Most of the available protection schemes use a so called ‘mounted scheme’ (the protection program adds code to your program that makes it encrypted, compressed and debugger protected). When your program is started this code unpacks, decrypts and adjusts your application back to its original state.

In such a case a cracker’s actions are obvious: he suppresses the anti-debugging tricks and dumps the unpacked and decrypted application code. Then after having disassembled and analyzed the code, he simply needs a little patching and he gets a fully functional unprotected copy.

What are the weak points of such protection?

• Protection code added to an applications is usually more or less standard and soon or later it becomes the subject of detailed analysis. Once the security code is analyzed, reverse engineering of the protected application becomes a snap. In addition there are many automatic deprotectors that crackers can use for most popular protection solutions. • Protected code of your application is encrypted. But before it can be executed the protector has to decrypt it and pass the control to it. This moment can be intercepted by an intruder so he can get the access to the original code for analyzing/modification.

EXECryptor uses a conceptually new approach to protect software applications. The core of the protection technology is a brand new concept of the code transformation called "Code Morphing". This technology protects the code on the CPU-command level. It is known the x86 processors command system is redundant and allows the execution of the same ‘code’ using various different system commands. It breaks up the protected code into several processor commands or small command snippets and replace them by others, while maintaining the same end result. Thus the protector obfuscates the code not on the source level but on the level of the CPU commands.

The Code Morphing is multilevel technology containing hundreds of unique code transformation patterns. In addition this technology includes the special layer that transforms some commands into Virtual Machine commands (like P-Code). Code Morphing turns binary code into an undecipherable mess that is not similar to normal compiled code, and completely hides execution logic of the protected code.

Unlike other code protectors, there is no concept of code decryption with this system Protected code blocks are always in the executable state, and they are executed as a transformed code. The original code is completely lost and code restoration is an NP-hard problem.

In addition you do not have to worry about the size or speed of your program because you don’t need to transform its entire code. You have to protect only critical parts of your code, responsible for serial number verification, trial expiration date, and other evaluation restrictions. The rest of application code remains intact and software execution speed remains the same.

Below is a code sample generated by Delphi and a partial (the full listing contains over 500 instructions) listing of the transformed code.

Source code:

writeln(’Test OK’);

After compilation:

mov eax, [$ 004092ec]
mov edx, $00408db4
call @WriteOLString
call @WriteLn
call @_IOTest

After the code transformation (partial):
xchg [edi], dl
db 3
add al, $30
xlat
call +$000025b2
jmp +$00000eec
call +$00000941
or al, $4a
scasd
call -$304ffbe9
rol eax, $14
mov edi, [ebx]
jmp +$00001738
mov ebx, eax
shr ebx, $03
push ebx
jmp +$0001b5e
call -$000001eb
jmp +$00003203
jmp +$00005df8
call +$00000910
adc dh, ah
fmul st(7)
adc [eax], al
les eax, [ecx+$0118bfc0]
stosb

http://www.strongbit.com

The registry is the place where your computer stores the configuration information about your computer and your installed programs so that your operating system can use them.

Maintaining the registry is an important step in keeping your computer healthy. Registry problems can include slow performance, computer crashing, and the annoyingh Microsoft Windows error messages.

If any of these describes you as a computer user:

- Has old drivers on their system that have not been removed.

- Installs or uninstalls software very often.

- Have third party programs running such as Spyware and Adware (you can’t stop these from being installed)

- Remove software by deleting them from the Program Files folder.

- Installs or Uninstalls hardware.

Then you absolutely need to be repairing your Microsoft Windows registry regularly! All of the above leave traces in your registry that will only hurt your computer in the long run. If you don’t clean your computer to fix your registry than you are going to be in a whole world of trouble.

Make sure that you backup your registry before you try to clean or fix anything. Most registry cleaners have registry backup automatically for you, but be sure to check them out. Remember, don’t try to edit anything in the registry yourself unless you are very computer savvy.

