I found that AVG is useless...
As when I switched to MSE it instantly found two trojans..
not overly impressed..
whats the point of a resource hog that doesn't serve any purpose...
Many users remain infected with computer malware – despite the fact that the vast majority are running machines protected by anti-virus software. A study by European Union statistics agency EUROSTAT found that one third of PC users (31 per cent) had the pox even though the vast majority (84 per cent) were running security …
No AV picks up everything...
And if you take a given piece of malware and scan it with several different engines, changes are some of them won't pick it up.
I have done incident response work where a machine has become infected with something, in every single case there was an AV product installed on the infected machine and it was never able to detect the particular infection.. However, other AV products were typically able to detect it (ie it wasnt a zeroday infection picked up by nothing). It's purely down to luck wether whatever product you run is able to detect a given piece of malware.
The fact you removed AVG, replaced it with MSE and it found 2 trojans doesn't surprise me, but there will also be trojans which MSE doesn't detect and which AVG or various other products might. Try switching back in a few months and see what happens.
... laptops and desktops that we get from our clients have some kind of infection on them.
We repair between 30-50 Windows machines a week too.
The worst offenders usually have the "paid for" AV protection which kindly refuses to update its definitions when the subscription has run out. Most people can't be @$$'d to renew.
Malware/spyware are likely not considered "virii" by the AV companies. If you want to keep malware off your computer, get AntiMalware products (MalwareBytes has a decent one). It's sad that AV products don't (or in some cases, just not very well) catch malware.
Tools for the job, and all that.
I'm not saying you shouldn't have it since it will stop some stuff but I see loads of computers with infections that have always had up to date AV.
This is why you should never pay for AV for a home computer. In the enterprise it's a different issue because you're paying for the centralised management.
Far more important than AV is making sure you are applying all the relevant updates for your OS and software, especially adobe flash and acrobat and your browser.
If you don't use office much then don't have it installed, it's just another attack vector, use one of the free online alternatives, Microsoft and Google's offerings are both good enough for most people.
"Far more important than AV is making sure you are applying all the relevant updates for your OS and software, especially adobe flash and acrobat and your browser."
Absolutely agree. I have been running PC's without AV on the net since 95 and haven't had a single virus. Co-incidence?
(I do religiously update my O/S and other software of course, I'm not _completely_ brain-dead)
The virus writers share ideas (flaws and exploits etc) quickly and easily, whereas the anti-virus people do not share info about viruses and now to stop them.
The return on investment for a virus writer is probably better than for Microsoft in writing a safe/secure operating system.
We all know that Windows is as secure as a chocolate tea pot is useful for making tea.
The money is stacked against MS and the security firms and strongly in favour of the malware creators. If you throw in that MS and Apple have spent decades telling people that "their" computers are easy to administer, when the truth has always been you need to think a little and be careful, is it any surprise that malware is everywhere?
I have to scan? I have to update what? Aren't computers smart enough to do this all this themselves? What do you mean my virus definitions are two years out dated? I paid good money for these programs and now they want more? No, absolutely not, I don't want anything free, I want the best you can buy. Yeah, I saw the warning, it kept interfering with my chat session so I nixed it.
That will be $70 thank you. See you soon; have a nice day.
This is based on self-reporting. How many knows the difference between different sorts of malware and reported a "pox" for a false positive hit, or a simple tracking cookie or something like that? How many reported thay had been infected because their AV threw a warning at them, even though it detected and prevented the attempted infection? How would you know you have a trojan if your AV don't catch it and it doesn't result in (noticable) "finacial loss or privacy violation"?
Digging into the eurostat site results in the catch-all "Caught a virus or other computer infection (eg. trojan) in the last 12 months" And "Used any kind of IT security software or tool".
Respondents were aged 16-74.
I don't trust the respondents to understand wtf they answered here. I am not very surprised at the numbers, but still...
Good set up Linux with ESET NOD32 Antivirus 4 for Linux Desktop.
Good free setup with Windows is Comodo Firewall (FW only) with Microsoft Security Essentials ( for runtime protection ) and Clamwin for mail protection.
Avira free would have been my first choice on Windows if it scanned incoming email.
