AfterDawn Forums

Is Anti-Virus Passe?

This discussion thread has 19 messages.

#1
As I stated before and was laughed at here it is from a more respectable source.
Quote:
When security firm Imperva checked more than 80 unreported viruses against several anti-virus solutions, it found that none of the tested programs were able to detect previously unreported viruses and that 75 percent of solutions took a month or more to update their signatures.

Is Anti-Virus Passe?

What I was trying to say was that I believe that a new breed of malware escapes the notice of heuristic AV because malware has gotten much sneakier. Unless the malware is a known threat it can infect you and steal your Personal Information such as passwords and Credit Card info right under the noses of a real time AV scanners.



Here is something for all of you that think that you only have a malware problem when it creates a performance problem. By the time malware starts to trash your computer it has already stole Personal Information (PI) it could in the previous months while you were buying stuff on line.

Identity Theft Malware Surges 600%

Quote:
Panda reports receiving more than 35,000 new malware samples -- viruses, worms, Trojans and the like -- every day. Trojan software designed to steal bank details, credit/debit card numbers, or online account login names and passwords represents 71% of this total. That's up from 51% in 2007
This is an old article.

The article
This message has been edited since its posting. Latest edit was made on 20 Dec 2012 @ 22:20
▼▼ This topic has 18 answers - they are below this advertisement ▼▼
AfterDawn Advertisement
#2
kinda like locking your door.only keeps the honest thieves out.my take is that as long as there are these assholes writing these malicious codes there will be someone out there just as determined to stop them.so,no,i dont believe antivirus is passe.that having been said it shouldnt be expected to protect you all by itself either.common sense when browsing the net,coupled with other programs to scan and get rid of malware has to work in concert with any antivirus.by the way mez,it was good natured laughter.dont take it too seriously.Al.
#3
The article didn't actually say that AV was passe. What it did say was there are:
1- malware forums where you can download code snippets or complete, working malware
2- services that will tell you if particular code is in the AV naughty list
3- routines that randomizes the profile for each computer

# 3 is particularly dangerous when compounded with the new improved infection techniques that are not picked up by today's heuristic AV.

No, you are right on Al. I still use AV myself, a good one. Why use a less rated in these dangerous times? I also browse sandboxed, I use Addblock and now I access social media using a 'one time use' user. Granted, the last measure is extreme and I am not so sure it gives me any more protection but it gives me peace of mind that I am doing all I can to be safe. I prefer to be paranoid than become a victim. I am too cheap to pay for something like Lifelock that protects your identity for a fee.

I try to be dramatic to catch attention to a real issue. Anyone whittling down my drama is doing the public a service. That is to be expected. I will whittle someone down my self not to be malicious. It is when I see a nasty comment has no public service that I get set off even if it is directed at someone else. I get really angry when someone tells me to get a life just because I am trying to warn the readers of a real problem. If posting information on this forum is a sign of personality problems, all members including the one that made that statement have a personality problem. In fairness, I am sure that member figured I was talking trash. He must think that a good AV will catch ALL malware. I am sure he isn't alone so I posted this as a public service.

For the record... I have a wife and 3 kids.
#4
@Mez,

Allow me to ask your forgiveness for the inappropriate comment I made about you being lonely and needing a girlfriend. You don’t know me and didn’t realize that I was just being facetious and not malicious. I was jesting after you had been called paranoid. But with computers, sometimes paranoia is just “Good thinking”. Please don’t hold it against me it was inappropriate and uncalled for. Please accept my apologies and I hope we can be friends here on Afterdawn. Any time you need help removing or blocking malware, just give me a shout. That is one thing I am skilled at….

2oG

p.s. I have a wife, 3 kids, 13 Grand kids and 12 Great Grand kids



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#5
OK peace! I have been around enough to know you are not a troll. I was quite surprised at what I thought was a genuine, mildly malicious comment. Often I am on line when I want to get away from my wife who can be very hot blooded to get peace and solitude. In those cases I am even less tolerant than usual. Some times I can be very snippy. Fortunately I was quite busy at that time so I didn't get around to saying anything too nasty before the thread was closed.

I am fairly tech my self. I run routine Hijack logs after I install software. I keep about a dozen assorted malware detectors each strong in at least on area. Before the first time I formatted my HD I posted a hijack log and all the steps I had already taken on BestTechie. I was then told to try Geeks2go because no one there had anything else to add. Geeks2go didn't have a clue either. That was when I bought a new HD. By the way, the Firefox instal file I downloaded in safe mode while the computer was infected was quite different than the one I downloaded that same week and was the same version. Maybe I was paranoid but I think I had excellent reason to be so.

I suspect an add got the browser to think it needed an upgrade to display the website properly and was able to suppress any messages. This is the new form of attack. Because it is part of Firefox Hijackthis only reported Firefox. I am not tech enough to know if that is actually reasonable. I do research and have found nothing other than the type of articles I have already posted. I did discover the original files I freaked out about are all benign. It was created from a new mix of protective devices. Addblock and my other precautions may be doing their job.