Why do you need a registry cleaner? Registry cleaners are important because it protects your PC from harmful processes. Is your computer slowing down for no apparent reason? Are you having errors that are not solved by your anti-virus or anti-spyware program? Your PC might be affected by applications that are running without your knowledge. Registry cleaners are a must! Registry cleaners ensure that your registry is clean.

Some errors are just a quick registry fix, while others could be more problematic.

If you keep your registry clean, free of viruses and spyware your computer will last much longer. Spend the time or money now for a registry cleaner to save you even more time or money later down the road.

If you are short on cash then there is a free registry cleaner available that I use exclusively. The program is called Error Nuker and it is a free ware registry cleaner. Error Nuker works on Windows XP, Windows 98, Windows ME, Windows NT4, and Windows 2000. Microsoft Windows does NOT come with a registry cleaner.

Joseph Tierney is a surfer and 2005 high school graduate. To learn more about Error Nuker and other free registry cleaners, please visit Free Registry Cleaner - http://www.cflwaves.com/free-registry-cleaner.htm

What’s housekeeping software? It’s software that takes care of your PC and everything recorded on that hard-drive. If that’s what you need, make sure you consider these titles.

HandyRecovery 2.0 (SoftLogica LLC)

As you might expect, data recovery and undeletion software is a very popular thing. Next to antivirus software, a firewall and proper backups, a decent file recovery program is the most essential thing you can have on your system. Hard drives die eventually, of course, and worse than that, people make mistakes. HandyRecovery 2.0 is fairly easy to use, allows you to search for deleted files by name and comes with all the help support you’ll need to get you on your way. HandyRecovery 2.0 can discover and recover deleted partitions and quick formatted drives as well as undeleting files. It can also be used to make a drive image of a partition so that recovery can be attempted without further damaging a wonky hard disk.

My Registry Cleaner (PC Security Shield)

If your computer is slow and often crashes, My Registry Cleaner will help you. The application scans your entire computer and removes errors, speeds up your PC, and stops crashes. My Registry Cleaner comes with one year of free tech support and updates. My Registry Cleaner will make your system more stable, run quicker, and your operating system will boot faster. Registry problems can occur for many reasons, including references left behind after uninstallation; incorrect removal of software; missing or corrupt hardware drivers; or orphaned start-up programs. With a few easy steps, My Registry Cleaner will scan your entire registry for any invalid entries and provide a list of the errors found.

Win Undelete 2.1 (Jufsoft)

This program for recovering deleted files comes in near the top of its class in almost every area except download restrictions. Win Undelete 2.1 boasts a welcoming interface with buttons for all necessary actions prominently displayed - and since the program greets you with a step-by-step wizard, you may never need the tutorial or help info. The list of supported file types that Win Undelete 2.1 supports is extensive, and you’ll really appreciate the program’s ability to ignore temporary Internet files and junk files, which saves both time and effort. You can search for deleted documents by extension or filename, as well as sort the list of results.

Download Links

HandyRecovery 2.0 http://www.deprice.com/handyrecovery.htm

My Registry Cleaner http://www.deprice.com/myregistrycleaner.htm

Win Undelete http://www.deprice.com/winundelete.htm

David Deprice runs and operates http://www.deprice.com

Here’s what you should look for when choosing anti-virus software:

• Effective Virus Detection. Viruses are detected by antivirus software in two ways: a full scan of your hard drive, or in real-time as each file is accessed. It is critical that antivirus software provide both these features, especially real-time protection. Does the product quickly identify infected files with a realtime scanner, whether it comes via email, IM Apps, web browsing, etc?

There are a number of certification laboratories that test the detection rate of antivirus software, purely rating products on whether or not they are capable of detecting in-the-wild viruses. I recommend only choosing products that are certified by at least one recognised certification scheme. Check the following sites to see whether the product you’re interested in passes their tests:

West Coast Checkmark http://www.westcoastlabs.org/

Virus Bulletin 100% awards http://www.virusbtn.com/index

ICSA https://www.icsalabs.com/icsa/icsahome.php

There may be several certification programs to choose from and you’ll need to match the product version you’re considering with the platform you intend to install it on.

