PCMech Forums - View Single Post - Does anyone know what this is; Virus or what?

Statica · 05-31-2001, 11:20 AM

Sorry abt the blunt statement... but here's the thing .. preventing virii & other infections is not about blindly trusting any piece of code to be the end all and be all of all protection. It involves some basic common sense coupled with it. How do you suppose that CERT puts out advisories of vulnerabilities and of infections or how do you think antivirus corps put out pattern updates. It surely doesnt work out that the coder of the virus send a mail to these guys telling them of impending infections (no that only works in the case of terrorist bombings), someone has to get an infection or someone has to get hacked before it is caught and then a cure can be made.
The same can be said of false positives. people have to realize that a particualr file that was IDed as a virus by scans for it not to be a virus, only then do antivirus firms confirm it and then change their heuristics to account for that software as not being detected by a virus.

In addition there are other intangbles to not trusting just an antivirus telling u that a file you dont expect/recognize.. things like, the pattern file u are using could be old.. it is a polymorphic virus that has already changed .....

Basically any piece of malignant code can be termed a virus. A trojan is not necessarily malignant code .. it is (from Greek Heroic Legend) a "backdoor" to a system where none should exist. It could either be propagated separately, or it could be a known software that has an entry that the client is not aware of. A worm is not necessarily a standalone executable, it is more of a macro virus that invokes other components to either propagate itself or to execute.

Quote:

Originally posted by Parangles
Maybe one of you could give us a quick lesson on virii, versus trojans and worms etc. I do not, and have not opened any email in the past 15 years if I don't know the sender. While trying to be lightharted about the matter, I am serious about InnoculateIt. If the consensus is that testing with any antivirus program is not to be trusted then please tell us and I will stop wasting precious time using any.