Virus protection?

Discussion in 'Mac Basics and Help' started by JesseMashburn, Jun 13, 2009.

  1. JesseMashburn macrumors newbie

    Joined:
    Jun 13, 2009
    #1
    I am getting ready to install windows XP on my Mac using Boot Camp. The only reason I am installing windows xp is to use one CAD program. I plan to never be online while using the windows partition. Do I need anti-virus software if I am only going to use windows for one program and will never be online while in the windows partition?
     
  2. r.j.s Moderator emeritus

    r.j.s

    Joined:
    Mar 7, 2007
    Location:
    Texas
    #2
    If you are going to be sharing files with other Windows machines, then I would have it, just to ensure they aren't passing anything to you.
     
  3. AmpCoder macrumors 6502

    Joined:
    Mar 27, 2007
    #3
    If you never intend to access the Internet then there really isn't a need for an antivirus/anti-spyware application.
     
  4. Sambo110 macrumors 68000

    Joined:
    Mar 12, 2007
    Location:
    Australia
    #4
    I don't use anti virus software on my Boot Camp partition. The only time I go on the internet in Windows is to download from trusted sites.
     
  5. Pika macrumors 68000

    Pika

    Joined:
    Oct 5, 2008
    Location:
    Japan
    #5
    Just be careful... and stay away from the internet.

    [​IMG]

    In Windows world, nearly all malicious content these days is in the form of a Trojan Horse that ends up on a user's computer typically in one of two ways...

    Through an exploit of a known/unknown vulnerability in software (and now hardware) or exploitation of the end user. This simply means that a user visiting a website with "browser X" loaded with "vulnerable plugin Y" creates an opportunity for pwnage.

    Trojan Horses (especially ones that are aware of system processes) can cloak themselves from anti-virus software and inject polymorphing code into active services and processes. This creates an environment where your anti-virus or anti-malware software detects the initial Trojan Horse after a signature for the malicious file is released, but the injected code has already carried out its payload. To make things worse, some are self-monitoring where if the initial Trojan Horse and/or registry entries are deleted, the injected code, in say svchost or explorer, generate new Trojans with modified signatures.

    I have yet to see an anti-virus product that is looking for more than the signature of a malicious item, not directly at its behavior. This is where host intrusion prevention software often picks up, but is typically a nuisance to the end user as they can encounter a whole range of false-positives.

    Your best protection is to know your computer's operating system.

    If you see a sudden spike in network traffic for no reason, check it out.
    If you see changes in hard disk activity, check it out.
    If you notice that outgoing packet count on your router is high, check it out.
    If you see system settings suddenly changed (like holes in your firewall, services that are enabled that weren't previously), check it out!

    [​IMG]
     
  6. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #6
    The whole windows virus thing is blown wayy out of proportion... If you don't suck as a human being you won't get a virus. It is pretty simple.

    -Dont accept files from msn, aim or what ever when it is some one you dont know.
    -If some one in your IM client is acting weird and saying things like "want to see me naked? accept this file".. and it is actually your grandma, its a virus.
    -Same goes for emails
    -Same goes for websites.. Don't download what looks weird
    -PAY ATTENTION! If s file you are trying to download turns out to be some thing else, dont open it! If you downloaded an MP3 and it turns out to be some thing weird, chances are you have been hosed!
    -Don't accept files from idiot friends or relatives... Assume every one sucks but you.

    And other common sense things.

    Most viruses out there are the fault of the user... Every one just blames the OS because they don't want to take responsibility of the fact that they are a retard.
     
  7. Pika macrumors 68000

    Pika

    Joined:
    Oct 5, 2008
    Location:
    Japan
    #7
    You may be Einstein and still have problems with Windows. We are not perfect. Try to understand it. It's NOT the user, it's the OS.

    Your computer can be infected just by browsing to a site with malware, without any further action on your part.
     
  8. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #8

    I have never had a virus on windows.. I have been a windows user active on the internet since 3.1

    Unless the OS automatically goes to these websites, it is not the Operating systems fault. The user chooses where to go on the internet. If you do not have enough internet smarts to avoid certain sites that is your own fault.

    This is the same excuse many OSX people say when people complain about their macs getting a trojan.. User fault.
    You have a choice, and if you make an uninformed one- sucks to be you.
     
  9. Pika macrumors 68000

    Pika

    Joined:
    Oct 5, 2008
    Location:
    Japan
    #9
    How do you know?

    As soon as you connect to the internet with Windows (which automatically do when you turn on your computer) without opening a browser you can get infested without your knowledge.

    The OS plays a major role into this.

