are a few known Excel macro viruses, but the main virus threat affecting Excel while I was doing tech support was actually due to the Nimda worm and its variants, starting in September 2001. Nimda was primarily an email worm, and I don't believe it actually propagated via Excel files, but the nature of the damage it did to MS Office documents made it look like there might have been an Excel or Word problem at first glance.
There are all sorts of commercial antivirus programs. Norton and McAfee get top ratings in reviews, have been around a long time, and you can probably find them on the shelf at your local office-supply stores.
The first three of these four have been described in reviews I've seen as being reasonably competent and probably adequate for individuals. (Reasonably competent is certainly better than nothing.)
See also the Wikipedia antivirus article for discussion of how antivirus software works, general security concerns and recommendations, links and reviews.
Antivirus software packages generally include various types of antivirus tools that use different strategies to combat viruses. The primary component of your antivirus software, and in my opinion, the most effective and least troublesome one, is your virus scanner.
Scanners work using an antivirus data file; an indexed list of little pieces of program code that are characteristic of known viruses. They use these little snippets as a sort of fingerprint; if they find a match to one in any of your files, or in RAM memory or the boot area of a disk (some viruses try to hide there) it indicates the presence of that virus. The list of code snippets—the antivirus data file—has to be updated periodically as new viruses are identified and analyzed.
It used to be that antivirus data files were updated a few times a year. In recent years Norton has had a virus definitions update every ten days or so.
It's very important to keep your antivirus data files current. If you go out and buy Norton Antivirus off the shelf, install it, and then never update the data files, you will have wasted your money.
Norton AV has a component called LiveUpdate that can be used any time to manually check for data file updates. If you have an "always-on" Internet connection such as cable or DSL, you can configure it to check every night and automatically install an update if it finds one.
Most packages now include an active antivirus component, which generally puts a tray icon in your Windows system tray (the little window at the right-hand end of your Taskbar where the time is displayed). Different ones operate differently, but they all have the potential to conflict with your regular software. For starters, one generally needs to terminate or disable any active antivirus module while installing any software, especially Microsoft Office, OpenOffice.org, or other office suites. When you reboot, the active antivirus will reset. (Norton Antivirus: right-click tray icon, Disable Auto-Protect)
These active components try to use some approach of monitoring your system for "suspicious" behavior. There have been programs that looked for the change in file size that normally happens when a common virus attaches itself to a program file. There are at least two problems with that approach: some program files are designed to modify themselves to store configuration information; this can trigger a false indication of presence of a virus. The other problem is that file size tracking is useless against boot viruses.
Virus scanner modules can't conflict with other software, because whenever they aren't actually scanning, they're completely inactive. If you identify a conflict with your active antivirus module that you can't resolve, you can always disable it, and just run the scanner function manually, or set up a system scheduler utility to run it at night or during lunch or something. You need to know how to access the manual scan function anyway, so you can scan files and diskettes you receive from others.
Firewall software is needed these days for any PC that connects to the Internet, for both broadband "always on" and dialup/modem connection types. Windows XP and later has its own native firewall; all you need to do is make sure it's on, which you can do at Control Panel, Security Center. Mac OS X and Linux have had firewall technology built in from the beginning, and Apple and Linux developers have been adding to and improving their respective firewall systems.
It's possible to disable the native WinXP firewall and rely on a third-party firewall instead:
The Wikipedia firewall article links to other free test sites. See also Home PC Firewall Guide and their Free Security Software page.
Spyware* (1) Software that gathers information about the user and is installed without adequate user notice, consent or control. (2) Software that impairs users' control over material changes that affect their user experience, privacy, or system security; use of their system resources, including what programs are installed on their computers; or collection, use, and distribution of their personal or otherwise sensitive information.
The Internet community seemed to be still catching up to the spyware problem as of 2006. The situation was complicated for a while by lawsuits from spyware originators claiming their stuff was not malware; but it's become pretty clear that spyware left unchecked can bring systems almost to a standstill.
If nothing else, one thing you can do against spyware is to reformat your hard disk and completely reinstall your OS and software every few months. This is time-consuming and no fun, obviously.
These suites provide antivirus, anti-spyware, and firewall services in an integrated package.
In most operating systems, when you "delete" a file (including using "Empty Recycle Bin" in Windows and "Empty Trash" in Ubuntu Linux) the file isn't really gone yet. The OS just removes the file system's pointer to the file, indicating that space is now available, and the file's data just sits there until it happens to be overwritten by something. There are various utilities and techniques for recovering deleted files.
Fair warning: I am not a spook. Nobody should mistake me for any kind of authority on this stuff. I'm just linking to some file wipe utilities I've used or read about.
For privacy reasons, to prevent identity theft, and to help avoid accidental disclosure of sensitive corporate or government information, sometimes one needs to completely remove things. File wipe utilities do this by overwriting disk space formerly occupied by deleted files with various types of null data patterns, sometimes repeatedly.
Windows, Mac, and Linux have Recycle Bin and Trash for a good reason: so that most of the time, after you "delete" something, you can say "wait a second, give me that back." So be careful with these file wipe tools. Remember, after you wipe it, it's gone.
You can make sure you choose an Internet Service Provider (ISP) and/or email service that provide server-side virus and spam email filters. Most ISPs and free Web-mail services do this now to some level.
You can install a wired or wireless hardware router with a built-in firewall between your modem and your computer or small network. This will probably cost you in the range of US$100-$400. See also the How Stuff Works routers article. If you go with a wireless router, make sure you set it to encrypted.
These security measures are probably the second-worst maintenance issue you can neglect on a PC, after backup.
Unfortunately there are a lot of emotional infants out there, around the world, busily writing viruses and other malicious software of various kinds. If you are the victim of a successful attack, you can lose data, have to reinstall software, or even have to reformat and reinstall Windows and all your software. With the Nimda worm in 2001 a common result was loss of all Microsoft Office documents.
If you don't have antivirus software, you also have the potential to become part of the problem, cluelessly passing on whatever viruses touch your system. There have been viruses like Michelangelo designed to do nothing but spread themselves until they see a certain system date, which triggers their destructive parts.
You can become a victim of privacy invasion, or even identity theft resulting in credit problems. Even if everything on your PC continues to work, viruses and other malware can trash your computer's performance or cause erratic behavior. In some cases your Internet-connected PC can even get turned into a "zombie" that gets put to work actively extending the attack to other computers.
site feedback