when was the last time anyone found a real live virus ?

Discussion in 'other anti-virus software' started by Long View, Dec 7, 2007.

Thread Status:
Not open for further replies.
  1. ghiser1

    ghiser1 Developer

    Joined:
    Jul 8, 2004
    Posts:
    132
    Location:
    Gloucester, UK
    We're well off topic now, but I believe this one is worth answering.

    We do offer limited trials when necessary for business customers, they're just not available for individual users anymore. When we had the 30 day trial structure, very few people paid for the product; most just used the free cleanup and disappeared. Since the trial has been withdrawn, revenue and agent retention have increased substantially.
     
  2. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Great Point! ghiser1

    Another issue is that most of the good guys are still having trouble cooperating together. They fight each others and the bad guys.

    All the while the other team is forming up "organized crime groups" and the pay off are bigger meaning their incentives are growing with the increased profits.

    As for being on topic, I picked up a key logger on a client pc with a brand new build less than 10 days old... And yes it had everything, firewall, av anti spyware and more...

    I'm still trying to figure out if there might be some frigging root kit lurking in there as we have no idea how the darn thing got infected yet! For those interested it's the RedHand Keylogger and it was infecting a .dll in the ups monitoring software (and Yes it has a built in web server but it's not the infection vector).
     
    Last edited: Jan 11, 2008
  3. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    I think a successful virus writer earns only the respect of his peers, while a successful rootkit writer not only earns the respect of his peers, but also stands to gain financially from criminal activity.
    I am betting that as time goes on, we should see a decrease in the number of new viruses as opposed to an increase in other forms of malware.

    Is it possible to have a hybrid form of malware, such as a rootkit virus?
     
  4. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Well, I'm not an accomplished software development engineer, but from my vantage point I see no difference between, spyware, root kits or Trojans, since, as I see them, they are all unwelcome hostile code infecting user environments. Whether they cause damage or simply steal information they are all fruits falling from the same three, just a different branch!

    To me those accomplishments are held in about as high esteem as soiled toilet paper...

    Think of who gets to suffer from most of the arm: The technically weak, and the ignorant or those who cant afford the appropriate defenses. Not exactly something to be proud of...
     
    Last edited: Jan 11, 2008
  5. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    I get viruses via email multiple times a day. NOD always catches them. I would say I only get about 4-5 different viruses or variants, but I do receive them every day.

    One of the 'perks' to having a publicly known email address is it gets hit pretty hard. Somedays worse than others.

    I've caught 3 instances of the Netsky.Q worm this morning. lol
     
  6. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    I am glad that you brought this up.

    I gave me old granddad a PIII 1Ghz, 512Mb ram machine, which he uses to read the news, the weather, and social emails.
    If his machine gets infected by a virus, he will ask why does it need to be removed.

    Given the machine's purpose, where is the harm in leaving his machine infected?
     
  7. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,641
    Location:
    Sneffels volcano
    Depending on the malware's payload, he won't be able to perform his regular tasks at some point.
     
  8. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    If I tell him that, he will tell me to reformat the drive and reload the OS environment, thereby saving the money he could have spent on AV software.
     
  9. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590
    at best he will possibly be infecting others, at worst his machine may being used for criminal activity. Then if he forgets, gets brave and gives a credit card to a legitimate business.... Anyway you get the idea. Infected is bad.

    Pete
     
  10. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    got one today. My temperature is 100.2. Ugh.:doubt:
     
  11. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    Alas, me granddad is quite a stingy fellow. :)
    Neither of these scenarios will be enough to convince him to shell out 30 euros a year for AV software.
     
  12. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    How about the free version of Returnil ? based upon what you have said although it is possible for him to get infected it is highly unlikely. Even if he did get infected he would almost certainly be clean at reboot. It might take 20 minutes to explain turning protection on and off but it is free and won't slow him down like an AV would.
     
  13. Hangetsu

    Hangetsu Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    259
    I'd call Avira to complain. The high temperature virus has been around forever, there's simply no excuse for missing this one.

    :D :D :D :D :D :D :D
     
  14. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    Aha, this Returnil looks very interesting.
    I see they are even suggesting vulnerabilities exist in using VMWare as part of a security policy.
    I can't find a comparison page on their site detailing the functional differences between the home and business versions though.
     
  15. lucas1985

    lucas1985 Retired Moderator

    Joined:
    Nov 9, 2006
    Posts:
    4,047
    Location:
    France, May 1968
    Do you want to tell me that the billions of spam mails are delivered by only 10,000 infected PCs? :cautious:
     
  16. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    Perhaps the day the law gets tough on those allowing willful infections to propagate this way because users are too cheap, too lazy or plain too stupid to prevent against the arm done to others with their own pc, and lays some types of criminal negligence charge after someone got infected because of him and looses revenues, that day he may change his mind about it... Perhaps that day is coming and sooner than some might think!

    The bulk of infections, spam and bot network problems are directly attributable to infected home pc's allowed on the net spending all unused processing cycles propagating nasties globally. Add to this powerful multi core processors, huge hard drive and large memory with practically unlimitedly bandwidth (Minus some upload throttling @ some ISP's) to power the whole thing, and you start to get the picture... Not a pretty sight!