I cannot understand why France is not up there with the highest number of PC infections, I frequently find over 50 things often over 100 and not infrequently over 300 infections. Most do not have any anti spyware or AV, they open crap email stuff and the number of machines infected with a botnet seems almost as if its given to them by the ISP.
All I can say is possibly the french did not respond to the survey, they could not or rather would not as it was probably in English, they probably did not realise that they were infected, and that their bank accounts compromised.
From Panda - "the use of cloud-based architectures is needed in order to stand any chance of keeping the growing volume of malware producers by cybercrooks and mischief-makers in check"
Which means, when the hackers inevitably hack the cloud, every single user is infected.
Not only is AV software less effective than it used to be at trapping attacks, it also generates an increasing number of false alarms. Most common among these is finding any executable built with the UPX compactor as malware.
If I scan my (readonly) program-store share with Clam, it finds perhaps 10-15 false positives. Fortunately I know which these are and that they are not infected.
The only way to be reasonably certain these days is to do a CRC comparison with a known-good copy of the file, or upload it to virustotal for an opinion.
I don't think this situation weighs in-favour of cloud computing, but it does suggest that running executables from readonly server-shares instead of the local HD has its advantages.
For a time my favorite commercial AV vendor happened to be located in a certain Eastern European country reputed to be the source of a lot of malware (but NOT mentioned in the article). I used to joke about those guys cracking by night and hacking by day, until I started to wonder if there might not be some truth to it? Like the arsonist / firefighter. I mean, the skill sets are pretty interchangeable, and what better way to drum up business? Certainly, both groups must travel in a lot of the same (cyber?) circles.
It does give one pause.
I'm certain that my machines harbour malware, but I'm also certain that I'm infection free. The malware in question is in the folder where dubious e-mails go and is mainly screensavers and documents with embedded scripts. The malware is there until such time as I get round to clearing up the accumulated junk and presents no threat as I haven't the slightest intention of executing any of it. No doubt any scan that picks up this stuff chalks it up as another reason to throw money away on an ongoing basis for the privilege of having your system slowed to a crawl by bloated antivirus products.
The question is: How many of the 50% were actually infected and how many were detections of trojans, etc. sat around in quarantine folders, recycle bins, etc.?
Just thought I'd add my €0,02 grumble for bloody ClamAV (etc). Doing a site upload the other day, I was warned of a trojan. Something Avast didn't catch? I tossed the file to VirusTotal and three products (ClamAV, TheHacker, and something with a Chinese-sounding name) reported the file was infected with a trojan, though neither agreed on what the trojan was. So I looked up info on the alleged infection, tore the file to bits. Then sent info to the author of the software involved, who confirmed it was a false positive.
It is stuff build using the latest version of the ClickTeam Installer (I use this as it is to-the-point without loads of complications). Anything built using that will trigger those three A/V products. And warn of a trojan in the machine.
So given some antivirus products miss things, while others see what isn't there, I would be highly sceptical of a report claiming these sorts of things...
In reality, cloud based architectures are not really a solution. The problem with viruses is the Internet. I have a neighbor who has a 15 year old computer and does not use the net and does not put many new products on his machine. He does not get viruses. With Active x, Java, security will be almost impossible. Only a totally black holed machine will be secure. With people who do not educate themselves, a virus prone Windows product, browsers that have almost every attachment that allows defective Active x controls, viruses will remain. With hackers, criminals, and governments producing viruses for various reasons, the problem will only get worse. I am writing this text from my server. I use virtual machines and have antivirus products. I have my own DNS server and an Fence for the net. I try to keep up to date on everything I can. And guess what, I still don't feel secure against viruses. Several people on my lan have gotten viruses by stupid web use over the years.
A point raised on allspammedup.com is that spammers have latched-on to the fact that with the trend toward IMAP instead of POP mail, more and more users now leave their entire email collection on a cloud server instead of, or as well as, downloading it onto a PC. This opens the possibility of 'bots being used to find accounts with weak passwords and harvest the From: addresses of the emails therein. Naturally these addresses then get hammered with p*nis-pill ads.
Thus, having a weak password on a cloud account has deeper implications that you might think. It can cause harm to your associates, as well as to yourself.
Biting the hand that feeds IT © 1998–2021