Research: 80% of Carberp infected computers had antivirus software installed

If antivirus programs are never exposed to infections then how is a av company able to improve the av product to stop/cure anything ?

It's an endless circle really. the chicken or the egg.

No infections, no cures and more importantly no understanding of how malware exactly operates or does its 'magic'. sure you can theorize about it, like quantum mechanics has theoretical scientists.
Do everything in theory or only on paper.
So why have the LHC collider when we have theoretical scientists that can use math to describe whats happening at the subatomic level ?

Its like horrible diseases, the majority of the people won't get them, but if we simply ignore it then we will never understand how these diseases can be cured. And by studying you might find a cure and maybe find something new that wasn't part of the cure. and you might be better prepared for bad things to come in the future. who knows ?

Only saying that no matter how tragic and destructive these things are, you might learn something about it and find something new in the process that is unrelated to the cure but might give rise to something new that does things better as opposed what they are doing now.

endless.. yes.. pointless.. no. its time for a quantum computer, where everything is in quantum flux.. is it there or isn't it ? like schroedingers cat

 

That's a greatly exaggerated statement.

 

Very well said my friend. Couldn't agree with you more.

 

The bottom line Antivirus do protect users when there used properly but its also up to the users to have some awareness of what they do.If they are a high risk taker then it will come back to bite them,its just a matter of time.We also have to take into consideration how many are running in admin account vs standard accounts,How is there browsers configured and are they up to date and are there any vulnerabilty in the software from exploitation.

 

People who knows and want to use security tools besides antivirus usually dont need those tools at all.

A great example is Wilders Security users , there are folks here with many security software and approaches to security but they simple dont need them , paranoia ...

Antivirus are necesssary to protect the large majority of pc users and this will not change so fast.

 

Absolutley agree.

 

The problem is

a) On-access AVs are doing a bad job of protecting those people

b) AV vendors engage in some pretty unethical behavior to cover that up

I'm not going to say AVs don't protect you outside lab settings, but I've seen them fail to protect on several occasions.

(Mind, in my experience "My computer is slow" usually translates as "My AV has gone on an endless I/O binge, and is grinding my hard disk to death while other programs wait and wait." So I'm less than enamored of AV software in general.)

 

How so?

 

hi
The main black list approach of antivirus is an N-P complete problem
http://en.wikipedia.org/wiki/NP-complete
And we can list thousands of famous examples before Carberp...

Therefore IKARUS guys are not wrong...

~ Copyrighted Image Removed ~

 

I disagree. I can keep my computer completely malware free 99% of the time without using any protection at all other than the built in Windows firewall, by using common sense. I visit lots of portentially risky sites and still not get infected. Even websites which Google warns me not to visit because they are unsafe - I copy and paste the websites url from the warning page and visit them anyway.

In the very rare case of infection, it is because of running an infected file I downloaded. If I took more care about what I was downloading, than the chanes of inection would be near zero.

If you look at my signature you will see that I do currenntly use antivirus software. However, this is a rarity for me.

I'm not suggesting that people ditch their security setups, or that they are a waste of time. But, my point is that if you know how to avoid getting infected, you can greatly reduce the possability of infection. So rather than relying on your security software to find threats, you can avoid them in the first place.

 

I dont use any AV either just HMP for OD scans once a month.Sure common sense goes a long way but everyone can and will make mistakes.The Security tools I use I have a lot of room for human error like with sandboxie and system wide virtualization.Actually I dont try to avoid malware but just contain it and sometimes even welcome it for testing.. I can always recover from it in the event something gets through but nothing ever does.

 

Very funny...the coprighted image is stored on Panda blog
http://research.pandasecurity.com/antivirus-industry-10-years-ago/

 

hi

Sorry even a "veteran member" needs sometimes to take a look at the TOS...
It is a famous image reproduced on many security blogs...even by an anti-spam Microsoft engineer who has extended the date
http://blogs.msdn.com/b/tzink/archive/2012/06/08/evolution-of-the-antivirus-industry.aspx

