While visiting some adult sites recently using IE in private browsing, I got
what looked like an official screen from the metropolitan police advising me
that my computer had been detected accessing illegal sites and would be locked.
My camera was activated and my picture was taken and displayed on my screen. I
switched my machine off using the power button, waited a few seconds and then
rebooted into Windows 7. Everything seemed to be ok. After my initial panic, I
fired up my iPad and looked on the web to see if there was any mention of this
message and sure enough several sites identified it as a Trojan that had gotten
on to my machine. I started an AVG scan. AVG is/was my favorite anti-virus
software and is/was constantly running on my machine. I found several instances
on a Trojan, which it quarantined. Up until now, I’ve always promoted AVG as
the best protection around. So I was a bit shaken that this Trojan had gotten
through. Any help or words of wisdom you can provide would be reassuring.
In this excerpt from
Answercast #95 I look at what you might get on your computer if you visit
Anti-virus doesn’t catch all malware
The actual question is a fair bit longer but the bottom line is that the person asking the question is concerned that something got through their anti-virus software.
The bottom line here is that not all anti-virus tools will catch all viruses. Not all anti-spyware tools will catch all spyware. They will catch most. And in this particular case within AVG, it did catch it when you did the scan of your hard disk.
What it didn’t do was catch it as it happened.
Real time scanning
This is what we refer to as real-time scanning.
Now, I often recommend that people turn off real-time scanning because it can interfere with the function of the web browser, or the mail client, or any number of other things. But it’s real-time scanning that actually might have caught this as it happened.
As it turns out, either it didn’t, or it wasn’t turned on to do real-time scanning. But the scan, the static scan, the scan that you initiated after you suspected a problem, did. So that implies that AVG knows about this and will clean it up.
AVG will catch it when it does its regularly scheduled scan. It just didn’t do it in real time – quite possibly because you had real-time scanning turned off.
Visiting questionable sites
This is one of those decisions that you as a computer user need to understand and need to make. Real-time scanning can be important if you regularly frequent areas of the internet that are, for lack of a better word, questionable, and yes – many of the adult sites on the internet qualify as being in that questionable category. There’s a lot of malicious software that is delivered if you visit the wrong adult sites.
This is also true if you visit software downloading sites, illegal music sites, all those kinds of things. They all have a reputation of giving you more than what you’re looking for in the form of malware.
In those cases, if that’s the kind of thing you do on a regular basis, you want to make sure that you’re running anti-malware software that is scanning in real-time.
Problems with real-time scan
If it’s interfering with your browser, if it’s interfering with your email, that’s a problem that you need to fix somehow. It may mean using a different email program or browser. It may mean using a different anti-malware tool but if you’re visiting these kinds of places regularly, you want to make sure that you’ve got real-time scanning enabled.
Now, the other approach of course is don’t go there. Avoid the sites that are known to give this kind of experience. I have nothing against adult sites personally but I do know that when you visit random adult sites, you’re putting your computer at risk for exactly this kind of thing. Either you need to be taking the steps to avoid that by properly choosing and configuring the anti-malware software that you run, or you need to choose not to go there.
(Transcript lightly edited for readability.)
End of Answercast 95 Back to – Audio Segment