ANTIVIRUS ITSELF A VIRUS. IS IT????

Seriously!

If you can name the antivirus that you've installed into your computer, at least, we can learn something about it (from your experience).

Don't you think?

People write new virus every day. So an up date is necessary so that the software can identify the virus. I have been told it is good practice to clear your hard drive and reinitialize it. Starting all over once a year. Gets rid of all kinds of junk even the anti-viruses can't clear.

I run several viruses as a matter of course and have done so for years. Big ones, too. Huge ones. The latest incarnation is called, strangely enough, Windows 7. Much better than its predecessor, though - Windows Vista. Huge and late and dangerous. Sorry, dangerous in the sense a beached whale is dangerous.

Back to the topic: Anti-malware (as these collections of thingies fight more than just viruses) typically need complete run of the place in order to do their jobs. Quite a few run as so-called 'rootkits' which, apart from their presumably benevolent behaviour, resemble viruses in nearly every respect.

Both hide from certain system calls, for instance. There are kernel APIs which let you take inventory of all running threads, processes, etc. on the system. Both viruses and anti-viruses intercept these calls at very low levels so that they can strike their names from the list of PIDs or whatever that's returned and, in so doing, hide their presence, hide their use of system resources, memory, process IDs and anything else which might betray their presence to the Enemy, if also present. Guerilla warfare in every respect, waged by electrons.

The Windows' Registry is fave hangout for malcrap. One trick is to hide junk - stuff like executable code, URLs and anything else Ms. Resident Evil might need to do her dastardly deeds - behind the NULL terminator in Registry strings. Windows naively thinks strings go only as far as the first NULL character. Once the NULL is reached, Windows doesn't look past it. "I've got my string and so I'm fat, dumb and happy." But we knew that. (Sigh)

Another exploit is the ubiquitous buffer overflow. If His Malness can somehow force junk past the end of certain buffers (a buffer is essentially a fixed-length block of addresses in memory in which the program/operating system stores things temporarily - stuff like key-codes from your keyboard and so forth) he can sometimes get the system to do his bidding by forcing anomalous behaviour.

Some programmers just set their buffer size to something larger than they envision will ever be put in his buffer and then hope for the best - the best being hoping it will either accommodate the future or crap out after they're gone. If they're working in Redmond (or a not a few other places, too) they're prolly up to his gills in orders from On High to Get-It-Out-By-Friday-Or-Else. Hastily-written code usually sucks in lots of ways but the most insidious is that which admits malware because nobody's minding the bluddy store.

If no one's keeping an eye on how much stuff is actually being shoved into that buffer, malware can come along and 'overflow' it by pushing more stuff in there than it was designed to hold. What lives on either side of the buffer is almost anyone's guess, but a clever malware author probably isn't guessing at all and knows exactly who the neighbours are and how to exploit them. How does he know that? Very often by reverse-engineering the operating system binary code (there are handy tools which make reading the raw binary unnecessary). He takes great pains to find buffers which have interesting and useful neighbours. What makes certain ones interesting and useful is what the system does with certain stuff that's made to spill into the neighbour's yards. If he can make the system hiccup in just the right way, it's all downhill from there.

This is all highly simplified of course. If you're really interested in this sort of thing, please don't take my word for it - there's tons of stuff online from which to learn more.

As for your question: An old, outdated anti-virus - especially the root-kit kind - is probably worse than having none at all because a clever virus can exploit the AV to its own advantage.

Some viruses even masquerade as anti-virus programs. Whatever works! These hackers are not only unscrupulous, some are paid big bucks to amass zombie armies for their clients (often governments) - or rent them out for a hefty fee (to governments, quite often). Google "bot wars". Russia is a fertile source of zombie-ware.

Porn sites are a great place to find virus downloads of all stripes. The animated gif of that delicious Venusian nymph you saw the other night? Full of maggot-code.

P2P (peer-to-peer) networks like Limewire, et al? Lot's to be wary of in those places. Sites which specialise in downloads of pirated or unlocked programs? Good effing luck!

Some of the most amazing viruses on the planet are written by - the U.S. Government. Just ask those reactor people in Iran how their system fared last time it got infected by a very specific, very targeted virus which attacked PLCs of all things! Just ones that controlled reactor-related stuff. Of course Uncle Sam disavows all knowledge of his actions, Mission-Impossible Style. Like, he's gonna fess up? Right.

Cyberwarfare.

There are so many different ways systems can be compromised and what can be done to protect them is a forever game of catch-up. Just ask the anti-virus companies. It's like urban warfare, but on silicon.

Or, you can do what I once did - bypass all the introductions and buy your virus retail at your local computer store whilst paying an arm and a leg for the privilege. Don't forget to read the EULA.

Oh wait. I'm running Linux now.

Sorry. PTSD