• Effective at Cleaning or Isolating Infected Files. Does the product thoroughly clean, delete, repair, or quarantine the infected file to stop the spread of the virus and save the rest of your system/network?

• Performance and Ease of Use. No product will be effective if users do not understand how to use it, if certain features are absent, or if it has a negative impact on their system. How easy is it to install the software? How easy is it to scan for infected files? Can you schedule a time when your files will be inspected or specify what files will be inspected? Are the features easy to access and understand? Some anti-virus programs interfere with other software - in certain cases making programs unstable or worse. All anti-virus software will slow your computer down, but the best have the least impact on performance.

• Ability to update. Keeping antivirus software up to date is critical; more so than with any other software. Computer viruses are being written every day. The product should be able to update easily and should allow for full customization of the types of files to be scanned. Does the software developer provide regular updates? Are they free? If so, for how long? Will the software update automatically, or does the operation have to be performed manually? Anti-virus software should provide the option to change any of these settings and to schedule the automatic updates at a specific time that suits you.

• Activity reporting. You should be able to view what each demand scan found and what it did with any infected files. You should also be notified immediately of any infection found with the realtime scanner.

• Support. Does the software developer provide adequate technical support (extensive frequently asked questions/knowledge base, email support, help desk phone number, etc.)?

• Help Documentation. Is there a help document available? How useful is it? Is it easily understood without relying on technical jargon? Can you find your answers easily?

• Check the system requirements before you buy.

David Furlong is a qualified and experienced IT specialist and Technical Trainer. His list of credentials includes MCSE, MCSA, Dip IT, and he is one subject away from completing a Masters in Networking and Systems Administration. http://www.avg-antivirus.com.au

Microsoft is now coming to the party to help home users out for protecting their computers from viruses, hackers and spyware/adware(pop ups, unsolicited advertising etc), and it’s all free!

The first thing is to check for upgrades for Windows, it will download any important security updates. Go to the following link below.

http://windowsupdate.microsoft.com

Once upgraded go to the Control Panel and open the Security Centre. Ensure the Firewall and Automatic Updates are turned on. If the Security Centre is not in the Control Panel you don’t have Service Pack 2, you can run Windows Update to upgrade or see Microsoft’s guide for turning on the Firewall with Service Pack 1. See the following link below.

http://support.microsoft.com/kb/283673#XSLTH3134121122120121120120

Computer Associates are offering Windows users a high quality anti-virus program with a 1 year subscription for free. Ensure you run a full scan after installation. Go to the following link below.

www.my-etrust.com/microsoft

Also if your sick of spyware/adware download Microsoft’s Anti-Spyware. Ensure you run a full scan after installation. Go to the following link below.

http://www.microsoft.com/athome/security/spyware/software/default.mspx

If you following these few simple steps you will have the latest in Internet security and shouldn’t have too many problems with viruses/hackers etc.

If you have your computers networked or use for business purposes it is advisable to seek help from a qualified computer technician.

Wez Bryett Web Developer New Business Media http://www.nbm.com.au

Stealing company information used to be the specialty of spies and conspirators. It was something that only happened to the most powerful of corporations and branches of government.

Nowadays, stealing data is commonplace and anyone can become a victim at any time. The person standing in line behind you might be running a profitable side business stealing other peoples’ sensitive data. The reality is, however, that “inside” jobs are the most common when discussing business data theft.

Instead of looking through the crowds trying to pick out the law breakers, and instead of spending boatloads of money conducting thorough background checks on all those whom you encounter in your business, it’s easier to simply protect your data from prying eyes and malicious intentions.

Easier, yes. But protecting company data isn’t something that many small business owners do. Into their computer programs they input their products and pricing, their vendors, their EINs and TINs, their checking account numbers, email addresses of family members, their proprietary information, their marketing plans and formulas – everything goes into the computer.

What’s worse is when a business owner stores this type of information on a laptop computer, an item especially vulnerable to theft. Someone stealing laptops probably could care less about the information that is stored on them, but why take that risk. If you’re going to protect your sensitive company data, it’s all or nothing.