    Now when this issue is compounded by users who know they are infected and chose to do nothing... to me this is not only stupid, it's plain point blank criminal...
     
    Last edited: Jan 12, 2008
  17. rogervernon

    rogervernon Registered Member

    Joined:
    Jul 16, 2006
    Posts:
    289
    What, on the average home user's PC is so valuable that it needs to have so much security software as many seem to use?
    A router, an outgoing control firewall and a decent anti-virus, plus an on demand spyware scanner and perhaps Comodo Boclean surely should be enough, even if one banks on-line?
     
  18. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    I still get this from customers all the time: "I'm only using my pc for browsing the web and read emails... why should I spend time and money to put security on it?" This is an incredibly Selfish proposition that doesn't take all the facts under careful consideration:

    It is not the content of the pc either, that should motivate you to keep it protected it is the fact that if you don't you will be directly responsible when someone else gets infected because something transmitted from your computer infected them. Perhaps not legally yet but certainly there is a moral imperative here.

    Besides from my perspective it is not so much the quantity of security software that is important, but to have an appropriately layered defense approach dictated by the actual threats one faces daily.

    If for example a user doesn't use e-mail at all, then an antivirus is not really required to scan inbound messages, but if he is browsing the internet heavily he should consider a sandbox like sandboxie to operate Firefox configured with the NoScript Add on, together with Link scanner Pro or Free and McAfee site advisor. (The focus being on Web browser security)

    In both cases he should have a HIPS, either PREVX or Threatfire installed and perhaps BOCLEAN although not necessary in this case since the similar functionality is included in threatfire or PREVX but a good firewall such as Comodo Firewall PRO 3.0. is a must.

    Please do note that the only "Cost" incurred here would be for Prevx for a home user if chosen over Threatfire, and PREVX & Sandboxie for a business user. Not exactly expensive or complicated. Yet this configuration would prove most powerful against every attack vectors confronting that user.

    Either way, some user learning is required in context as a few of these tools require some user intelligence to be effective...
     
    Last edited: Jan 12, 2008
  19. jrmhng

    jrmhng Registered Member

    Joined:
    Nov 4, 2007
    Posts:
    1,268
    Location:
    Australia
    Getting other people to learn about security is the hardest part. People are just ignorant and don't want to spend time to learn and maintain security.

    A friend of mine who keeps getting spyware on his computer asked me to help. The best I could do was install AV and told him to sandbox his browser. Anything more intrusive and he wouldn't have bothered.
     
  20. Tinribs

    Tinribs Registered Member

    Joined:
    Mar 14, 2002
    Posts:
    734
    Location:
    England
    I haven't had a thing for a good few years now!
     
  21. Hermescomputers

    Hermescomputers Registered Member

    Joined:
    Jan 9, 2006
    Posts:
    1,069
    Location:
    Toronto, Ontario, Canada, eh?
    At least install SiteAdvisor and linkscanner on his pc... These are not enough by themselves usually but they require minimal user intervention and will block a lot of the risks. Also get him to read my article on Cyber Self Defense (you can find it on my site). I wrote it to wake up users like him...
     
    Last edited: Jan 13, 2008
  22. De Hollander

    De Hollander Registered Member

    Joined:
    Sep 10, 2005
    Posts:
    718
    Location:
    Windmills and cows
    Just curious, with one o_O
     
  23. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    How about the law getting tough on billionaires running corporations that sell insecure OS to unsuspecting consumers?
    Oy, if I tell me granddad's this I might hurt his feelings, but he won't let go of his 30 euros! :D

    IMO the criminal activity today, and as far as I can remember, starts with M$.
     
  24. solcroft

    solcroft Registered Member

    Joined:
    Jun 1, 2006
    Posts:
    1,639
    Pretty pointless, since there's nobody to charge.
     
  25. ProSecurity

    ProSecurity Registered Member

    Joined:
    Dec 13, 2007
    Posts:
    123
    I think this is significant.
    Many threads start with someone listing several security software and then asking if they are enough, or if one or another is unnecessary.
    Then a few members reply with opinions such as these:
    "You don't need X because you have Y"
    "That's good enough"
    "Maybe you should think about adding Z"

    I have come to the conclusion that this approach is flawed.

    I think several questions need to be asked before any recommendation can be made, such as:
    "What are you trying to protect?"
    "How important is it to you to have this protected?"
    "How do you work with your PC?"
    "How much control do you want to have over the protection process?"

    Being forced to have answers to questions like these before making recommedations will make you realize that there is a very subjective, personal element to security for the home user.
    This means that there cannot be one solution which is perfect in all situations; all options need to remain on the table.
    So while you may recommend an AV suite to one, the best recommendation for someone else may be no AV, but firewall and HIPS, and for another it may be virtualization.

    So now, whenever I see a question asking, "What is the best" or "What is the top", the only answer I can give without more information is:

    "It depends."
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.