Seriously, has anybody ever seen a serious virus problem inWindows when using AV protection?
in [Anti-Virus]
|
Prev: Seriously, has anybody ever seen a serious virus problem in Windowswhen using AV protection?
Next: Avira version 10
From: David W. Hodgins on 24 Mar 2010 09:55 On Wed, 24 Mar 2010 06:15:07 -0400, RayLopez99 <raylopez88(a)gmail.com> wrote: > only way a properly configured Windows machine can ever be infected by > viruses or malware, namely, a zero-day attack? Unfortunately, zero-day attacks can be more like zero week/month attacks. Most of the systems I've had to clean in the last few months have had variations of the 2010-antivirus trojan, installed using drive by downloads due to problems with Internet Explorer. That's why the German government advised people to stop using it. http://mashable.com/2010/01/15/german-government-stop-using-internet-explorer/ While that particular problem has since been patched, given the history of IE, I'm sure it won't be the last. At least it enabled me to convince those people to only use admin accounts, when they want to install programs, and/or updates, and to stop using IE. The only problem now is getting them to remember to login to the admin account, at least once a week, to check for, and install third party updates. These were on systems using up-to-date av/m$ software. So the problem does still exist, but is mostly rootkits and trojans, rather then true viruses. Part of the problem with m$ software, in general, is brain dead decisions, that compromise security, to supposedly make the system easier to use. Thinks like having known software extensions, like .exe hidden by default. I don't see how that makes it easier to use, but sure do see how it makes it less secure. Making the admin account, the default for new systems is just asking for newbie users, to get into trouble. Another case I saw last fall, the user had purchased a system with norton antivirus installed, set to auto-update. When the user obtained a cable connection, they instructed her to install there freely download mcafee av. Somehow she managed to get it partially installed, with the result that neither was working. That one had been turned into a spambot, with multiple back door trojans, and root kits, which required full format and reinstall, to clear up. She only had two online accounts, both used for email, which were compromised. Luckily she wasn't using online banking. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
From: David W. Hodgins on 24 Mar 2010 12:03 On Wed, 24 Mar 2010 11:45:41 -0400, RayLopez99 <raylopez88(a)gmail.com> wrote: > OK, noted. Stories about improperly installed AV programs and zero- > day attacks that are really the fault of the user (since the patch is > available) are noted. > Thanks, and that proves my point. You missed the point. The patches were not available when the systems became infected by drive by downloads (i.e. simply visiting a normally good web site, that had been hacked), where the IE exploit allowed the malware to be installed without anything requiring the user to approve the install, or even make them aware it was being installed. If you are going to ignore all reports of vulnerabilities in windows being exploited, why did you bother to post the question in the first place? Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
From: David W. Hodgins on 24 Mar 2010 18:00 On Wed, 24 Mar 2010 17:40:49 -0400, RayLopez99 <raylopez88(a)gmail.com> wrote: > But again, it's got nothing to do with this thread except reinforce > that yes, viruses can be created to harm you, but, once you install > the antidote to them (the update/ the patch, the service pack, etc, > and again, it's up to you to get the patch installed) you are safe. Yes that particular problem has now been patched. How many of the systems that got infected prior to the patch have not yet been cleaned? Once the system gets infected, it cannot be trusted, until a full day is wasted wiping the system, reinstalling, downloading updates, rebooting about a dozen times to install the updates, etc. Your refusal to accept the clear fact that m$ never has been, and never will be secure, makes it clear you are nothing but a troll. I would never use an m$ system for online banking, or anything where I really care about the safety of my data. Don't bother responding. -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.)
From: David W. Hodgins on 26 Mar 2010 18:21
On Fri, 26 Mar 2010 18:10:42 -0400, FromTheRafters <erratic(a)nomail.afraid.org> wrote: > "ToolPackinMama" <philnblanc(a)comcast.net> wrote in message > news:hohd1r$ndr$1(a)news.eternal-september.org... >> In Windows, yes, AV is absolutely necessary. Some people seem to be >> asserting that it is not necessary with Linux. Is that true? > > It is needed in Linux to the same extent that it *should* be needed in > Windows. That is to say it would be needed to protect against the slight > chance that a *virus* could invade. If you discount exploit based What av scanner for linux are you thinking about? As far as I know, the only av scanners that run under linux, are there only to detect windows viruses. This is only useful if you are using the linux system as a file/email server for a windows client. Linux does have intrusion detection systems, and rootkit scanners. It does not have any antivirus scanners looking for linux viruses. If you are not using the linux system as a server for windows clients, there is no point in running an antivirus program on it. Regards, Dave Hodgins -- Change nomail.afraid.org to ody.ca to reply by email. (nomail.afraid.org has been set up specifically for use in usenet. Feel free to use it yourself.) |