And protecting data is definitely your responsibility if you are an accountant or you specialize in other types of financial businesses. Your clients assume you are protecting their financial documents and their other sensitive records. But are you? Kudos to you, if you are. If you are not, you better take this issue seriously right now, before the damage occurs.

The best way to protect data is by using encryption software. Encryption means making data unreadable to everybody except those who know or understand the key or the code. When data is encrypted, it is far more secure than it is if just protected using a password.

Passwords that are required to login to a program are considered authentication methods, where the identity of the person logging in is simply authenticated, or verified. But passwords are easy to figure out and anyone capable of figuring out passwords will still have access to the data contained within.

So for data to truly be protected, you’ve got to go the extra step and encrypt it. There are many encryption programs available today. The most sophisticated of those protect our nation’s secrets.

But for the small business owner, who has minimal understanding of encryption methodologies or terminology, and wants it to stay this way, ease of use is what’s important.

Behind the scenes, all encryption software uses an algorithm or some other complex mathematical processes to scramble the data. Keys or strings of binary numbers (bits) are created and are what is used to mix up the data. The binary numbers and the data mix together and the result are data that is unreadable.

When more binary numbers are used, more encryption combinations are possible. Therefore, longer strings (more binary numbers or bits) are preferred when encrypting because this makes the code even more difficult to break. So it makes sense that 128-bit encryption software is more secure than 56-bit encryption software.

Data that is encrypted is safe from prying eyes which means that your business data is safe. To view data that has been encrypted, it must be decrypted.

Whether you need to protect your e-commerce website, your email, your business data or that of your clients, be sure you use encryption software.

Copyright © 2005 Cavyl Stewart. Get more software tips, strategies and recommendations by signing up for my Exclusive 100% free, 100% original content ecourses. Visit: http://www.find-small-business-software.com/free-ecourses.php

What is RAID RECOVERY?

RAID stands for Redundant Array of Inexpensive Disks. It is a method of combining several hard drives into one unit. This method offers fault tolerance (the ability of a system to continue to perform functions even when one or more hard disk drives have failed) and higher protection against data loss than a single hard drive.

Why do I need RAID RECOVERY?

RAID provides real-time data recovery when a hard drive fails, increasing system uptime and network availability while protecting against loss of data. Another advantage of the system is that multiple disks working together increase overall system performance. Any individual or company could benefit from having a RAID RECOVERY system in place.

Different Levels

There are several different levels of RAID available. Each level offers various advantages in terms of data availability, cost and performance. Your best bet is to assess your needs in order to determine which level works best for you. The most popular RAID systems are the following:

RAID 0 - Data striping (no data protection). The benefit of this system is that it offers the highest performance.

RAID 1- Disk Mirroring (provides data protection by duplicating all data from a primary drive on a secondary drive). The benefit of this system is it offers the highest data protection.

RAID 0/1- This combines both Raids 0 and 1. The benefit here is highest performance + highest data protection.

RAID 5 - Data striping with distributed parity (a form of data protection that recreates the data of failed drive in a disk array). This system offers the best cost performance for multidrive environments.

Having a RAID system installed can provide peace of mind. With RAID installed you can rest assured that even in the event of a system failure your important data will be safe.

About The Author

Alexandria Haber writes both fiction and non-fiction for a variety of people and places. As a result, she has had the benefit of gaining a little bit of knowledge about a lot of different subjects she would otherwise remain totally ignorant of. While researching this article on RAID recovery she gained a new respect for computer technology. For more information on RAID RECOVERY you can visit: http://www.raidrecoveryguide.com.

info@raidrecoveryguide.com

You probably didn’t casually invite, or extend a formal attendance request to, these undesirables known as viruses.

Regardless of your opinions, such cyber-nomads may call on you, complete and active, with their destructive payloads.

So what is a virus?

A virus is a program that can self replicate or reproduce itself. These programmable pirates have a special talent for attaching themselves to executable programmes. When such programmes are executed (often by you, but not always), so is the virus.

They don’t necessarily have an ".exe" file extension and are relative masters of disguise. Extensions can be doubled-up to create an optical illusion or optically misleading appearance.