    Unix which forms the core of Mac OS X was designed from the ground up with the idea that many people would be using the computer at the same time. Back when Unix was invented, computers were to expensive for one person to own. There were always shared. Windows came around much later and was designed when the computer has only one user and no network and security was a nonissue.
     
  10. MorphingDragon macrumors 603

    MorphingDragon

    Joined:
    Mar 27, 2009
    Location:
    The World Inbetween
    #10
    No you dont need one. :rolleyes:

    No really, it doesn't matter which one you have. Even if its a Free one from AVG or COMODO, if its your active OS.
     
  11. i.shaun macrumors 6502a

    i.shaun

    Joined:
    May 1, 2008
    Location:
    Canada
    #11
    you guys seem to be knowledgeable on viruses, are there self-executing viruses on Windows?


    My friend got infected, and I was explaining that the reason UNIX bases systems are safer is because exe files don't run for one thing, and for anything to install, or do anything harmful -- it requires the user to input the admin password for authorization. That's why trojans are the only malicious things attacking Mac OS X, but they still require the password.


    My friend said no, viruses cannot run or do anything unless he opens it himself. It needs to be attached to a music file or something, and opening it will execute the virus, or if it's malicious exe file on the desktop -- it needs to be double clicked before anything will happen (yet we was still infected).




    I couldn't really argue self-executing viruses, unless it's an e-mail virus. I showed him some e-mail viruses don't require you to open the message, or attachment -- simply viewing the "preview pane" will execute it.
     
  12. MorphingDragon macrumors 603

    MorphingDragon

    Joined:
    Mar 27, 2009
    Location:
    The World Inbetween
    #12
    They're called Worms, Like Conficker. They infect a PC by themselves and Execute through a security hole.
     
  13. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #13
    I am sorry, but you don't have all of the information.

    A wesbite can not magicaly give your computer a virus. There must be security holes for such thngs to happen, and they are quite quickly patched by microsoft.
    Secondly, how this whole nonsense started is ActiveX controls, which are now disabled by default... Does this mean you are 100% safe? NO! But common sense should be enough to help!

    How do you know what websites to go to and which not to? That is quite subjective. It depends what you are trying to accomplish.
    Warez? This is where most people find trouble. They try to find programs, tv shows, movies or what ever else to download...
    One option is DONT... The other option is try and find a site that has a large user base and heavy moderation (deleting links to viruses and other bad things).
    If you are just looking for news, and a link that was supposed to go to CNN.com ends up taking you to a compelte different site (LOOK AT THE WEB ADDRESS) and asks you to download some thing.. DONT DOWNLOAD ANY THING! LEAVE THE SITE!

    As for your comments on on unix, and networking...... Do you have a clue on what your saying? or are you just repeating random bits of information that you mashed together?
    ALL CURRENT VERSIONS of windows are NT! Windows NT was designed around networking, domains, servers, and overall multiple users.

    All I can say is do some reading on the history of unix, and what it actually means today before actually commenting. You really seem like you have no clue what you are talking about.:rolleyes:


    Your friend is wrong on why unix is safer. It really has nothing to do with exe files. Exe files are just a specific file type. There are many many many many many equivalent file types on unix platforms.

    As for the admin password thing.. Sort of. To do many changes to the core system the admin password is required. This does result with much less user error. But there are still things that can be launched by the user, and do not ask for user/password and still cause some degree of "harm" to your computer.

    Your friend is some what correct... a lot of viruses are just scripts that launch at run time, or along side another process.. So your friend may not be launching it directly, but another process can... Often by security holes in the OS.

    E-mail viruses (depending on the email client) gernally have to have the attachment downoaded and run. Some clients do this for you unless you tell them otherwise.
     
  14. chrono1081 macrumors 604

    chrono1081

    Joined:
    Jan 26, 2008
    Location:
    Isla Nublar
    #14
    To the OP:

    Viruses are blown waaaay out of proportion. Anytime I work on someones computer they always blame whatever is wrong with it on a virus (thanks hollywood movies!)

    While it is much easier to be infected on a windows machine vs mac os or linux etc due to window's many security holes and the fact more malware is written for windows, you shouldn't worry constantly about getting infected unless your online all the time going to torrent sites or warez sites etc.

    Malware as of late is usually being picked up by visiting malicious websites (IE you get a link in your email for some site and instead of typing in that site in the address bar you click the link in your email that takes you to a fake site instead)

    As long as you use common sense you should have no worries about a virus.
     
  15. Tumbleweed666 macrumors 68000

    Joined:
    Mar 20, 2009
    Location:
    Near London, UK.
    #15
    This is garbage and the reason its garbage is that many reputable sites have at one time or another, been infected by malware that will infect a windows machine without the user doing anything than visiting it.
    This is not some pr0n or warez site but could be any medium sized retailer, bank, etc, literally tens of thousands of reputable sites have been infected with malware like this.
     
