Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
in [Anti-Virus]
|
Prev: Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
Next: Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
From: FromTheRafters on 26 Mar 2010 19:04 "Peter" <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in message news:MPG.2616a5bab152118e9899aa(a)news.virginmedia.com... >> When the host machine sees the NTFS volume, it may revise it. >> Bringing >> it back to its home system may create version soup problems where the >> file system is a "newer" revision than the current OS supports. >> > That's a big 'May'. I've attached secondary NTFS volumes on many > occasions without any issues. As far as the original boot O/S is > concerned it's just another HD with files on. You're suggesting it's > going to give it a different volume ID I presume. Never seen it > happen > here. > Then maybe it's time some o/s does CRC checking on all programs and > pops > up a warning if the CRC check fails when trying to run it. Change detection will work well for not allowing any newly created hosts to execute. That's not the problem. The problem at that point would be that you are already executing malware. The inability to replicate in the environment in which it is executing, may only make that malware a trojan in that environment. The idea is to prevent that initial execution, not to try to restrict the scope of the executing malware. You have no control over the system the program came from - the CRC of *that* program may have been created post infection. > Obviously the CRC checker software would have to have to be locked > down > tight to prevent it from becoming the target of attacks. Yes! I assumed a somehow magically protected change detection scheme (it could happen).
From: Leythos on 27 Mar 2010 07:33 In article <5b8b54da-296b-4f20-9259- 3f6a4935b58c(a)n39g2000prj.googlegroups.com>, trigonometry1972(a)gmail.com says... > I'd touch it on a home machine. My cure would be some flavor of linux > plus a bit of wine[snip] But that's not the same - I would install nix too, but not reinstall a pirated copy of XP/Win. -- You can't trust your best friends, your five senses, only the little voice inside you that most civilians don't even hear -- Listen to that. Trust yourself. spam999free(a)rrohio.com (remove 999 for proper email address)
From: Peter on 27 Mar 2010 08:01 In article <hojeij$fl5$1(a)news.eternal-september.org>, erratic(a)nomail.afraid.org says... > "Peter" <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in message > news:MPG.2616a5bab152118e9899aa(a)news.virginmedia.com... > > >> When the host machine sees the NTFS volume, it may revise it. > >> Bringing > >> it back to its home system may create version soup problems where the > >> file system is a "newer" revision than the current OS supports. > >> > > That's a big 'May'. I've attached secondary NTFS volumes on many > > occasions without any issues. As far as the original boot O/S is > > concerned it's just another HD with files on. You're suggesting it's > > going to give it a different volume ID I presume. Never seen it > > happen > > here. > > > Then maybe it's time some o/s does CRC checking on all programs and > > pops > > up a warning if the CRC check fails when trying to run it. > > Change detection will work well for not allowing any newly created hosts > to execute. That's not the problem. The problem at that point would be > that you are already executing malware. The inability to replicate in > the environment in which it is executing, may only make that malware a > trojan in that environment. The idea is to prevent that initial > execution, not to try to restrict the scope of the executing malware. > You have no control over the system the program came from - the CRC of > *that* program may have been created post infection. > Sure, no point in closing the door after the horse... etc. :-) What I meant was the new O/S having this built into it, so that it is there right from the O/S install (pre-infection). Maybe it's about time the next new O/S has this built in. Didn't quite make that clear. > > Obviously the CRC checker software would have to have to be locked > > down > > tight to prevent it from becoming the target of attacks. > > Yes! I assumed a somehow magically protected change detection scheme (it > could happen). > > > -- Pete Ives Remove All_stRESS before sending me an email
From: Dustin Cook on 27 Mar 2010 13:32 Peter <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in news:MPG.26180493a598c73f9899ad(a)news.virginmedia.com: > Cheers Dustin, will give this a try over the weekend. Nothing better > than personal experience. ;-) Better late than never right? :) -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior
From: FromTheRafters on 28 Mar 2010 19:23
"Dustin Cook" <bughunter.dustin(a)gmail.com> wrote in message news:Xns9D49BCA48C371HHI2948AJD832(a)69.16.185.250... > Peter <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in > news:MPG.2619e5551f2a82fb9899b0(a)news.virginmedia.com: >> Installed O/S. Tried installing sp2 from disc. It wouldn't let me >> because of the product key. Just like you said. >> > > Thanks for testing it Peter. Like he said, "...nothing better than personal experience." |