A boot sector virus is probably the worst in so far as it will upset the normal loading of your operating system and therefore, disable your computer. Pointers to your 0.S., can be overwritten, effectively, rendering it to be non-existant. That’s never a good thing but not the end of the world, however it seems.

Following, is an example of how devilishly deceptive these vindictive vermon are, in their presentation

A friend of mine rang me last week in a distressed state, with news that her I.S.P. was threatening to shut down her e-mail account because her computer contained viruses affecting her outgoing mail This message seemed to come from her provider but in fact was created by a worm (type of virus). The e-mail was complete with the providers U.R.L., instructions to open its attachment (which it claimed that it contained a free virus cleaner) and even a password to access the attachment. This password could "swing" some cautious people to believe that the attachment was legitimate. Indeed there was only one mistake and it was that the e-mail in question was addressed to "Dear account holder" and not her specific e-mail address.

What is often helpful in determining legitimatacy, is to simply check the properties of the particular mail or e-letter. Where the "from" field can be set to display any name(as spammers demonstrate), more info. via the properties option, may help you to decide.

Attachments are potentially dangerous. You should train yourself to look for such things, and not exclusively this. If you have a suspicion, ignore them.

If it seems an awful lot more important than account closure warnings (family matters), then simply ring the addressee in question. Surely most other matters can wait until office opening hours in cases where 24-hour telephone support is not an option. Incidentally, the described worm is a BAGLE variant and is currently in circulation and though it can be cleaned, can also be disruptive.

Smallish text files can be copied and pasted into your e-mail client, eliminating an unnecessary attachment. Doing this will increase the chances of your friends recieving your mail as account providers can have automated software that block mail outside certain perameters, and often legitimate ones are blocked. The limitation when pasted directly into your client is file size.

Incidentally, free and other accounts, in a bid to obliterate spam, can make sucessful mail delivery a nightmare. An option is to put your info./file/picture on some free webspace and simply e-mail the link to it.

Another virus infects your macros( a program,within a program that is similar in delivery to predictive text), and is known as a macro virus and affects the usability of associated files, which are usually files produced using text editors or word processing programs. Saving such files in R.T.F. or rich text format where you have an otpion, is helpful. Turning your macros "off" could be considered, but their benefits are lost and the virus has won, even before entry.

These are harmless enough and there is no need to freak out. A free cleaning option is mentioned below.

If your great grandmother, untypically sends you software as an attachment, and typically sends you a woolen sweater, then alarm bells should sound.

Anyone who depends on their P.C. as a tool and not a toy, needless to say, should discourage forwarded jokes.These jokes can be time-consuming to read, can be colossal in number, are often habitually forwarded, and not really worth the threat. Believe me when I say that I’m opposite to a "killjoy" and mean this, for semi-serious users who rely on their respective and respected machines.

Consciously or unconsciously, forwarding is "viral", and a perfect vechicle to that end. While it is a very useful and functional tool, perhaps its’ use could be limited to its’ initial purpose. Human interaction can contribute to the propagation of "troublesome transients". There are other ways to communicate with your friends.

Of course, if you can afford it, you should get an anti-virus program. Corporations, companies and anyone without financial restraint have such programs updated continuously as no-one can predict when (in real time) that some virus creator will decide to unleash his newest version. Previous virus definitions are of little use in protecting against future viruses. Such definitions describe the nature (how and where infection occurs) and an engine is used to scan or locate and clean the infected files. Given the reproductive properties of viruses, the amount of such infected files can be enormous and sometimes they are files with particular extensions.

Regular domestic P.C. users should probably update their definitions weekly and there are anti -virus software manufacturers that will scan your machine for free (use your search engine) but it should be remembered that the virus could already be in your machine at this stage. The program that you pay for can block them at all entry points and is the nearest thing to protection.

Definitive protection requires you to connect to nothing, insert or install nothing, network with no one, and perhaps swabbing your machine with an industrial disinfectant. However, I would consider such measures to be excessive and no way to live your productive life.

