Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
in [Anti-Virus]
|
Prev: Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
Next: Seriously, has anybody ever seen a serious virus problem in Windows when using AV protection?
From: Peter on 25 Mar 2010 07:49 In article <Xns9D4614511B840HHI2948AJD832(a)69.16.185.250>, bughunter.dustin(a)gmail.com says... > Char Jackson <none(a)none.invalid> wrote in > news:blplq5ts2lqpj3mvsr0vbem5eqhed51uc8(a)4ax.com: > > > I'll take your word for it since I don't know where you'd like me to > > "look it up!". All I can say is that I have *never* seen an XP system > > http://en.wikipedia.org/wiki/Windows_XP > > And I quote: " > Product key testing > > In addition to activation, Windows XP service packs will refuse to > install on Windows XP systems with product keys known to be widely used > in unauthorized installations. > > Like I said in my previous response to you, I've been in the PC field for > a very long time. I was A+ certified when it was still a "cool" thing to > waste money on. > > I used wikipedia for the first link convenience only. You can find the > same information on the laborinth of MS website. They're proud of that .. > ehh, feature actually. > Please provide a link other than Wikipedia. I've searched for this activation issue with sp3 and can only find the Wikipedia link. Can't find any mention of it on Microsoft Support or anywhere else. As Char Jackson stated, updates are still allowed even if WGA fails and this is the first I've heard of service packs not being allowed. -- Pete Ives Remove All_stRESS before sending me an email
From: Peter on 25 Mar 2010 08:13 In article <hoefju$fc1$1(a)news.eternal-september.org>, erratic(a)nomail.afraid.org says... > "Peter" <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in message > news:MPG.26140e0554097fa59899a4(a)news.virginmedia.com... > > In article <0e0f17c7-572c-4f3f-a85c- > > 7a42a361cf89(a)d27g2000yqf.googlegroups.com>, rex.ballard(a)gmail.com > > says... > >> On Mar 23, 3:51 am, RayLopez99 <raylope...(a)gmail.com> wrote: > >> > Seriously, has anybody seen--or even heard--of a serious virus > >> > (including rootkit or malware) problem in Windows when using > >> > commercial antivirus protection? > >> > > > Even then you can remove > > the HD and scan it from another machine to see if it is actually a > > virus > > prevent startup or some other problem. If you can get into the O/S > > you > > can get rid of any virus. Period. > > Unless the suspect computer's hardware (firmware) is suspect, there is > no need (and complications can arise from hosting two versions of NTFS > on a system). > Of course I wouldn't be trying to boot the virus infected O/S in another machine. I would just be wanting to get access to the HD. > > Virii have a source. A point of origin when the computer starts. > > Virii is the wrong term, and viruses can start when one of their hosts > is invoked. > > > Eliminate the start point or points from running and the virus becomes > > dormant and you can then remove it without it putting itself back on > > your system. > > Yes, it can be a waste of time trying to fight an active malware > infestation. Stop the process(es) - then remove the files and reverse > the data changes. In a sense, the difference between a worm and a virus > is that the worm instantiates its replicant. The virus *might* execute, > but the worm *will* execute. My point being that the virus need not make > any provision for its replicant to be executed in turn (no startup > mechanism other than the chance a host will be invoked). > > That last line doesn't seem clear. You seem to be saying that a virus can run without requiring any means to get it started other than the host machine starting up. How can that be? Of course I'm aware of new XP machines with no updates or service packs and open connections to the internet getting infected within minutes/hours, but how does a machine become infected if it's completely cut off and there is no obvious connection to the virus to get it started? Despite the fact the virus file(s) may well still be on the machine, but not yet located. -- Pete Ives Remove All_stRESS before sending me an email
From: FromTheRafters on 25 Mar 2010 09:20 "Peter" <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in message news:MPG.261563dffec546a19899a8(a)news.virginmedia.com... >> Unless the suspect computer's hardware (firmware) is suspect, there >> is >> no need (and complications can arise from hosting two versions of >> NTFS >> on a system). >> > > Of course I wouldn't be trying to boot the virus infected O/S in > another > machine. I would just be wanting to get access to the HD. When the host machine sees the NTFS volume, it may revise it. Bringing it back to its home system may create version soup problems where the file system is a "newer" revision than the current OS supports. [...] >> Yes, it can be a waste of time trying to fight an active malware >> infestation. Stop the process(es) - then remove the files and reverse >> the data changes. In a sense, the difference between a worm and a >> virus >> is