back to article Malware endemic even on protected PCs

Many users remain infected with computer malware – despite the fact that the vast majority are running machines protected by anti-virus software. A study by European Union statistics agency EUROSTAT found that one third of PC users (31 per cent) had the pox even though the vast majority (84 per cent) were running security …

COMMENTS

This topic is closed for new posts.
  1. Anonymous Coward
    FAIL

    I found that AVG is useless...

    As when I switched to MSE it instantly found two trojans..

    not overly impressed..

    whats the point of a resource hog that doesn't serve any purpose...

    1. Joe Montana
      FAIL

      Switching AV

      No AV picks up everything...

      And if you take a given piece of malware and scan it with several different engines, changes are some of them won't pick it up.

      I have done incident response work where a machine has become infected with something, in every single case there was an AV product installed on the infected machine and it was never able to detect the particular infection.. However, other AV products were typically able to detect it (ie it wasnt a zeroday infection picked up by nothing). It's purely down to luck wether whatever product you run is able to detect a given piece of malware.

      The fact you removed AVG, replaced it with MSE and it found 2 trojans doesn't surprise me, but there will also be trojans which MSE doesn't detect and which AVG or various other products might. Try switching back in a few months and see what happens.

    2. Anonymous Coward
      Flame

      What MSE found

      In my case MSE found and cleaned 3 infections that Panda had missed completely.

      Panda has no credibility at all. The so called study is self serving BS.

  2. Reboot_IT
    Grenade

    Almost all...

    ... laptops and desktops that we get from our clients have some kind of infection on them.

    We repair between 30-50 Windows machines a week too.

    The worst offenders usually have the "paid for" AV protection which kindly refuses to update its definitions when the subscription has run out. Most people can't be @$$'d to renew.

    1. Ken Hagan Gold badge

      Re: Almost all...

      I expect "almost all" people admitted to hospital have something wrong with them too. It tells you nothing about the health of the general population.

    2. Ammaross Danan
      FAIL

      Antivirus vs Antimalware

      Malware/spyware are likely not considered "virii" by the AV companies. If you want to keep malware off your computer, get AntiMalware products (MalwareBytes has a decent one). It's sad that AV products don't (or in some cases, just not very well) catch malware.

      Tools for the job, and all that.

  3. Fuzz

    Anti-virus just doesn't work

    I'm not saying you shouldn't have it since it will stop some stuff but I see loads of computers with infections that have always had up to date AV.

    This is why you should never pay for AV for a home computer. In the enterprise it's a different issue because you're paying for the centralised management.

    Far more important than AV is making sure you are applying all the relevant updates for your OS and software, especially adobe flash and acrobat and your browser.

    If you don't use office much then don't have it installed, it's just another attack vector, use one of the free online alternatives, Microsoft and Google's offerings are both good enough for most people.

    1. Anonymous Coward
      Anonymous Coward

      re: Anti-virus just doesn't work

      Anti-virus isn't a panacea.

      Just as important as AV is making sure you are applying all the relevant updates for your OS and software, especially adobe flash and acrobat and your browser.

      There, I fixed it for you.

      1. Sir Runcible Spoon

        Sir

        "Far more important than AV is making sure you are applying all the relevant updates for your OS and software, especially adobe flash and acrobat and your browser."

        Absolutely agree. I have been running PC's without AV on the net since 95 and haven't had a single virus. Co-incidence?

        (I do religiously update my O/S and other software of course, I'm not _completely_ brain-dead)

  4. g e

    Shock news!

    Antivirus is at least partly snakeoil.

    And also no substitute for educating yourself and using common sense.

  5. Adam Trickett
    Linux

    What do you expect?

    The virus writers share ideas (flaws and exploits etc) quickly and easily, whereas the anti-virus people do not share info about viruses and now to stop them.

    The return on investment for a virus writer is probably better than for Microsoft in writing a safe/secure operating system.

    We all know that Windows is as secure as a chocolate tea pot is useful for making tea.

    The money is stacked against MS and the security firms and strongly in favour of the malware creators. If you throw in that MS and Apple have spent decades telling people that "their" computers are easy to administer, when the truth has always been you need to think a little and be careful, is it any surprise that malware is everywhere?