Wishing you the best of luck for the future, and may your connection with these "malicious modem and medium migrants" be in the singular, as most of us learn more diligently (not faster), through experience.

About The Author

Seamus Dolly is the webmaster of http://www.CountControl.com His background is in engineering and analogue electronics. His studies include A+, Net+ and Server+; seamus@countcontrol.com

If someone entered your home, uninvited and installed numerous cameras and listening devices in order to monitor your activities, you would quite rightly be outraged. While such a situation, unless you are living in the Big Brother House, would be considered ridiculous, the same cannot be said for the humble home computer.

Recently released research alarmingly shows that home PC’s are increasingly likely to host software which can watch each and every keystroke the user inputs. According to the research compiled from an audit conducted jointly by the software firm, WebRoot and services provider, EarthLink, the average home PC hosts 28 so-called spyware programs.

Whilst the worst examples of spyware are written by virus writers to steal passwords and hijack computers to launch “denial of service” attacks against web-servers, the vast majority are used to collate marketing information and then target advertising according to the end-users web surfing habits.

The WebRoot/EarthLink audit surveyed more than 1.5 million PC’s during the last 12 months and discovered an amazing 41 million incidents of spyware; adware, Trojans, tracking cookies and other undesirable programs.

Most of these programs are loaded into the computer memory when the PC is started up. From here, the program will work silently, often giving no clues as to its existence. However, unexplained browser window pop-up’s, often advertising adult services and mysterious alterations to the browsers homepage setting are more often than not an indication that spyware is present and active on a computer. One particular piece of spyware, which is proving to be very expensive for many home users, is that of Trojan Diallers. Diallers, often without any warning to the end-user, hangs up the current net connection and then automatically reconnects using a Premium Rate telephone number, thus running up huge telephone bills. The activities of companies using this technology as a revenue stream are currently under investigation in the UK by government watchdogs.

A hard-disk and memory overflowing with spyware used to be one of the unfortunate consequences of visiting sex and adult orientated sites; a kind of eSTD. Like most Internet marketing technologies, from the pop-up to the pop-under and the first snowball of Spam, spyware began life serving the adult industry. Then, just like pop-up, spyware filtered through all aspects of ecommerce. In an interview to the BBC, David Moll, CEO of WebRoot, said that spyware has now become so common across the whole of the Internet, that it can be contracted from nearly anywhere.

So-called “drive-by downloads” are now responsible for most infections of spyware. The term “drive-by” refers to the casualness of the infection. By simply visiting an ordinary webpage a user can unwittingly initiate an automatic download of spyware onto their computer. There are no clues and no warnings.

In a recent, carefully controlled and closed demonstration, it took me less than 20 minutes to create a spyware program and embed it into a webpage. Using colleagues who had previously been made aware of the nature of the experiment, I invited them to take a look at this “special” but very ordinary looking webpage. Within seconds of visiting this webpage, the spyware went to work taking a snapshot of their hard disk, a snapshot of their Favourites folder and a copy of their browsing history. Before they had even finished reading the webpage, the spyware was already transferring their information to my server. It’s as easy as that! Equally that same code could be manipulated to perform a total trash of the hard disk or some other equally miserable and criminal act.

Speaking to the BBC, David Moll explained.

"Some (spyware programs) lurk on misspelled URLs and strike those that type faster than their fingers can carry them. As a result you do not end up where you expect to be."

Alarmingly, users do not even need to visit a website to contract spyware. The preview window in Microsoft’s Outlook Express allows emails containing HTML and any other code which can be placed on a normal webpage, to be loaded, without warning. Companies looking to implant spyware using the “drive-by” principal are regularly exploiting this glaringly obvious flaw in the design of Outlook Express.

"If you get one piece of spyware, you will get five because the business model says they pay each other to pass on information about victims," said Mr Moll.

Thankfully anti-spyware/adware programs such as Ad-Aware (free) and WebRoot’s own offering, Spy Sweeper can clean up a PC and even help prevent further infections, but just like anti-virus software, anti-spyware software needs to be kept up-to-date to remain effective.

