where do my viruses come from?
July 5, 2008 10:58 PM Subscribe
When AVG antivirus finds a virus, it tells me where it is and the filename. Is there any way to find out where it came from? I'm showing a handful of trojans and exploits over the past six months and I'm curious.
Yeah, negative ghostrider.
AVG doesn't know where your files came from. Consider: your *operating system* doesn't even know the source of your files; the program that created a file isn't stored in a file's metadata at all. It *does* know when it was created and modified and who the owner is.
Chances are, it's either P2P software, hacky exploits through an unpatched browser and porn or P2P websites, other shady websites, or a separate piece of software that's doing a good job hiding and being otherwise malicious. Have you done a complete scan?
While it *could* be perhaps feasible to enforce a writeout of the "creating process" to every file's properties, ever, I think this would tax the file system way too much, especially for things like installs, etc. (Though my knowledge of the internal workings of a file system is basically nil, I'm guessing it's relatively easy to derive/"tack-on" the other data like when it was created or modified as a general matter of course.)
If you're not behind a router, you need to be. Otherwise, keep letting AVG do its thing and stop going to cheap porn sites. :-)
posted by disillusioned at 1:07 AM on July 6, 2008
AVG doesn't know where your files came from. Consider: your *operating system* doesn't even know the source of your files; the program that created a file isn't stored in a file's metadata at all. It *does* know when it was created and modified and who the owner is.
Chances are, it's either P2P software, hacky exploits through an unpatched browser and porn or P2P websites, other shady websites, or a separate piece of software that's doing a good job hiding and being otherwise malicious. Have you done a complete scan?
While it *could* be perhaps feasible to enforce a writeout of the "creating process" to every file's properties, ever, I think this would tax the file system way too much, especially for things like installs, etc. (Though my knowledge of the internal workings of a file system is basically nil, I'm guessing it's relatively easy to derive/"tack-on" the other data like when it was created or modified as a general matter of course.)
If you're not behind a router, you need to be. Otherwise, keep letting AVG do its thing and stop going to cheap porn sites. :-)
posted by disillusioned at 1:07 AM on July 6, 2008
Best bet, IMHO, Google the filename, might give a clue.
Otherwise, seriously, do keep an eye on what you download via e-mail attachments. That's usually the main source, too many people just see an attachment, click on it, and voila instant virus.
/software developer, and virus-free for many years. think I've only really had one, but it was common, and even mico$oft had a patch for it.
posted by hungrysquirrels at 10:49 PM on July 6, 2008
Otherwise, seriously, do keep an eye on what you download via e-mail attachments. That's usually the main source, too many people just see an attachment, click on it, and voila instant virus.
/software developer, and virus-free for many years. think I've only really had one, but it was common, and even mico$oft had a patch for it.
posted by hungrysquirrels at 10:49 PM on July 6, 2008
This thread is closed to new comments.
posted by philomathoholic at 11:31 PM on July 5, 2008