Saturday, August 22, 2015

virus - How did a Malware get past Avira when it was detected by it?



I have Avira installed on my other PC. It detected a Malware, and proceeded with the usual, scan, detect, quarantine. I thought it took care of it but the Malware actually took care of Avira!



Now my PC is infected with "Smart Fortress 2012" (the name of the Malware). Thankfully removing it was a Google away (it turns out I need Malwarebytes to get rid of it). Now I am thinking do I really need a bunch of tools (like anti-spyware, anti-malware, anti-virus, etc) to stay protected.



How come Malware was detected yet it took over the system? Isn't anti-virus enough or Avira just "sucks"?


Answer



No AV software is 100% effective, they are all based of signature files and a not so good heuristics engine, if high quality new malware that has not been added to the sig file got on there, it will get past any AV software.




Script kiddies are no longer coding malware, some of the best coders in the world are now writing malware, and they are very proficient at getting around most AV software's, at least until they are discovered, identified and added to the sig list - it's a cat and mouse game, and the mouse won in your case.



Yes, manual scanners such as MBAM, Super Anti Spyware, are good to use on top of active AV software.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...