In addition to providing software solutions to this problem, legislators too are seeking to end this electronic intrusion. In the USA an anti-spyware bill is moving towards approval in Congress. If successfully implemented, this bill will force firms who wish to use spyware to first receive permission from the end-user before it is installed. But even before any new laws come into place, spyware makers are already working on next generation coding which keep their programs intact and operational….perhaps even on your PC.

Related Links:

WebRoot Spyware Audit http://www.webroot.com/services/spyaudit_03.htm

Ad-Aware http://www.lavasoftusa.com/software/adaware/

WebRoot http://www.webroot.com/

About The Author

Robert Palmer is CEO of deskNET Communications www.desknet.co.uk the first affordable alternative to opt-in email marketing and newsletters. With over 20 years professional experience in software development, Robert is a leading architect in the development of the emerging Net technology, One-2-Many Broadcasting software.

Ever get a virus? And no, we’re not talking about the kind you get from the kid down the street sneezing all over you. We’re talking about the kind you get when your computer runs into some nasty vindictive hackers. These are people who have nothing better to do with their time but make other people’s lives miserable. If you’ve ever been attacked by one of these things you know what I mean.

Enter the anti virus software. In short what this software does is detect a virus either on your computer or one that is threatening to slice your PC into little bits and bytes.

The most popular anti virus software companies are McAfee and Norton Anti Virus, the latter actually owned by Symantec. There are other companies and now even some ISPs like AOL are providing anti virus software. But McAfee and Norton are still the kings of the industry.

Before you can understand how anti virus works you have to understand how the virus itself works and how it infects your computer.

Contrary to what people believe there are other ways to get a computer virus other than to open an attachment in an email, though that is the most common way. Email virus infections occur when the user opens up an email with an attachment and downloads the attachment to the hard drive of the PC. What happens from there can vary greatly but in general what happens is the attachment, which is usually an EXE file, when saved, releases some code that performs an action on your computer. This can be anything from getting private information such as passwords and credit card numbers and transmitting it to the sender of the email to simply wiping out your hard drive to the point where it is beyond repair. There are debates as to which is worse.

Another way to get a virus, and this is the scarier one, is to go to a web site who’s server has been infected with a virus. This virus can be passed along through the Internet connection and place a dangerous file on your hard drive. Again, the actions taken afterward by the virus can be just about anything.

So what exactly does anti virus software do about this? In simple layman’s terms the anti virus software detects the intruding file and tries to do several things in this order.

First it tries to delete the file before it can ever even get saved to your hard drive. If it is successful, it is as if the file never existed and no harm is done.

Second, if it can’t delete the file it tries to repair it, if it is a file that is actually yours to begin with and has been modified by the virus itself. If it can repair the file again it is as if nothing happened.

Third, if it can’t repair the file then as a last resort it places the file in quarantine so that it can’t infect any other files. Yes, viruses can spread. In this case some harm may have been done and you may have to replace the file that has been infected with a new copy. Sometimes this requires reinstalling the software the file came from. Other times the file is simply lost, especially if it is a user created file, though it may be possible to recreate the file depending on what kind of data it contained.

So how does anti virus software detect viruses? To put it simply, your anti virus software has a list of known viruses. It scans every file that you download to your PC and checks it against this list. If it finds a match it warns you of the virus giving you the name of it and then attempts to go through the steps I’ve outlined above.

So where does this list come from? Well, that’s the hard part and the reason that anti virus software can never be 100%. The list comes from known viruses that the software company has either come in contact with itself or viruses sent to them from users who have been attacked. Therein lies the less than 100% effectiveness of anti virus software. There is always a chance that you will be the first one attacked by a new virus. You won’t know it until something goes wrong with your computer and then after you report the problem to Norton or McAfee they will have you send them the file you think caused the problem and run tests on it. No, it’s not an exact science but it’s the best we have.

So since anti virus is not a sure fire prevention the best prevention is not to download attachments when you have no idea who sent them to you, make sure your OS has the latest patches and be very careful about what web sites you go to.

At least you don’t have to drink your mother’s chicken soup.

Michael Russell
Your Independent guide to Anti Virus