Over the last seven years of repairing and maintaining computers in the Mooresville and Lake Norman area, I have often been asked how viruses can infect computers even when a valid antivirus program is installed. While it may be frustrating, it's not rare to get a virus on a protected computer.
In general, all antivirus programs are basically designed around virus definitions – basic lines of codes that identify a specific threat. Thesedefinitions are checked during a scan to show whether or not a known infectionexists within your computer. Unfortunately, there are new infections createdevery day. So, in reality, your antivirus software can be circumvented by asimple, new infection. If your antivirus manufacturer isn’t on their toes,their software can leave you vulnerable for days without malicious intent. Thisis also why the antivirus software manufacturers can drop from top-rated tofourth or fifth in a matter of days only to rise back to the top within theweek. On the other side of the coin, you also have to update your antivirus definitionsoften. Many of these antivirus manufacturers will issue definition updates sixor seven times a day (or more on a bad day) to counter new identifiedinfections. This isn’t accounting for unidentified infections that may slip byfor days “in the wild”. These infections can be very damaging until aresolution can be created.
To help support the “flawed” definition method ofdetection, the better antivirus programs also utilize heuristic scanning whichreacts to the way a program interacts with other software or the operatingsystem itself. While this is a much better method of countering viruses, it istricky to get it right – too  strict andthe antivirus software locks down a computer to the point that nothing worksright; too lenient and the heuristics scans are basically worthless. To assistin getting the right balance, antivirus programs tend to maintain whiteliststhat are documented actions considered risky but that have been allowed by theuser or known software manufacturers. For example, you may get a popup fromyour antivirus program that states “the following program has been downloadedfrom the internet and is potentially hazardous to your system, do you want toallow this program to run…” and you click yes. If you are sure and you reallymean it, that’s fine, but unfortunately, as users, we can be impatient withdeadlines and hurried schedules, or our kids can be using the computer and justwant their game to work, anyway, we click yes just to get the “stupid” popup offthe screen so we can get back to whatever we were doing in the first place andwe unintentionally whitelist a threat. These threats can cause immediate problemswith your computer by damaging system files or even deleting or encrypting yourdocuments or they can simply reside in the computer without any obviousimplications as they “open the floodgates” to other programs through your internetconnect bypassing the antivirus software.
Additionally, legitimate “unpatched”applications (often freeware or shareware from the internet) can be manipulatedby malicious code and utilized to wreak havoc on your computer. Theseapplications, being free, aren’t generally patched to close holes in the codeand unscrupulous individuals can use these holes to breach protective measures.No matter what antivirus software you purchase, it isn’t infallible. There areways around the software and there is a constant battle between virus writersand antivirus manufacturers – sometimes thought to be opposite sides of thesame coin. It is imperative that you, as the primary user and chief gatekeeper,be vigilant and careful when opening files particularly on the world wide webor “wild, wild west”.​
As a common habit, update your antivirus software to maintain the virus definitions, make sure it is running, update your software from the manufacturer's website, and be careful when clicking on popups of any kind. To keep a system virus-free, you have to be a vigilant, active user.
If you do need help or have other questions, contact your computer magicians at CET.