  16. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #16
    Care to share specifics (like a bank that gave its users a virus)?:rolleyes:
    All you are doing is spreading apple propaganda. wheres the proof?
     
  17. Tumbleweed666 macrumors 68000

    Joined:
    Mar 20, 2009
    Location:
    Near London, UK.
    #17
    Will this do?

    http://www.networkworld.com/newsletters/techexec/2008/0303techexec1.html?page=2

    Google says the scope of drive-by malware is 'significant'

    The researchers randomly selected 7.2 million URLs and categorized them by content (using DMOZ categories). The adult category did land at the top of the list in this control group – in other words, the highest percentage of the random sites have adult content. Then they took 3.3 million URLs known to be malicious and fit them into DMOZ categories. It turns out that the top categorizations of URLs known to be malicious include, in ranked order: society; computers; regional/U.S.; business/industrial; arts/entertainment; computers/Internet; business; adult; health; arts; online communities; and so on down the line. What does this tell you? That seemingly benign Web sites – perhaps the kind that you visit everyday for work or pleasure – have the ability to deliver dangerous malware payloads.

    √A security report titled " A Comparative Look at the State of Web Security" presented some key figures that raise serious concerns. ScanSafe, a web security company, produced the report. The study's timeframe focus was between May 2007 and May 2008. One of the key conclusions that the report showed was that 68 percent of legitimate websites were hosting malware. Hackers had been able to infiltrate various sizes of legitimate websites, ranging from well-known to smaller businesses, according to Mary Landesman, senior security researcher at ScanSafe.

    http://webhosting.devshed.com/c/a/Web-Hosting-Articles/Malware-Attacks-Growing-at-Popular-Websites/

    A security report titled " A Comparative Look at the State of Web Security" presented some key figures that raise serious concerns. ScanSafe, a web security company, produced the report. The study's timeframe focus was between May 2007 and May 2008. One of the key conclusions that the report showed was that 68 percent of legitimate websites were hosting malware. Hackers had been able to infiltrate various sizes of legitimate websites, ranging from well-known to smaller businesses
    One such legitimate website was nature.com. The website is one of the top 500 most-trafficked websites with over 700,000 unique visitors each month (according to Quantcast ). However, nature.com was one of the websites that had been compromised. The study found that malicious scripts were embedded in nature.com. The malicious scripts consisted of password-stealing Trojans found on visitors' computers. Fortunately, nature.com immediately repaired the problems. However, in just one day when the website was compromised, 30,000 users could have been exposed to these malware threats.

    http://hothardware.com/News/Websites-Slow-to-Clean-Up-Malware-Infection/
    Websites Slow to Clean Up Malware Infection

    "… a new round of mass Web attacks has started during May 2008. Hackers successfully compromised a large number of government and top businesses websites worldwide to infect visitors with malware. ....

    Finjan states that the compromised domains reference back to over 160 domains that serve the malware, and that the number of these "malware serving domains increases every day." According to Finjin, compromised sites included sfgov.org (San Francisco's official site), nhs.uk (the U.K.'s National Health Service), Snapple.com (Snapple's official site), uci.edu (University of California's official site), and btimes.com (the Baltimore Times).

    Is The IndiaTimes Website Bombarding Visitors With Malware?
    from the can't-be-good-for-repeat-business dept

    http://www.techdirt.com/articles/20071112/011818.shtml
    While it's well known that less well known sites may have been set up to maliciously install malware on your computer, most people assume (reasonably so) that larger, more well known sites are most likely safe to visit. However, one security firm is out raising the alarm that the English-language website of the India Times, a popular newspaper in India (which we've linked to multiple times in the past), is apparently chock full of risky pages that exploit various security vulnerabilities to try to download hundreds of malware apps to your computer.

    http://www.nst.com.my/Current_News/techNu/Monday/TechTalk/20080608172433/Article/index_html

    “Large corporations’ and governments’ Web sites have been victimised. Recently, Honda Thailand’s Web site was hacked to deliver data theft Trojans to unprotected computers. Similarly, well-known government Web sites were hacked to push malware to visitors. Cyber crooks basically exploit visitors’ trust in these well-known Web sites, and those with no real-time protection are vulnerable,” says Trend Micro’s chief technology officer, Anti-malware Raimund Genes.


    http://www.esoft.com/company/press_detail1.cfm?ID=206
    On March 28, security researcher Dancho Danchev reported on his blog that the latest high-profile sites injected with the malware included USAToday.com, ABCNews.com, Target.com, Walmart.com, Sears.com, Forbes.com, Jcpenney.com, and others.



    Enough specifics?
     