  6. Ken Hagan Gold badge

    Survey?

    The EU study appears (*) to be based on survey respondents and probably suffers from non-reporting by people who feel they have nothing to report.

    (* The press release you linked to doesn't really say.)

    1. Anonymous Coward
      Anonymous Coward

      Sounds about right

      Coupled with Panda's WEAK offering and near total lack of credibility these 'studies' are worthless, as they do not reflect reality.

  7. Doug Glass
    Go

    Huh?

    I have to scan? I have to update what? Aren't computers smart enough to do this all this themselves? What do you mean my virus definitions are two years out dated? I paid good money for these programs and now they want more? No, absolutely not, I don't want anything free, I want the best you can buy. Yeah, I saw the warning, it kept interfering with my chat session so I nixed it.

    That will be $70 thank you. See you soon; have a nice day.

  8. Anders Halling

    Huh.

    This is based on self-reporting. How many knows the difference between different sorts of malware and reported a "pox" for a false positive hit, or a simple tracking cookie or something like that? How many reported thay had been infected because their AV threw a warning at them, even though it detected and prevented the attempted infection? How would you know you have a trojan if your AV don't catch it and it doesn't result in (noticable) "finacial loss or privacy violation"?

    Digging into the eurostat site results in the catch-all "Caught a virus or other computer infection (eg. trojan) in the last 12 months" And "Used any kind of IT security software or tool".

    Respondents were aged 16-74.

    I don't trust the respondents to understand wtf they answered here. I am not very surprised at the numbers, but still...

  9. Miek
    Linux

    A title is not required for this post

    I regularly see "Fully Protected" Norton and McAfee installations running alongside various fake-antivirus programs, trojans, the TDL3 Root/Bootkit and many more.

  10. Colin Critch
    Linux

    All OS need protecting

    Good set up Linux with ESET NOD32 Antivirus 4 for Linux Desktop.

    Good free setup with Windows is Comodo Firewall (FW only) with Microsoft Security Essentials ( for runtime protection ) and Clamwin for mail protection.

    Avira free would have been my first choice on Windows if it scanned incoming email.

    1. Anonymous Coward
      Thumb Down

      Stop using Linux

      if you want to run a proper anti-virus

  11. Anonymous Coward
    Anonymous Coward

    Need the usual head-in-sand comment

    "I've never run anti-virus software and I've never got a virus because I'm careful about my online habits. I'll completely ignore the fact that if I don't run anti-virus software I can't know that I'm not infected."

    1. Player_16

      Here's one...

      I have a Mac.

    2. Sir Runcible Spoon

      Sir

      There are other ways to tell if you've been infected than an AV scan you know.

  12. Z80

    Couldn't think of a title, sorry

    "Half (50 per cent) of the computers scanned by Panda in January harboured malware."

    "Panda's figures come from users of its Active Scan tool."

    Somewhat of a self-selecting group then?

  13. Roger Mew

    French virii

    I cannot understand why France is not up there with the highest number of PC infections, I frequently find over 50 things often over 100 and not infrequently over 300 infections. Most do not have any anti spyware or AV, they open crap email stuff and the number of machines infected with a botnet seems almost as if its given to them by the ISP.

    All I can say is possibly the french did not respond to the survey, they could not or rather would not as it was probably in English, they probably did not realise that they were infected, and that their bank accounts compromised.

    1. Anonymous Coward
      FAIL

      re: French virii

      Downvoted just for not knowing the plural of "virus".

  14. Richard Porter
    Thumb Down

    Phishing?

    Phishing has nothing to do with malware. It's about duping stupid people into going to decoy web sites and entering their login details. No anti-virus will stop that!

  15. Brent Beach

    The alternative - infect 100% of users

    From Panda - "the use of cloud-based architectures is needed in order to stand any chance of keeping the growing volume of malware producers by cybercrooks and mischief-makers in check"

    Which means, when the hackers inevitably hack the cloud, every single user is infected.

    No thanks.

  16. Anteaus

    How many false positives, though?

