Doug's Home On The Web "Now monochrome monitor compatible!"

McAfee Anti-Virus Causes Widespread File Damage

This is a stable product that's been out for many years and has a fairly good reputation. But a single update got botched and now entire filesystems are getting trashed.

I'll also shamelessly plug my own article on backup basics, which can be found here: Backups Made Easy.

===================================================================
= Section G.   Specific Virus and Antivirus Software Questions... =
===================================================================

G1)  I was infected by the Jerusalem virus and disinfected the infected
     files with my favorite antivirus program.  However, WordPerfect
     and some other programs still refuse to work.  Why?

The Jerusalem virus and WordPerfect 4.2 program combination is an
example of a virus and program that cannot be completely disinfected by
an antivirus tool.  In some cases such as this, the virus will destroy

========================================
= Section F.   Miscellaneous Questions =
========================================

F1)  How many viruses are there?

It is not possible to give an exact number because new viruses are
literally being created every day.  Furthermore, different antivirus
researchers use different criteria to decide whether two viruses are
different or one and the same.  Some count viruses as different if they
differ by at least one bit in their non-variable code.  Others group
viruses in families and do not count the closely related variants within
a family as different viruses.

======================================================
= Section E.   Facts and Fibs About Computer Viruses =
======================================================

E1)  Can boot sector viruses infect non-bootable DOS floppy disks?

Any DOS diskette that has been properly formatted contains some
executable code in its boot sector.  (There is some debate as to whether
this code should be called a program or not.  The important thing here
is that this code is *executed* at system startup if the diskette is in
the system's boot drive.)  If a diskette is not "bootable", all that

=================================
= Section D.   Protection plans =
=================================

D1)  What is the best antivirus program?

None!  Different products are more or less appropriate in different
situations, but in general you should build a cost-effective *strategy*
based on multiple layers of defense.  There are three main kinds of
antivirus software, plus several other means of protection, such as
hardware write-protect methods (see D4).  When planning your antivirus
strategy you should also look closely at your backup policies and
procedures (see 10).

================================
= Section C.   Virus Detection =
================================

C1)  What are the symptoms and indications of a virus infection?

Many people associate destruction--file corruption, reformatted disks
and the like--with viruses.  Machines infected with viruses that do this
kind of damage often display such damages too.  This is unfortunate, as
usually viruses can be detected or prevented from infecting long before
they can inflict any (serious) damage, though many viruses have no
"payload" at all.  Note that viruses that simply reformat the hard disk

====================================================
= Section B.   Definitions and General Information =
====================================================

B1)  What are computer viruses (and why should I worry about them)?

Fred Cohen "wrote the book" on computer viruses, through his Ph.D.
research, dissertation and various related scholarly publications.  He
developed a theoretical, mathematical model of computer virus behaviour,
and used this to test various hypotheses about virus spread.  Cohen's
formal definition (model) of a virus does not easily translate into
"human language", but his own, well-known, informal definition is "a

===============================================================
= Section A.   Sources of Information and Antivirus Software. =
===============================================================

A1)  What is Virus-L/comp.virus?

Virus-L and comp.virus are discussion forums which focus on computer
virus issues.  More specifically, Virus-L is an electronic mailing list
and comp.virus is a USENET newsgroup.  Both groups are moderated; all
submissions are sent to the moderator who decides if a submission should
be distributed to the groups.  For more information, including a copy of

             Questions answered in this document

Section A:   Sources of Information and Antivirus Software
             (Where can I find HELP?!!)

A1)  What is Virus-L/comp.virus?
A2)  What is the difference between Virus-L and comp.virus?
A3)  How do I get onto or off Virus-L/comp.virus?
A4)  What are the guidelines for Virus-L?
A5)  How can I get back-issues of Virus-L?
A6)  What are the known viruses, their names, major symptoms and
     possible cures?
A7)  Where can I get free or shareware antivirus programs?
A8)  Where can I get more information on viruses, etc?

====================
= Preface Section: =
====================

The Virus-L/comp.virus FAQ sheet is normally posted to on-line services
and sent via e-mail in one of two forms:  As a single, large (>160KB)
file, or in four separate pieces.  Either or both of these forms may be
available for download from FTP sites and BBSes.

The one-piece FAQ sheet should be available in a file called
vlfaqxyy.txt, where "xyy" is the current version number (starting from
200 in mid-1995 for version 2.00).  The multi-part version is created by
splitting the main FAQ sheet into four pieces as follows: