All right, I confess. I don't like antivirus software and I have none installed on my computer. I have found that most software of that sort is a pain, especially when resident and working in the background.
I've tried antivirus programs many times, but I've found that they invariably make my machines slower, require constant loving care (that is, frequent updates and adjustments) and more often than not consume more resources than I'm willing to allow them. Moreover, sometimes - only sometimes - they play havoc with the data they are supposed to protect. For instance, Norton antivirus is known for blocking an entire Eudora e-mail folder if it finds a virus there. This causes Eudora to malfunction, and the entire folder contents can be lost. It has not happened to me, but some of my friends have already had that painful experience.
So for several years now I have had no antivirus software in my computer. Infection incidents? None. And get this: I am not a secluded monk living in isolation from the world. My office computers are permanently connected to the Internet and I get about 400 e-mail messages a day, mostly from mailing lists. I exchange files day in and day out with my colleagues at the IDG News Service and with friends and clients and have never, ever received a report that I had sent an infected file to them.
How come then? Am I exceptionally fortunate? Have the virus epidemics that affected the whole civilized world (or just the computerized world, bah!) spared my beloved machines every time? Not a chance. I do have viruses. They do reach me, but they do not infect my system. How is this possible? Let me tell you a story.
Yesterday I was asked to report on the new antivirus scanning service that Hispasec Sistemas is offering for Spanish-speaking Web users. This system uses the Trend Micro "House call" antivirus engine, which is also available in English at http://housecall.antivirus.com/housecall/.
When I ran the service on my "D" drive, where I keep my data and my e-mail messages, the software found 17 infected files, with a staggering variety of viruses. There they were, the whole lot of them, with all their cryptic names and destructive power: Troj Mtx A, W97M Classes A, B and D, 666 Test, Pretty Park, and many others. I also had some of the famous ones: I Love You, and the recent and very infective Anna Kournikova, also known as VBS Kalamar.
Then I ran a scan of my "C" drive. The result: not a single file was infected! None of the viruses, with their all their potential for wrong doing, had ever left their original files on the "D" drive, and I had never sent them on by e-mail.
Of course, after the scan I deleted or cleaned all the infected files, but I could as well have left them there. They had caused no harm for years. They would have probably remained harmless in the future.
Let's say I have been a "healthy virus carrier" all these years (not infectious, either). And this is due to a few factors that I would like to share with you now:
1. Most viruses, Trojan horses and worms come through e-mail, and they are relatively unsophisticated. The previous generation of viruses (or "virii", as some would prefer) was, let's say, smarter and more sophisticated. They were smaller. They knew how to hide in executable files and diskette boot sectors. They even used stealth techniques for fooling the scanners.
The diskette boot sectors were a great hiding and infecting place. But who uses diskettes any more? These viruses still exist, but I have not seen one in years. The ones that spread today need the services of Windows software and, most particularly, Microsoft e-mail software. Conclusion: I do not use Microsoft Outlook. I use Eudora. It's a lot safer.
2. The new generation of viruses require some sort of "permission" from the user to do their tricks. Your e-mail software must be set to automatically run executable content, or you have to click on the infected icon. I never do. My software does not run executables on its own, and I never click on suspicious files. And what if the icon indicates a picture file, for instance? I look at the extension. None of my software and operating system hides the extensions. I know that some extensions are dangerous: .exe, .vbs, .scr, .com. And I know that some malicious software tries to pass for a lamb by hiding behind a fake extension. But the real one is always there, if your software is not set to hide it.
3. I do not allow automatic macro execution in the Office suite programs.
4. I have backups. If for any reason - virus related or not - something happens, I know I have most of my significant data backed up on another drive, on another machine, and that eventually it will all find its way to my CD burner.
So, viruses are not such a terrible threat after all. I have lived with them for years, and I am here to tell you the story. Be cautious, though. They are no joke.