Happy Trails Computer Club

home > security > overview > virus > tools > antivirus  
Antivirus Software and Tests
This page serves as the key reference for antivirus tools, practice and services; and expands the antivirus element of the multi-layer defense plans. This page offers program solutions to the questions raised on the virus page. The related pages offer more, and probably the most important, solutions.
viruses < back to
related pages > safe email > attachments

The first line of defense

Your best peripheral defense against viruses should be your own wits and common sense. In fact, anti-virus programs often don't catch newly released viruses. Look at yourself as the only reliable line of defense.

There's usually something "fishy" about either the email message or the attachment when they carry a virus. If you suspend trust while you decide if a message or attachment is OK, you can readily avoid viruses that are carried by email.

Internal defense

A good antivirus program is good insurance against the inevitable time when you fail to spot a virus. Your antivirus program will probably step in and save your bacon. That happens to me about once every two year. Tends to keep me on my toes.

Trick or treat? The !0000 trick is simple. It's supposed to block the spread of PC viruses. -- you just add an entry to your email address book. Trouble is, it won't do anything most of the time. Worse yet, the false sense of security it gives is worse than no protection at all.

How about worms, Trojans, spyware and the like?

Anti-virus programs have not been effective against this kind of malware, even though some of it resembles viruses, but that's changing. Most of them are getting better at detecting this type of malware. A better solution is a good anti-malware program though. There are several available that will protect you against worms, Trojans, spyware and many other kinds of malware.

Virus signature (reference) files

Antivirus programs depend on up-to-date virus signatures. They're the digital "fingerprints" or "DNA" of the viral agents that these programs scan for. New viruses or mutants of old ones are turned loose on the Internet every day. You must keep your reference files up to date, or your antivirus program will soon become relatively useless. You should enable the auto-update function or download the new ones at least once a week. Usually there's a button right on your antivirus program to take you to the download site.

Don't forget to update your signatures after you've been away for a while -- say on a two week cruise. Do it before you download that big batch of messages that's stored up. The latest crop of viruses will be in there waiting for you.

Scan your computer for viruses online

There are places you can go online to get your computer scanned. You may not have an antivirus program installed, or you may want a "second opinion" about how clean your computer really is. These tests take a while, especially the first time, because they need to download some software before they can run the tests.

Norton (Symantec) is a good place to get your computer scanned for viruses.Trend Micro is another, and they check for Trojans too. These places are handy if you don't have an antivirus program installed on your computer. (You are going to get one aren't you?) Please read this article if you have ever used the Symantec Security Check prior to June 24, 2003.

Test your antivirus program

It's better to have no protection at all, than protection that doesn't really work. You're bound to drop your guard if you think you're protected. You can check the effectiveness of your antivirus system by using some simple tests.

It's also possible for your antivirus program to give a false alarm. Ziff Davis has an article that explains why, and also how to resolve the problem.

Antivirus programs

Most present-day antivirus programs are deeply embedded in the operation system. That makes it hard to fully uninstall them, which can lead to big problems. You could end up blocked from the Internet. Or when you install another antivirus program, it may not work. The maxim, "If it ain't broke, don't fix it" certainly fits here. It's best to pick a good program and stay with it. If you do need to uninstall one, check their Web site for instructions on how to do it cleanly.

There're more than a dozen reasonably good antivirus programs to pick from. Most new computers come with one already installed. If you want something different though, you'll need to do some research to find out which ones fit your needs best. Here are some sites that will help.
http://www.wilders.org/anti_viruses.htm -- Wilders reviews (fairly complete).
http://antivirus.about.com/cs/beforeyoubuy/tp/aatpavwin.htm -- reviews by About.com (not a complete list)
http://www.virusbtn.com/ and http://www.firewallguide.com/anti-virus.htm -- comprehensive, independent test results (very complete).

Many antivirus programs have become "bloatware" (too many features, patchwork programming). The most popular ones are also more frequently targeted (and defeated) by hackers and worm writers.

NOD32 is one of the leaner, meaner alternatives. It has a very good record (perfect, last time I checked) for catching viruses "in the wild" (those that are actually circulating on the Internet). It's a personal favorite of several reviewers. It's the one that I use exclusively. [review]

Avast! is a good free alternative because it's based on an excellent "professional" version. I've used several versions on my own and relatives computers. It always worked quite well, and the latest version has eliminated a couple of annoyances.

AVG Anti-virus is another good antivirus program, with free and "pro" versions. It consistently receives good reports from people on the Internet.

http://www.trendmicro.com/en/ -- PC-cillin -- $49.95
http://www.nod32.com/ -- NOD32 -- $39.95 (This is the one that I use.)
http://www.f-prot.com/ -- F-prot -- $29.95
http://www.avast.com/ -- avast! -- free for home use
http://www.grisoft.com/us/us_index.php -- AVG Anti-virus

Don't forget that after the first year or two, most of these programs require subscription fees to keep their signature files up to date. And if you don't keep them up to date, you might as well not have them.

Symantec's (Norton) and McAfee's security suites can be more economical than buying individual programs to protect against viruses, hackers and Trojans. They include antivirus, a firewall and other functions. I'm inclined to pick my own program for each job though.

Conventional anti-virus programs have done the job of protecting computers from viruses very well up till now. Unfortunately, that's changing. It's easy to change the characteristics of a virus -- it's "signature" -- so that it's not recognized. The virus slips right by the anti-virus program. There are some defenses against these disguised virus files, such as heuristics in some anti-virus programs, that work well. The best defense is still common sense and personal vigilance though. [more]

Information on viruses, worms, Trojan horses, and other malware

http://www.symantec.com/avcenter/ -- information on viruses, Trojan horses, worms, macros and other vulnerabilities and exploits at Symantec's "Security Response" center.

http://www.trendmicro.com/en/security/report/overview.htm -- the latest information on viruses, worms and hoaxes from Trend Micro™.

http://cybercoyote.org/security/resources.htm -- cross referrences to many other resources.

Virus removal

Many viruses and worms can be removed by anti-virus programs and other techniques. You can get good information free tools for removing the more "popular" ones at several antivirus companies. It may be best to seek the help of a local expert though.

If you're running Windows ME or XP and remove a virus, do not subsequently use a system restore point that might have included the virus, or you may need to remove it again.

viruses < back to
related pages > safe email > attachments
"Interestingly, common sense seems to be relatively uncommon." -- Miss Anthrope
club stuff
   lost? > index
attack vectors
   web sites
   #  2  3
safe settings
   email client
safe practices
   file handling
defense tools
defense tests