    Not only is AV software less effective than it used to be at trapping attacks, it also generates an increasing number of false alarms. Most common among these is finding any executable built with the UPX compactor as malware.

    If I scan my (readonly) program-store share with Clam, it finds perhaps 10-15 false positives. Fortunately I know which these are and that they are not infected.

    The only way to be reasonably certain these days is to do a CRC comparison with a known-good copy of the file, or upload it to virustotal for an opinion.

    I don't think this situation weighs in-favour of cloud computing, but it does suggest that running executables from readonly server-shares instead of the local HD has its advantages.

  17. Anonymous Coward
    Troll

    Black Hats == White Hats?

    For a time my favorite commercial AV vendor happened to be located in a certain Eastern European country reputed to be the source of a lot of malware (but NOT mentioned in the article). I used to joke about those guys cracking by night and hacking by day, until I started to wonder if there might not be some truth to it? Like the arsonist / firefighter. I mean, the skill sets are pretty interchangeable, and what better way to drum up business? Certainly, both groups must travel in a lot of the same (cyber?) circles.

    It does give one pause.

  18. Anonymous Coward
    Anonymous Coward

    Harboured or were infected?

    I'm certain that my machines harbour malware, but I'm also certain that I'm infection free. The malware in question is in the folder where dubious e-mails go and is mainly screensavers and documents with embedded scripts. The malware is there until such time as I get round to clearing up the accumulated junk and presents no threat as I haven't the slightest intention of executing any of it. No doubt any scan that picks up this stuff chalks it up as another reason to throw money away on an ongoing basis for the privilege of having your system slowed to a crawl by bloated antivirus products.

    The question is: How many of the 50% were actually infected and how many were detections of trojans, etc. sat around in quarantine folders, recycle bins, etc.?

  19. Anonymous Coward
    Anonymous Coward

    Nitpicking

    I think you mean the users' /computers/ are infected. If the users themselves are catching computer viruses, there are several other articles that need to be written.

  20. heyrick Silver badge

    False positives?

    Just thought I'd add my €0,02 grumble for bloody ClamAV (etc). Doing a site upload the other day, I was warned of a trojan. Something Avast didn't catch? I tossed the file to VirusTotal and three products (ClamAV, TheHacker, and something with a Chinese-sounding name) reported the file was infected with a trojan, though neither agreed on what the trojan was. So I looked up info on the alleged infection, tore the file to bits. Then sent info to the author of the software involved, who confirmed it was a false positive.

    It is stuff build using the latest version of the ClickTeam Installer (I use this as it is to-the-point without loads of complications). Anything built using that will trigger those three A/V products. And warn of a trojan in the machine.

    So given some antivirus products miss things, while others see what isn't there, I would be highly sceptical of a report claiming these sorts of things...

  21. henrydddd
    Linux

    av produce

    In reality, cloud based architectures are not really a solution. The problem with viruses is the Internet. I have a neighbor who has a 15 year old computer and does not use the net and does not put many new products on his machine. He does not get viruses. With Active x, Java, security will be almost impossible. Only a totally black holed machine will be secure. With people who do not educate themselves, a virus prone Windows product, browsers that have almost every attachment that allows defective Active x controls, viruses will remain. With hackers, criminals, and governments producing viruses for various reasons, the problem will only get worse. I am writing this text from my server. I use virtual machines and have antivirus products. I have my own DNS server and an Fence for the net. I try to keep up to date on everything I can. And guess what, I still don't feel secure against viruses. Several people on my lan have gotten viruses by stupid web use over the years.

  22. Anteaus
    Alert

    Cloud has other security issues too..

    A point raised on allspammedup.com is that spammers have latched-on to the fact that with the trend toward IMAP instead of POP mail, more and more users now leave their entire email collection on a cloud server instead of, or as well as, downloading it onto a PC. This opens the possibility of 'bots being used to find accounts with weak passwords and harvest the From: addresses of the emails therein. Naturally these addresses then get hammered with p*nis-pill ads.

    Thus, having a weak password on a cloud account has deeper implications that you might think. It can cause harm to your associates, as well as to yourself.

This topic is closed for new posts.

Other stories you might like