The Emperor's New Clothes (once more)
Antivirus-Problems under Windows 95
Copyright (C) 10/1996 by Howard Fuhs
After a while users started to experience problems with this new software, problems, which only showed up in cases of emergency, where people were really dependent on their anti-virus software. The types of problems encountered can easily be divided into two categories and described.
In this case an unexpected problem occurred in practice. When users after starting their Wirtdows 95 system attempted to install an anti-virus program, the installation was discontinued with the explanation that the computer was infected, thus precluding a perfect and above all virus-free installation. That this happened was in reality a tribute to the quality of the anti-virus products, but it landed the user with the problem that the product he had licensed was unable to be used to remove the virus, which was already present in his system. He first had to purchase another anti-virus product, which would allow the virus to be removed, running under DOS.
In this case the very modern concept of a Windows anti-virus product was overshadowed, and recourse had to be sought in a DOS program in order to tackle the problem. Aside from this, it was necessary to be in possession of a bootable DOS diskette.
In reality, this case led to a number of practical problems. The most common problem was that the virus had damaged some of the Windows 95 files, so that these no longer, or only partly, were functional. This in turn often led to the inability to start Windows 95. Even if the system was able to start, serious faults often made it impossible for the system to function reliably. In some cases the system simply crashed while attempting to load the anti-virus software. In such cases it was necessary to reboot the computer to regain control of it.
In practical terms it is only possible to solve these problems by booting from a bootable DOS-diskette and remove the offending virus from the hard-disk using a DOS-based anti-virus program. Subsequently, it is normally necessary to reinstall Windows 95 from scratch, which most often leads to the loss of personalised information and individual configuration files. These have to be re-established. On top of that, re-installation often leads to the loss of information about, and links to, other installed products, so that these no longer automatically are recognised by Windows 95. Either, ini and registry files, etc, have to be updated manually, or the products reinstalled.
It is also easy to establish the fact that most Windows 95 anti-virus products encounter problems with reliably detecting the viruses, let alone removing them. The cause of this is connected with system specific limitations imposed on programs running under Windows 95, by the operating system.
Problem number one must be sought in the fact that a graphic operating system because of its size and complexity no longer is able to be started from a diskette. Thus, it is not possible to boot the computer from an uninfected diskette and at the same time obtain the functionality of Windows 95. If a particular virus requires the system to be booted from a diskette in order for the virus to be reliably detected and removed, the user is in fact forced to use the DOS operating system. Because native Windows 95 anti-virus systems do not function under DOS, only a DOS anti-virus system can be used in this case.
The second problem illustrates the limitations, under which Windows 95 places anti-virus programs because of its API interfaces. Whereas the anti-virus programmer under DOS could more or less rely on being in a situation, where 'anything goes', Windows 95 will not allow many of the tricks used to detect, deactivate and analyse viruses, which place DOS-based product in a position enabling them to extremely reliably detect and remove viruses. E.g., certain often used interrupts are not available under Windows 95.
Despite the fact that Windows 95 has been used as an example here, it should not be forgotten that the problems illustrated here are typical of all modern operating systems. That these kinds of problems are not observed as frequently under other graphic operating systems, e.g. OS/2, does not automatically mean that these operating systems are less susceptible to suffer from them than e.g. Windows 95. Just think of the devastating consequences that an infestation by a simple DOS boot sector virus can have for an OS/ 2 Boot Manager partition.
A virus-free, write protected DOS diskette with a DOS anti-virus program on it, still belongs in any creditable virus defence system!