Path: utzoo!utgpu!news-server.csri.toronto.edu!bonnie.concordia.ca!uunet!lll-winken!iggy.GW.Vitalink.COM!widener!netnews.upenn.edu!vax1.cc.lehigh.edu!cert.sei.cmu.edu!krvw From: padgett%tccslr.dnet@uvs1.orl.mmc.com (A. Padgett Peterson) Newsgroups: comp.virus Subject: Stoned Again (PC) Message-ID: <0006.9104291313.AA23337@ubu.cert.sei.cmu.edu> Date: 26 Apr 91 19:23:33 GMT Sender: Virus Discussion List Lines: 32 Approved: krvw@sei.cmu.edu >From: "Chris Wagner" >Subject: Initial Virus Protection (PC) >Right now, cost is a real factor due to a limited budget. >I get the impression that the only way to be sure we don't have a >virus is to periodically scan our disks with the latest scanning >software we can find. >From: John Councill >Subject: TSR Virus Detector (PC) >Can anyone reading this recommend a reliable program that will sit in >memory and warn against writes to .EXE and .COM files, as well as >other suspicious virus-like activity without degrading performance of >the machine too much? On the PC, a virus must be executed to have any effect & there are three ways for this to occur: cold boot from floppy, warm boot from floppy, user request. The last two can be controlled by software (e.g. McAfee V-Shield), the first only with hardware (but can be detected immediately by software). Full system scanning is only necessary if an infection is suspected and the extent is to be determined. Once malicious software is present on a system, it can hide in many ways, the key is to detect such activity before it becomes resident. I am constantly surprised that, considering the simplicity of the PC architecture, more schools have not developed their own protection software rather than relying on outsiders, certainly it is more difficult to write a functional operating system, something most CS schools require. How about an annual intermural anti-virus competition - anyone interested ?