when was the last time anyone found a real live virus ?

If they are infected in spite of top AVs, perhaps you are prepared to say they are not effective?

 

I have said it before, and I say it here again... They are certainly not effective against those specific infections. The issue is not that they do not work or are completely worthless... only that even with best of breed protection some still get nailed pretty hard...

Which is why I strongly question the idea that infections are really a minimal risk in the greater scheme of things. As I see too many systems like the ones I posted pictures of and many more not mentioned. I must also mention that many of these badly infected systems exhibited few symptoms of infections. Meaning that these infections coexisted happily with each others and that many would have taken much longer to be discovered had I not been retained to perform maintenance... Although for many of these systems the users had an a pretty good idea they had infections but many did not.

Perhaps one of the variables I have never really talked about is that none of those system I was retained to clean had HIPS installed... It may mean something or perhaps not but it's nonetheless a worthy observation.

 

Putting on one side the question of whether or not viruses are a serious risk how do we explain that some - even with protection - get infected and others - even with little or no protection - do not ? Is it just luck ? or are those who say they have not been contaminated in denial ? or perhaps they do not realize just how infected they are ?

I ran Kaspersky yesterday - it took and hour and found nothing. Ran cureit a few days ago - nothing. Avast, Antivir, Nod 32.......... It is possible that all are wrong. If there is a wonder program out there that will find the viruses that others can't then I will give it a go.

In the meantime how is it possible that a machine can be on line for hours everyday with no AV, no AS, no HIPS, no software firewall ( see sig ) and yet nothing shows up ? If my Banks and credit card companies are all infected then surely by now I would have noticed ?

To be very rude and answer my own question - contamination has little to do with software and a great deal to do with behavior. I had a client who rang to
say she could not get on to the internet. I asked what she had done. Nothing was the reply. Eventually she admitted that her Firewall (Kerio) had asked a question which had panicked her - so she click "NO". The "No" mean that she didn't want her browser to be allowed on to the net. Nothing will ever protect such a person. FWIW the solution is not to clean these systems or to load them up with protection but to make clean images and wait for the inevitable.
For those with some idea of what they are doing the "inevitable" may never happen.

 

The number of spam mails (which are delivered by botnets comprised of several thousands infected PCs), the number of people posting at malware cleaning forums, the millons lost to identity thief/fraud, a new variant of rogue scanner on a daily basis and so on are enough proof that infections DO exist and are rather common to a fair number of people.
Consider yourself lucky (or smart enough) to stay clean for large amounts of time. I stay clean with little or "too much" security but I know others who get infected with or without security software (which isn't the same thing as security strategy)

 

It still does not prove mass infection which was my original point. No one that contends there is- has offered today, or before today, any proof of mass infection. The burden of proof is on those that allege mass infection. An allegation is an allegation- not proof. The proof has not been provided.

 

What would be a proper proof?

 

He obviously missed all those malware that can completely clear your .sys .doc .xls (etc etc) files off your hard drive, not to mention all the other nasties (being its payload mostly annoying rather than malicious) that laughs in your face by infecting your 'well protected' system. link

 

In your other post you wrote "This one scares me A LOT"
Hopefully this is rare. Rather than worry too much why not use a program such as Returnil or deepfreeze ? and then a reboot would get rid of the problem. If the malware is more persistent then restore a clean image with Acronis or Shadow Protect. Agreed doing these things would be a pain if infections happened every few hours but once every 5 years or so or even once a year when combined with a faster av free machine is tempting I would have thought ?

 

Interesting that the virus was started and detected but not intercepted. Even though the file is executed the av should still be able to freeze it + alert.

 

What scared me, according to my experience, is the fact that you can get 'easily' infected even running a (supposed) top AV on your system.
Thank you for your advice but I wouldn't recommend him something I don't actually use. Indeed, my only advice to him was to stay away from that av now.

According to the logs, the nasty was 'access denied' and then 'deleted' by the AV. Why his system got infected afterwards, i don't know.

 

With that statement, Igor Daniloff is displaying a stupidity almost comparable to people who have "never seen a virus despite using computers since the 1980s". I can understand why the latter group of people would look up to him as a role model, since a (somewhat) well-known figure is helping them to champion their fictitious fairy tales, which they have problems doing by themselves since they correctly get pooh-poohed at by any sensible person. But unfortunately, there are plenty of reasons why the responsible netizen should be concerned about viruses even if he/she personally suffers from nothing beyond a computer slowdown. By being part of a botnet, for instance, your computer could be unknowingly used by criminals do launch DDoS attacks, as a platform to launch hacking attempts on other networks, harnessed to break passwords or security algorithms, etc. The Storm worm botmasters, for example, have an unknown number of up to 10 million machines at their command (though is now reportedly on the decline), and with that kind of computing power you can defeat encryption algorithms that are usually uncrackable save by national intelligence agencies. Or your computer could become an SMTP server, spewing thousands of spam and/or virus-infected emails daily to other computers (Daniloff does acknowledge this, at least). Last but not least, it's not acceptable to not care about a virus unless you don't have an internet connection and never share removable media, the same way people afflicted with a cold stay at home and don't go about sneezing in other people's faces. These are just some of the reasons a responsible netizen should care, and while I have no problems with the fact that you (not surprisingly) knew nothing about any of them, I didn't expect that Igor Daniloff didn't either.

But then, it's possible that that article was old and Daniloff's claim was made years ago, when it would have been reasonably correct. Those rushing to exploit his interview – completely idiotic by today's standards – for their own propaganda purposes, unfortunately, do not get this luxury of benefit of doubt.

