«
»

Antivirus Software

avpro AntiVirus (AV) software is everywhere.

It comes pre-installed on the machines you buy, Windows warns you if you don’t have it, pop-ups urge you to get it and now we have thousands of malicious programs claiming to be AV software.

Lots of people have asked my opinion on AntiVirus software, as well as ask my help and assistance with AV-software related problems. When it comes to digital threats, the single most powerful thing you can do is educate the end-user. I’ll explain why later in this article, but first…

What is a virus?

antivirus2009popup These days we have viruses, trojans, worms, spyware and malware. A virus is just like any other piece of executable code. There is nothing magical about it. By definition, it’s any piece of software that can copy itself and “infect” your computer without your knowledge or permission. Even so, a virus can’t get in without an open-door. In my experience, there can be two kinds of “doors” that viruses can get through.
The first kind is what your computer is designed to do. Unless you configure it otherwise, your Operating System is designed to follow instructions – whether over a network or off of a simple floppy disk, and that’s what a virus is – a set of computer instructions (code). Your CD-ROM or USB drive, your corporate network, e-mail attachments, instant messaging, peer-to-peer software and malicious websites that you may accidently download from are examples where your computer will simply do exactly as it’s designed.

The other kind of door is due to the sheer complexity of modern computer programs today. Windows XP is said to have approximately 40 million lines of code. This leaves for numerous vulnerabilities, holes and unforeseen scenarios that malicious people find and take advantage of. After Windows has been installed, 3rd party driver programs, games, office software and even anti-virus or anti-spyware is installed that can add to the number of threats. This is evident as software is patched every day. By service pack 3, Windows XP alone contains over 1,073 patches/hotfixes. This is why it’s important to stay up-to-date on making sure you are running the latest, patched version of the software packages on your system. A RAC from a support company with trained, knowledgeable staff can ensure that your systems are patched and adequately protected with modern firewall and anti-spyware applications.

Why do I need antivirus protection?

yourcomputermightbeatrisk Virus engineering is a multimillion dollar industry, and many of its employees do the work gladly without pay. Whether it’s a young college genius “showing off”, a disgruntled employee or a foreign government looking to cause some hurt, there are millions of new viruses and variants of existing viruses released into the wild every year. The delivery of these viruses has become increasingly complex as time goes on and the arms race continues to patch existing exploits and discover new ones.
Good, up-to-date AntiVirus software is backed by a team of programmers who work round-the-clock to discover these viruses and develop ways to stop, remove, prevent or disable them.
A virus can enter your PC by simply visiting a certain website that takes advantage of a yet-to-be-found or unpatched exploit in your web browser. In fact, in an unpatched system, a virus can enter your computer just by having an unprotected internet connection. bsod-winxp Once it’s entered your system, many viruses invite additional malicious programs that bring your system to a grinding halt, steal your identity, destroy your data or even hold it for ransom.
Antivirus protection is like wearing a seatbelt, a motorcycle helmet or a lifejacket. It’s impossible to protect you from every threat, but it would be foolish to leave home without it.

Antivirus software isn’t perfect, but why not? That’s because when you get to the nitty-gritty nuts and bolts of any application, whether virus or office app, it all gets down to 1’s and 0’s.1and0    The same operating system functions that allow you to delete a file or overwrite some information using Windows Explorer are the same functions a Virus can use to wreak havoc on your system.
To combat this, AntiVirus applications use “heuristics” and search for patterns that resemble virus-like behavior, but this is why we have either very lazy antivirus software or an annoying number of false positives. Because an antivirus program intercepts network traffic and gets beneath core OS functions, it exhibits plenty of virus-like behavior and this is why two antivirus applications do not usually coexist without lots of problems.
So, because a new virus can look and act like any normal computer application, a virus must be spread far enough that it eventually gets back to the antivirus vendor. By now, thousands if not millions of computers are likely to be infected, especially as most users don’t properly patch their software, keep antivirus software subscriptions up-to-date or take the necessary precautions to make sure their systems are adequately protected.
Once a vendor has acquired a new virus, it can take as long as a month before it’s been reverse-engineered and added to their database, and you must still update your virus definitions before you are protected. It takes only hours to write a new virus, if not minutes. This is why it’s important to have a good backup solution, and there are excellent support options available via 3rd parties such a BitRac who can ensure your data is safe and sound in the event of a virus outbreak.

If my antivirus software isn’t perfect, what are the best ways I can protect myself?

images-lock Keep your system up-to-date. Make sure you’ve installed all the latest patches, hotfixes and service packs.
Close as many open doors as possible – use a good firewall solution, don’t download software from unsafe sources, don’t install software that can invite viruses inside, don’t share home USB drives with corporate computers, don’t open e-mail attachments from people that you don’t trust or attachments that you didn’t explicitly request. Don’t give out your credit card information online.
Backup your data and your computer and keep those backups  current. Store your software serial numbers and registration information in a safe place.
BitRac can help you accomplish all of these tasks remotely, even as you sleep as we constantly monitor your systems every minute of every hour and watch for new threats.

So why is educating the user so important?

Because without knowing what and how serious the threats are, you can’t make good decisions to protect yourself and prevent disaster.

michael-it Michael Snead writes for moranit.com, our blog about the computer technology industry. E-mail Michael, or follow him on his blog at mikesharp.wordpress.com. Michael is a passionate IT enthusiast and professional application developer with years of experience in diverse corporate environments including everything from the family-owned to the multi-national enterprise. Michael’s hobbies include X10 home automation, his open-source home theatre PC and converting his own electric car.

This entry was posted on July 21, 2009, 6:55 am and is filed under Uncategorized. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

  1. Leave a comment

Leave a comment