Summary: It seems like even the most up-to-date anti-virus software package isn't always enough. It's frustrating, since you'd think that it would be.
|
I have AVG virus protection always on and windows XP firewall enabled. Why do I still get infected with some Trojan horses? I check for updates every day so I am sure I am up to date. |
It's a good question. And the answer is partly the nature of anti-virus software...
... and partly the nature of "the race".
•
The Race - And Bad Luck
I use that term on purpose. Combating viruses is a race between virus writers looking for vulnerabilities, the team of anti-virus software vendors looking to catch them, and system software providers looking to plug the security holes that viruses exploit.
So the first answer boils down to bad luck. It's possible to be doing everything right, and still get infected if you catch a new virus before your anti-virus software knows how to detect it and before your system software has been patched to disable it.
All Anti-Virus Software is the Same, Only Different.
Sadly, as far as I can tell, there's no "best" anti-virus package. Most all of the name brands are good, but I've not run into one that really stands out above the crowd as detecting absolutely everything.
What that means to you is that no matter what anti-virus package you run, it may miss something. Different packages may miss different things, but there doesn't seem to be a single package you can count on to catch everything. So it's possible to still get infected even though you're up-to-date with your package.
The Internet - Wear Protection Before Touching It
One of the more frustrating scenarios in recent months involves going through great lengths to clear a machine of viruses, only to get infected again within seconds of connecting to the internet. Some viruses exploit operating system vulnerabilities that are present simply by connecting to the internet. You don't even have time to download your operating system update, or anti-virus software, before your machine is once again a victim.
Firewalls help. That's one of the reasons folks like me harp on putting your computer behind some sort of a firewall. Firewalls understand the difference between certain types of legitimate internet traffic, and types that you'd never need. They block out the unwanted stuff before your computer ever really sees it, or has a chance to be infected by it.
A Virus is a Trojan is a Worm is a Virus
All viruses are not created equal - hence all the different terms used to describe them. Some exist merely to propagate, others exist to do damage, while still others start to blur the line between virus and spyware as they install monitoring or additional vulnerabilities on your system. Some travel by email, others by downloaded applications, and as we just saw, others can travel from unprotected computer to unprotected computer directly through the internet.
Anti-Virus programs have a hard time protecting you from yourself. For example, if you open an email attachment you don't recognize and run it, you may install a virus before your anti-virus software has a chance to act. If, when downloading a file, you choose to ignore a warning that your anti-virus package or firewall throws up, you're telling the software that you know better than it does what is or is not safe. Let's hope you do.
Why?
Why is it like this? It's hard to say. Ask 10 people and you'll get 10 different answers. Hackers with too much free time. Operating systems that aren't robust enough. Success in the marketplace makes for a bigger target. And more.
What we do know is that it is like this, and will be for the foreseeable future. That's why, ultimately, you and I are responsible for keeping our computers safe on the internet.
Related:
-
Ask Leo! - What's the best Pop-Up Blocker? Anti-Virus Software? Anti-Spyware Software?
-
Ask Leo! - Why did I get reinfected within seconds of connection to the internet?
-
Ask Leo! - What's a firewall, and how do I set one up?
Article C2175 - September 1, 2004
I had to turn off my Firewall because my Dell said that AOL was being blocked by it. I was asked to remove it so I could go online. Is this neccessary? Can I run thae Privacy wall instead? Help. Yhank-You.
Posted by: mary at November 8, 2006 8:40 PMHi Leo!
Posted by: Gabriel Sweden at March 11, 2007 7:27 PMI´ve driven this philosophy for a long period of time about the antivirus corporations, which is that they
create their own viruses, which only they self can treat in the begining. This only to make normal people like me, by their antivirus product. Do you think that this could be a good assumption? I really belive that antivirus, (and antispyware for that matter), corporations are responsible for atleast 70% of viruses on the internet, by hiring private hackers. Do tou think that there is something close to my philosoophy?
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
No.
I do not believe that mainstream anti-virus software manufacturers -
regardless of how good or bad their product might be - are engaged in
anything such as you describe. There are plenty of viruses being created
for real - there's no need to "manufacture" a need for anti-virus
software.
There have been a couple of isolated cases where specific viruses were
unleashed and specific removal tools could be purchased from the virus
creators, but it's been quite a while since I've heard of any, and they
never involved the general purpose anti-virus tools.
There is no conspiracy.
Leo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (MingW32)
iD8DBQFF9MkuCMEe9B/8oqERAs/tAJ4kLAiMzZ1a0AmSiHZchWKwdPcnjACfe3Oh
Posted by: Leo Notenboom at March 11, 2007 8:30 PMg69N7ryr1uRemJ5FmdX4gg4=
=dvyf
-----END PGP SIGNATURE-----
I firmly believe that those Anti-Virus companies are indeed conspiring to place viruses on the net. Think about it! It's a very big money maker!
Posted by: John at October 16, 2007 6:36 AMyeah, and they publish them from the "grassy knoll"...lol (for those that don't get this reference, ask your parents)
Posted by: David at October 24, 2007 2:25 PM