 

So as a stupid person let me see if I'm understanding you correctly. A member of Wilders has NOT ever seen a virus. When reading a thread about viruses he sees people say that they have seen lots of viruses. According to you he is not only wrong but also stupid if he writes anything. So now we are left only with a love in, in which only those who see reds under every bed are allowed to talk.

For the record I have never seen a virus - I won't cheat by making reference to my first computer usage in 1968 - since going on the net in 1996.

The really interesting point is why some get infected - even with lots of protection and others manage to avoid infection even without protection.

If forced to choose then I'm with Bunkhouse and Igor. In reality I'm not forced to choose. Those who peddle fear should desist and focus instead on explaining how users can handle the potential infections they are so afraid of.

Suggestions such as use Firefox with NoScript, or buy a Hardware Firewall are far more useful in my view than personal attacks "I have no problems with the fact that you (not surprisingly) knew nothing about any of them" Was the (not surprisingly) really necessary ?

 

Of course you aren't. Truth be told, it's a case of one extreme end of the spectrum vehemently and hypocritically lambasting the other, when the fact is both sides are equally untrue. The world would be a sad place indeed if we only had those two positions to choose from, but fortunately things haven't come to that yet.

 

Don't expect much rational analysis from Solcroft- he is a self-proclaimed expert and usually fails to provide any. He does not like my analysis because he cannot refute it. His writing style indicates (to me) a very angry man with an agenda that he has never revealed.

He does not like people that don't get infected- its bad for business. Keep that fear out there; it sells a lot of software.

 

So the self-anointed one gets to decide in this forum who gets the benefit of the doubt? I don't think so. And, at the expense of using the fallacy of argument from authority, I would argue that Igor Daniloff knows a lot more about computers and malware than you.

 

I suppose that, to some people, a self-crowned sense of moral high ground to declare what is "rational" and what is "not" counts as "analysis" to be, erm, "refuted".

I was simply pointing out the fact that it was possible that Daniloff's interview was years ago, when such statements would be reasonably accurate, while certain parties with vested interests who laughably rushed to quote Daniloff so as to support their own hidden agendas did so only yesterday.

By the way, I like your quote, Bunkhouse. Have you ever considered taking your own advice sometime?

 

So you have an agenda if you don't have infections and you are critical of those promulgating fear of infection? I think the agenda of the day, is to promote fear in this forum. I know that my critique of that process sends up all kinds of red flags to you and others.

 

In my experience, it is the shills who will cry the loudest and do their best to point fingers at other people, all the while carrying out their exercises to the benefit of their own interests. It's just the nature of how they do their business. And with that, I'll leave it to the public to judge for themselves the identity of the people who've been most industrious of this utterly baseless and sensationalist finger-pointing.

 

You tried and failed in contending that the Daniloff statement was dated. It was released in May of 2006. What was true then is true now. Against your agenda as I knew from your original reaction. Let's keep that fear alive and well even though one of the world's top authorities says its a sham.

http://www.softarea51.com/press-rel..._Big_Bubble_says_DrWeb_Anti_virus_author.html

 

In that case then he is wrong, for the reasons I have stated.

 

Can I have your permission to quote you on that?

 

To all,

Let's tone down the personally directed attacks, there's no need to demonize someone who has an opinion that doesn't match your own.

As an observer, this is a case of the ends of the spectrum not dealing with the nuance that most assuredly is present in reality.

Yes, there is hype. However, that does not render every comment noting specific types of threat a paranoid delusion.

Yes, a user can surf without an AV or any other security measure and be fine. That says more about personal usage styles than the state of the Internet.

Yes, a user can be "protected" by a multitude of security applications and still become infected with malware. That also says more about personal usage styles than anything else.

The fact that an individual has not been impacted by a virus does not mean they are not out there and they can be serious.

The fact that botnets exist does mean, at some level, mass infection exists. On the day Sasser hit a few years ago, my own R&D group at work was impacted by (we believe) an infected laptop placed on the company LAN by a mobile worker. The resulting communications disruption caused a high power pulsed RF generator to burn out. Locally (and in many other places), that day was pretty much a mass infection scenario, although the bulk of the populace was not directly impacted. Internal controls changed to deal with this better in the future.

The fact that you're infected may impact me, so that matters as well. What do you think is behind these DDOS events, which do occur?

Simply because I believe every user should take some measures to protect their computer does not make me a shill for a hidden vendor in the background. I don't sell software, nor do I use as much security software as many folks here. I do believe that you can survive without it, I also believe that statement does not apply to most users. Most users need the assist an AV (or their chosen alternate) provides. I also appreciate that some vendors hype these concerns to increase their sales, but that's a shortlived and ultimately self defeating posture.

Finally, for those throwing Daniloff's comments out here with abandon. Take the time to read the entire piece. It's a lot more nuanced than being portrayed in this thread, and there are some pragmatic realities that are being all too easily dismissed by Mr Daniloff as well.

Blue

 

Absolutely.

But of course, I can already imagine how a person of your character intends to use it. Having failed to refute my argument based on merit or facts, you intend to strike back using sensationalism and hype - of course, all the while, hypocritically parroting the claim of phantom shills.

Bring it on, Bunkhouse. Make my day. I, for one, think it's high time for you to be exposed for what you really are.

 

No offense, but pragmatic realities is a floating abstraction with no referents. I don't agree that vendors here hawking their wares life expectancy is shortlived. Just look at the posts- many are clearly promotional in nature under the guise of something else.

I did not say the threats are not real, I said they are about 1% real and 99% imagined. Until I see solid evidence to the contrary, I will take the position I have taken. If this forum cannot handle disparity in analysis, maybe I should go elsewhere and seek a more objective medium.

 

So Solcroft gets to attack once more and is not stopped by the moderators. We are all equal- some are just more equal than others.