that the worm instantiates its replicant. The virus *might* >> execute, >> but the worm *will* execute. My point being that the virus need not >> make >> any provision for its replicant to be executed in turn (no startup >> mechanism other than the chance a host will be invoked). >> >> > That last line doesn't seem clear. You seem to be saying that a virus > can run without requiring any means to get it started other than the > host machine starting up. No, viruses (in this vein) are hosted by "programs" not "machines". You can start the machine, look at all known start methods (run keys, BHOs, etc...), find no suspicious processes running. No active malware at all (full scan by antimalware also finds no inactive malware). Yet, when (for instance) an "infected" text editor is invoked, the virus becomes resident. , > How can that be? Of course I'm aware of new > XP machines with no updates or service packs and open connections to > the > internet getting infected within minutes/hours, but how does a machine > become infected if it's completely cut off and there is no obvious > connection to the virus to get it started? Despite the fact the virus > file(s) may well still be on the machine, but not yet located. If self-replicating malware doesn't use a host "program", it will probably have another way to start. These types are commonly termed "worms". A virus can hide in a program that you use every time you fire up the computer, or in a program that you only use once in a blue moon. Viruses don't "care" whether they run or not - they might not be interested in anything (data, computing power, serving you advertisements) they may just sit there until you fire up your tax program for the 2013 tax season and activate a payload if the date is after dec 21st 2012. (I do expect a rash of malware to have trigger dates in line with the ending of the Mayan calendar) People are so used to having malware that wants to *use* their computing power that they forget that malware can also just be interested in spoiling your day by ending their computing power - like the old days.
From: Dustin Cook on 25 Mar 2010 13:25 RayLopez99 <raylopez88(a)gmail.com> wrote in news:eb771ce1-6150-4198-9764-12322f641777(a)g19g2000yqe.googlegroups.com: > On Mar 25, 7:53�am, Dustin Cook <bughunter.dus...(a)gmail.com> wrote: >> Like I said in my previous response to you, I've been in the PC field >> for a very long time. I was A+ certified when it was still a "cool" >> thing to waste money on. > > Just curious, but what is your hourly rate or do you get paid by the > job? I charge by the job. This allows me to be competitive with everyone else and not overcharge people who really can't afford the repairs but need them done anyhow. > And I'm sure you would be a perfect witness on the stand if I were > trying to prove that it's not Windows but the user who is at fault in > nearly any security breach. SAVE for Zero-Day attacks, which cannot In many cases, it's the user yes. -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior
From: Dustin Cook on 25 Mar 2010 13:28
Peter <pete.ivesAll_stRESS(a)blueyonder.co.uk> wrote in news:MPG.26155e43d8d9c8ab9899a7(a)news.virginmedia.com: > In article <Xns9D4614511B840HHI2948AJD832(a)69.16.185.250>, > bughunter.dustin(a)gmail.com says... >> Char Jackson <none(a)none.invalid> wrote in >> news:blplq5ts2lqpj3mvsr0vbem5eqhed51uc8(a)4ax.com: >> >> > I'll take your word for it since I don't know where you'd like me >> > to "look it up!". All I can say is that I have *never* seen an XP >> > system >> >> http://en.wikipedia.org/wiki/Windows_XP >> >> And I quote: " >> Product key testing >> >> In addition to activation, Windows XP service packs will refuse to >> install on Windows XP systems with product keys known to be widely >> used in unauthorized installations. >> >> Like I said in my previous response to you, I've been in the PC field >> for a very long time. I was A+ certified when it was still a "cool" >> thing to waste money on. >> >> I used wikipedia for the first link convenience only. You can find >> the same information on the laborinth of MS website. They're proud of >> that .. ehh, feature actually. >> > > Please provide a link other than Wikipedia. I've searched for this > activation issue with sp3 and can only find the Wikipedia link. Can't > find any mention of it on Microsoft Support or anywhere else. As Char > Jackson stated, updates are still allowed even if WGA fails and this > is the first I've heard of service packs not being allowed. *sigh*. This is really easy, I've provided a primary google link; and then I followed it up with the wikipedia link. I went so far as to provide the first 5 characters of the infamous blacklisted key. I can do no more homework for you or anyone else. If you or anyone else here honestly didn't know about this problem, you do now. If you still think it's untrue, go fetch the key FCKGW change one of the VLK machines to this key and try loading a service pack... :) -- "Hrrngh! Someday I'm going to hurl this...er...roll this...hrrngh.. nudge this boulder right down a cliff." - Goblin Warrior |