  18. Sambo110 macrumors 68000

    Joined:
    Mar 12, 2007
    Location:
    Australia
    #18
    I've probably got a virus on my Windows partition then :p. Is there anything wrong with that? I rarely use it.
     
  19. JesseMashburn thread starter macrumors newbie

    Joined:
    Jun 13, 2009
    #19
    How long have you had your windows partition up and running without virus trouble?
     
  20. JesseMashburn thread starter macrumors newbie

    Joined:
    Jun 13, 2009
    #20
     
  21. r.j.s Moderator emeritus

    r.j.s

    Joined:
    Mar 7, 2007
    Location:
    Texas
    #21
    No, that is not possible. When running BC, if OS X is running, Windows is off.
     
  22. i.shaun macrumors 6502a

    i.shaun

    Joined:
    May 1, 2008
    Location:
    Canada
    #22
    even if you don't click the browser, you can be attacked if the internet connection is active.

    If the internet connection is inactive, and you are offline, you are safe from direct attack. You can still get a virus/worm/trojan/other malicious code if the computer is connected to a network with other Window's machines, or something piggy backs on a file from a USB drive or something and you open it on windows.


    I'm not sure if a worm can operate at all in mac OS X, and thus find the windows machine on the network, or if it has to be specifically made for OS X to run.



    In any case, if you hardly use it, and it's not connected to the net, it should be fine provided you be careful what you bring in to it. It probably would be wise to get a virus scanner to scan USB drives and stuff before transferring anything to it (unless you don't mind re-installing if something happens).



    A setup I find works best is to keep files on another partition aside from windows (but don't let that be your backup). If the system becomes corrupt, pop in the disc, format the main partition, and re-install. The pictures, documents, and other files you use are safe from being formatted because it treats the other partition as a separate hard drive.



    I hardly run anti-virus stuff but I don't do too much on my windows machine. In fact every scan that started i cancelled because I was doing stuff, and then I shut it down lol

    I guess I should go see if I got anything. . . my friend just got a worm or something, so maybe something is going around.
     
  23. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #23
    Actually no.

    Your first article is just pointing out security holes of the past. Finding exploits in certain browers to run malicious code. As I mentioned browsers have been updated since then, and the exploits closed.

    As for your examples, all of them require some form of user interaction.. Like downloading a file. This is where the common sense comes in.

    And you said banks.. Where are the banks? :rolleyes:

    This is all just typical mac user propaganda. Running windows is not like being in the wild west!
     
  24. AmbitiousLemon Moderator emeritus

    AmbitiousLemon

    Joined:
    Nov 28, 2001
    Location:
    down in Fraggle Rock
    #24
    Unfortunately you are wrong. Running windows is like being in the west (without the fun stuff like horses, whiskey, cowboy hats, spurs, and brothels).

    Studies (and there are hundreds) typically show that the majority of Windows users claim they themselves have never been infected by malware, but forensics typically finds malware on most Windows machines. Significant percentages of malware detected in studies does not require any user interaction - you can simply plug the computer into the wall walk away and come back to find it infected.

    A good piece of malware will not alert you to it's presence. People only usually notice negative effects from malware when it malfunctions or when they have become infected by so many different malware applications that they interfere with each other.

    Further, usage of antivirus software is not adequate protection for a Windows computer. Forensics studies on windows computers usually find that a significant percentage of infected machines had up to date copies of antivirus software.

    I'm not going to quote hundreds of studies for you but here is a small sampling of what can be found on the first page of a google search of such data (the numbers vary wildly, but even the lowest estimates are disturbingly high):
    35% had up to date AV software
    one quater of US computers infected
    Microsoft says 60% of Windows PCs infected
    Microsoft claims 70% of Windows Vista PCs are infected
    Malware uses Windows update to infect machines
    Three-quarters of enterprises will become infected with undetected, financially motivated malware next year
    Microsoft reportedly observed a 43 percent rise in the prevalence of malware-infected computers. Researchers are also observing a rise in what they refer to as Malware 2.0: malware that is increasingly virulent and stealthy.
    Worm infects 1.1M Windows PCs in 24 hours
    45% of US computers infected
    Obama website spreading malware
     
  25. VPrime macrumors 68000

    VPrime

    Joined:
    Dec 19, 2008
    Location:
    London Ontario
    #25
    The term malware is thrown around very loosely.. Spyware, adware etc. Is not what I am talking about.

    I am speaking viruses, and worms, trojans.. The big guns.

    A lot of the reports use the term malware, but don't go into specifics.

    My comments were towards viruses, and how people blow them out of proportion.

    I will just leave it here though, it is very clear that the majority of forum users here can not be unbiased towards windows... Which I don't understand, it is a piece of software.
     

Share This Page