Many studies have pointed the weaknesses of antivirus, as those for instance published by Surfright
http://www.surfright.nl/en/home/pre...irus-software-are-still-infected-with-malware
Or this 2009 pdf study http://files.surfright.nl/reports/HitmanPro3-RealWorldStatistics-OctNov2009.pdf
The main problem for the AV industry was to provide an easy to use and user independent security with a large user rights perspective (using the PC with a minimum of restrictions).
Hips, as a multi layered approach was the solution to this colander like protection, solution discussed on this board since 2003 by many HIPS evangelists...
Of course, Microsoft was in front of the same dilemma; put on hands users an OS where freedom is the key (that is why it comes not hardened by default).
And in the same AV industry way, they integrate a black list security solution, and not an HIPS.
Therefore news like this one are useless...since there is no solution to the main problem: the Human between the chair and the keyboard.

rgds

 

(quote from kareldjag).

Seems like there is some difference between 32bit and 64bit of windows. 64bit has some "hardening" if you can call it that, at least in comparison with 32-bit and 64-bit of windows.
The kernel patch protection or kernel patch guard, which in itself is a good thing to keep the bad things away, is also blocking good av/antimalware programs to be able to stepup the security even more by integrating within the kernel. but like I said there is a fine line between benign/good and untrusted/evil. I think thats why MS have chosen to block kernel access, or a portion of it, to all good or bad.
Mostly thats why alot (not all) of av/antimalware or firewall products still seem to be 32-bit.
But that is in my own perception or view.

What I also do not understand fully is why is microsoft releasing a independent version of EMET (v3), operated and configured manually by the user.
If Microsoft, or a certain group within Microsoft, believes that EMET is such an great asset to windows, why not integrate/embed it fully within windows and set at least some standard rules to protect processes with SEHOP, ASLR, DEP.

anyway, I do appreciate that MS has released EMET v3, but why just not embed it in windows ?. Or is SEHOP, ASLR, DEP protection maybe standard in Windows 8 ? I have never run windows 8, so sorry for not knowing this.

EDIT: ehm DEP is already present, but I mainly mean SEHOP/ASLR within 64-bit of windows, since it might not be useful or possible with 32-bit.

 

Appears to me most posters have read the ZDNet article versus the full study .pdf?

If this study shows anything, it highlights the risk of running an unsupported OS. Note that the majority of infections occured on WIN XP SP2 platforms. This confirms what anti-malware experts have repeated stated "Only use a currently supported OS and ensure all security patches from the vendor are up to date."

Bottom line - no AV no matter how adequate will protect you if you OS have vulnerabilities that hackers can exploit.

 

My thoughts exactly

 

Epic joke

Someone feed the hungry man please

 

Not making a joke. Look at av comparatives for lab conditions - you'll see out of date AVs get 40-70% of new threats through heuristics. The real world isn't as friendly as lab and most people don't constantly update their AV.

Believe what you like.

 

if end user does not update AV, then it is equal to not being installed. I don't think we can blame AV for that.

same way, if OS/app software is not updated by end user, then we cannot blame OS/app vendor for active vulnerability exploit by malware.

agreed, AV may not always protect the user from newly emerging threats, but it always comes in handy for many occasions at least in my case.

 

I can and I do blame the AV for that. Same goes for the OS. But that's just me, you're entitled to your opinion and I respect that - I know plenty of very intelligent people who agree with you.

 

Yes my friend. Every one is entitled to their opinion. I do definitely abide to that.

I think there should be a change in from end user side too. Since, the emergence of new threats is being increased rapidly. OS vendors (especially MS) should come up with a better way to educate the imp. of maintaining AV and OS up to date. This is the one of the ways (which i feel) to better counter effective these new threats. (happy to see W8 step towards that direction, even W7).

-Harsha.

 

the average user will have an outdated version of an antivirus which may of even ran out of subscription so is providing no protection but reports like this will still show antivirus installed. third party programs wont be up to date which makes it easier for malware to get on systems by driveby.
running an up to date av along with all software patched and using a standard user account provides decent protection against malware.

The problem with oem companies shipping 30day trials of security is that users dont renew the subscription after the 30 days is up. This provides users with a false sence of security.

 

Reviews for. 'Tornado Detector App'. (overall. voted 3/5 stars)

5 stars - great program, easy to use and customisable

5 stars - excellent! does not slow down my phone

1 star - app did not detect tornado

 

+1. agreed.
If not possible to provide 1 year subscription, they should include free AV bundled.