when was the last time anyone found a real live virus ?

I had to disinfect a friends computer in the weekend. For 2 years they've been using the same factory install of windows xp with norton internet security 2005. They have little to no computer knowledge, they p2p, visit porn sites and all that other stuff so i was surprised when i only found the remains of a single trojan. It definitely has me thinking about how dangerous is it really?

 

Hello,
If that's the case, you'd go blind if you came to my house...
Mrk

 

This thread just shows how much ppl take security too seriously, I've always said an antivirus is more than enough for a home user.

 

Hola,

I don't know people but I cleanup viruses all the time. Usually without much help from AV's as they most often failed to even detect the infections in the first place...

Maybe some of you should reconsider your position on this or perhaps upgrade your skills...

 

What are you using to clean them if not a AV. Prevx?

 

Hello trjam,

I use a variety of tools, but to name a few, ProcessMon & Procesxp, as well as autoruns from systeninternals as well as runscanner. I sometimes also use an in house registry tool as well as rootkit hook analyzer from resplendence and of course rootkit revealer also from Mark Russinovich.

In a nutshell, everything needs to be invoked from somewhere in order to run within your environment, find those areas and study them and the tools mentioned above will prove invaluable.

 

thank you

 

Yesterday.

 

I suggest you read his sig.

 

Mmmmh... sure lets uninstall our firewalls and anti spyware then, also I eard anti malware are uselless ...

Also should anyone remind you that "Home" users are the main reasons most viruses are distributed globally and why hackers are able to control huge bot networks? Oh yea baby! Home users don't usually have a proffessional "system Admin" keeping them from infecting everyone else on staff. I see home user computers all the time and it's actually way more scarry than watching Friday the 13th in High Deff... Just a thought!

Only a multi layer approach to security actually does provide a decent chance at staying clean and safe online while being able to actually use the internet for all it's incredible potential...

Please do read my latest update on Cyber Self Defense part of my web site...

 

@Hermecomputers - given your experience of seeing people with contaminated machines would it be possible to provide a simple list - say of the top 5 ways in which these people are getting contaminated. I'm personally not so interested in the software side of providing protection but prefer to focus more on the ways that users can behave to avoid infection.

 

Hello Long View!

Well, sourcing an infection is not easy, however I would attribute most of them to only 3 vectors.

1 - Infected E-mail attachment (the most obvious)
2 - hacker attack via an exploit i.e. OS vulnerability via network scans
3 - cross server scripting infecting a user while innocently browsing the web...
4 - Installing a phony Anti malware or security software (or some other type social engineering where one is coaxed into doing something)

While these are obviously rather simplified explanations they probably cover most of it...

As to avoiding infections, I think the most effective methods are sensitive elements kept in virtualised sandboxes, and the use of dynamic and selective script blocking within web browsers or other applications. Currently most of the technology is focused on black/white list pre emptive script blockers instead of AI based systems doing the same. My guess is it would be some time before developers are able to effectively get to that point...

As for what you can do to circumvent being infected, read my latest update on Cyber Self Defense part of my web site... I give a point blank explanation of most attack vectors and the appropriate solutions (mostly Free I must add).

 

regardless of your preferance,

an antivirus is all that is needed to keep protected.

and a firewall, but not even that if your behind a firewalled router.

 

Here is an excerpt from my web site that easily crack your theory!

As a side note, if a simple anti virus, and anti spyware software solution worked properly to keep you safe, I would not be employed as a "Technical Janitor" cleaning up after infections, and struggling to mop up the mess they left behind! If you are serious about pre emptive security instead of hiring me to clean up after the fact, please read on.

if you wish to read on it is available here: Cyber Self Defense!

 

well sure... it really depends on what AV your using.

 

Actually this is also debatable as the best av's will miss viruses and the worst will actually detect some... Someone wrote up a nice reply on this subject before...

https://www.wilderssecurity.com/showpost.php?p=1156655&postcount=55

 

security is overrated, ive certainly never been infected and ive been to the darkest parts of the internet in my times, in my youth i would open every attachment, click on every links, visit those dark and dangerous websites, and still ... with my antivirus, i was fine.

i have never been a target for identity theft etc, most people on these forums will probably say exactly the same thing, and this goes for everyone else too.

a good, 'UP TO DATE' antivirus, is all that is needed.

so much for the 'other programs' people need.

the other programs are created to scare people into purchase.

 

Wow, you are going to make me rich!!! Everyone should be listening to you and follow your lead on this...
This is the only way I can continue on making a living cleaning up viruses and spyware. There is a GOD after all!

Oh, my belly hurts i'm laughing so hard!

 

lol, i doubt this.

you wont recieve a penny from me

you only make money because either a. they are too stupid b. have no common sense c. dont have a good antivirus d. their antivirus is NOT updated.

but the FINAL, most interesting part is....

a.b.c.d apply, because they are all stupid to be paying someone to fix their computer anyway

 

i really hope people do listen,

because maybe then, they will stop being pressured into un-needed/un-wanted security products.

fear is a great to a n00b, but also a great weapon to the seller.

sure, millions do get infected.....

but maybe you can also explain why millions who use just an up-to-date antivirus, can go a lifetime without being infected?


...........
its a good seperator from those stupid people on the internet, who do neither abcd.

and im glad i am seperated from them

 

True enough,

However the blame rests squarely on the shoulders of the SOBS who develop the threats as a hobby or for profit in the first place and not on the poor consumers who simply want to enjoy the use of their computer system. (Except those who for some obscure reasons insist on not installing security software on their pc still today).

As for being stupid for paying for support. You can explain that to fortune 500 companies and all those getting infected by those too intelligent for paying to get the help they need!

 

true,

also true, but they are too nieve to take the correct precautions when going onto to the net, this is why they get infected, not because of the lack of security products they are not using.

common sense (its FREE!) and all the information you need is widely available, again... precautions.

wilderssecurity.com = free information

a good antivirus (uptodate)

and FREE common sense

 

Correct, but...

You are assuming that they are either lazy or unintelligent enough to do something... Well... as any techie working in the corporate world will easily confirm, the top executives ie CEO, VP's and so on are often the ones with the infections, and I can assure you these types are usually neither stupid or lazy or uneducated and yet when it comes to computer security they tend to have the proficiency of a tree year old afflicted with a phobia!

I would really re think this one!

 

i understand you have to say this, as like you said... its your income

but many many people will disagree with it on here, including myself, but your comments are welcomed, just dont expect me to change my mind on anything



also, i notice your a prevx reseller, how do you think it performs for your real-life testings?

 

Nope I think you misunderstand me. You see I don't make a living selling anti virus or anti spyware or any software at all since I mostly use free tools to do the cleanup. My point is simply that the work I do is taking place in spite of the fact that top name anti virus and anti spyware software existed on those PC's meaning they failed at protecting those against the very infections I am retained to cleanup.

Besides my income is often based on recovery from infections and not prevention as users are often reluctant to pay for preemptive security work... They are however more than happy to pay me, to get them back to work so they can continue to earn a living when they do get hit with something the AV's cant cleanup...

As for changing your mind, concrete is not my specialty, so I wont even try...