Since my first formatting I have been overly cautious. The second format may not have been necessary but formatting the second time I did not lose much effort. I had not installed even half of all the software I use. If that had been a real infection I have no clue what was done. There are still things I need to check out before I eliminate the one-time user. I want to be absolutely certain no automatic updates received as a non admin can affect the OS. I am sure it shouldn't they should only write to the user data. If that is the case I was truly paranoid on the second round. I would rather be safe than sorry. I do and will get to the bottom of it.
#6
Originally posted by Mez:
Since my first formatting I have been overly cautious.
There should NEVER be a reason to Reformat…..
I use 2 drives and my boot drive contains nothing but the OS and Programs. All my data i.e. My documents, my music, my pictures, my videos, my movies. Etc.,etc. are redirected to my second drive because the boot drive, that is used the most, is the first to go bad. I then keep a backup image of my boot drive, using Acronis True Image, scheduled twice a week. That way if my boot drive goes bad or I get malware that I can’t handle, I simply copy my image back to the boot drive and ALL IS FIXED!
There are free programs that work like Acronis but not as fast..

@aldan, et al,
If you are still monitoring this, and I have no doubt you are, I have been looking over some of the HJT fixes you and others have been using on here and find a LOT of bad calls, none of which were catastrophic, but not really effective. I am planning on posting some tips on using HJT and just what you need to do and how to determine what needs to be fixed, what doesn’t, and how to do the fix correctly. Hope that gets a response from you or anyone that would like to know how to use HJT Correctly……

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#7
i might stickie it once i see your post.
#8
thanks, ddp,

We'll just have to see how it goes. I'll try to keep it simple, in novice terms, without patronizing anyone, so that all levels can understand it.

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#9
I have been thinking about purchasing Acronis or Ghost. Especially after the last format. I am not big on formatting but I am not very fearful of formatting. I have some great disk utilities. One of which has brought back failed HDs. It will clarify failing sectors and fix bad ones. It takes forever for any of the processes.

Most of my data is also on other disks some are internal some are eSATAs.
This message has been edited since its posting. Latest edit was made on 23 Dec 2012 @ 17:48
#10
If you can afford it, Acronis True Image is the best and Acronis Disk Director for partitioning and handling Drives.. Ghost has lost its luster (in my eyes).

Free versions are here:

https://www.techsupportalert.com/best-f...ing-program.htm

2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#11
thanks 2old,im looking forward to your tutorials.i will admit that some things i will recommend to delete may not help but i figured most could not hurt.ive used it myself for a little housekeeping now and again.merry christmas to you and yours.
#12
Merry Christmas to you and yours, aldan. It might take a little while but I have started collecting and writing some stuff that I can fit together. My only problem is that I tend to go off on a wild tangent and can't seem to keep the integrity of the flow... I will overcome!

have a Merry and a Happy!
2oG



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#13
totally understand.tangents are my thing.
#14
2old, you said there was never a reason to format. Do you mean both quick and a true format or just the true format. I would be very interested if why you are against a quick format I understand the reasoning behind a true format and concur.

Thanks!
#15
Originally posted by Mez:
2old, you said there was never a reason to format.


No no, Mez, what I said was that there should never be a reason to RE-format.
And/or RE-install windows.

I use Acronis True Image to make a complete image of my OS drive and if it ever goes bad, I simply install a new HD and copy the image to the new drive. It takes about 8 minutes and I don't loose a single bit. That also works if I happen to become infected with something I don’t know how to fix. I just copy my backup over the infected one and all is fixed….
I also infect myself with Trojans and other malware to see what it takes to get rid of it. When I'm done I flip it back.... It has a lot of possibilitys and keeps you from wrecking your machine when playing in and learning the registry, etc. etc.

Merry Christmas to you and yours,
2oG
This message has been edited since its posting. Latest edit was made on 25 Dec 2012 @ 21:07



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#16
OK that I will also agree. I downloaded 3 free imaging. The WD, Seagate and one other. All my drives could use the first 2 but I don't know what my kids have in their lap tops so I grabbed the third.

Thanks for that link I was going to purchase imaging software but the free version looks about all I really need. I wasted no time making the image since I am certain the computer is perfectly clean at the moment. Now I will not have to format C: either.

It has only been in the last few months that I have run into any malware that couldn't be removed if you tried enough software. Those days are gone and we need to change with the times.
#17
When I build a computer for myself or someone else, I always use 2 HD's. I install Acronis True Image on mine and usually Macrium Reflect Free on someone else's machine to keep the cost down.
I use Acronis Disk Director to partition the drives so that nothing but the OS and Apps are on the boot drive. All of the data files i.e. My Documents, My Pictures, My Videos, My Music, etc. etc. are moved and rerouted to the 2nd, Data Drive. See here -> http://www.tweakhound.com/windows7/tweaking/5.html

Keep working on it and ask questions. I'll pull you out of the paranoia state and have you roaming the internet with NO FEAR! :)

2oG
This message has been edited since its posting. Latest edit was made on 28 Dec 2012 @ 22:52



There are three kinds of men: The ones that learn by reading; The few who learn by observation;
The rest of them have to pee on the electric fence and find out for themselves...
#18
As an update, I was reviewing a PC tech board not specializing in malware, some PC tech had serious problems with an infected PC. He had cleaned the PC with several top AV scanners and there were still serious problems. The overwhelming response was to re-image the computer.
#19
Just another update on the sad state of affairs and to keep the thread current.

One more ominous report that the bad guys are winning the war. Apparently hackers now have Norton's malware routines.

hacker-theft-of-norton-anti-virus-source-code

I would never access anything sensitive with my cell phone.
This discussion thread has been automatically closed, as it hasn't received any new posts during the last 180 days. This means that you can't post replies or new questions to this discussion thread.

If you have something to add to this topic, use this page to post your question or comments to a new discussion thread.