Efficient WEB protection - which program?

Not unless they infect or modify preexisting programs in such a way as
to cause them in turn to infect others in the same manner, recursively.

[...]

 

Yeah, I usually let it pass or just add it in as extra information.
Sometimes it really does matter whether or not a virus is involved.
Different things have to be considered if a malware instance really *is*
viral.

 

You must have the strangest possible definition of "infection"
in mind.

 

Virus Guy wrote:
[...]

Eh, that ain't gonna happen - not just because someone calling himself
Virus Guy doesn't understand why it remains an important distinction.

That comes very close to the definition of a trojan, which some
taxonomies treat as a superset of virus. If it (a trojan) replicates
itself via infecting programs with copies of itself, it is termed a
virus because additional tools must be brought to bear - it is that much
more important that its viral aspect be addressed that it necessitates
making that distinction with the terminology.

You may be thinking about polymorphism here, but it is an important
thing for the virus that the new set of form be functionally equivalent.
It can't be a different program, just a different way to achieve the
program's same functions.

Network replication is another matter entirely. By virtue of the virus'
ability to make a copy of its own viral function, it has the ability to
place that code within preexisting programs (file infectors for
instance) - programs that use network replication only, can't do this.

....or so it seems from recent history.

Some virus' only goal was to use those resources to replicate, and
perhaps help distribute a data diddling payload.

 

all of those things reproduce, so it is not unreasonable to call them
all infectious agents. in computers, only viral malware reproduces, so
only viral malware can be called an infectious agent.

if i puncture your spleen with a screwdriver, the screwdriver has not
infected you, you are not infected with screwdrivers regardless of the
fact that it has overwhelmed the protective covering known as skin.

the system may become infected, but not all invaders are infectious
agents.

since there is no circumstance under which an automobile would be
considered infected (except perhaps by computer viruses in more modern
ones), the automobile analogy really seems like a non-starter.

a trojan no more infects a system than a hypodermic needle infects a
body. it may carry an infectious agent, but it is not itself one.

infection is absolutely an analogy to biological systems, but not all
things that act in or on biological systems are infectious agents.

 

this question doesn't make sense. it is trivial to write code that
takes over a system without being capable of self-replication.

if your malware lexicon is so small that it is useless to you, my
condolences. but don't project your own limitations onto others. it is
not useless. things that fall outside that definition have the
distinction of having other names. those names impart meaning that is
lost when you call everything a virus, just as the concept of
identification would be lost if we called everyone bruce.

when speaking broadly, the umbrella term you're searching for is
malware.

no, to 'open channels to obtain a new or different agent' is to be a
downloader trojan. that is not self-replication. even if the file it
downloaded was identical to it (which would be pointless), it would be
making a copy of it's twin, not of itself.

just because the goal is always the same, doesn't mean the actor is
too.

since i'm unclear on how you're using "replicate" here, i can't really
answer your question. i suspect, however, that since you felt the need
to put it in quotation marks it probably would be something that
doesn't qualify as self-replication.

narrow? one of us has a 'word bag' that only has one word in it
("virus"), and it isn't me.

 

i'm certain that i could come up with a stranger (albeit wrong) one.
therefore the one i have in mind is not the strangest one possible.

 

No. Equally strange (wrong) - yes, plenty. Stranger (more wrong) -
no, other than something completely nonsensical, it would be
practically impossible to have one.

 

Sorry....

I disagree with you so we will agree to disagree.

 

I love it! Someone asks a good question, and instead of anyone
answering it. we have an idiotic semantic argument on what's a virus.

If it's nasty, as far as I'm concerned, it's a virus. You can call
it what you want to! When someone else uses the term virus, you know
perfectly well what they mean.

Now. I too want to know what anti-virus program can spot viruses.

Yours,
Dora

 

villandra wrote:
[...]

It was answered long ago, and "WEB protection" and "antivirus" are
entirely different things despite user's desire to gloss over the
differences.

The OP provided an example malware that he desired protection from, he
got several good answers and picked one already.

Usually not until we identify what it *really* is can we address how to
protect yourself from it. Chances are *very* good that a virus is not
involved, and that simplifies matters considerably.

The term 'virus' for some reason has popular appeal where the correct
term of 'malware' is rather dull. It doesn't matter what you call a
virus at your dinner table, but it matters here.

That's an entirely different question from the one the OP asked. "All of
them" is the answer, that's why they call them anti-virus programs. Good
WEB protection can come from anti-malware programs (which in turn do not
specifically target viruses).

I use Avira Free Antivirus, and don't use any web protection thingies.
Another computer I have running Avast! Antivirus (free).

None of those will stop Javascript from running, which is what the OP
really needed anyway IMO.

 

No, not just any "javascript" but, very clearly, the javascript that installs
and runs malware. Both of these programs are advertised to stop such
attacks and, in fact, are supposed to be able to do it - based, at the
very least, on the file execution real time protection (OK, so in my
case it was aided by some other program's security hole but the
fact is that a malicious EXE with a code normally detected by both of
the programs was allowed to be run). That's a big FAIL for these
antivirus products.

Dima

 

and i love how people with no appreciation for the meanings of words
use "semantic" like it's a slur.

no, actually we don't know perfectly well what they mean. we'd have
only the barest inkling of what they mean.

ignoring the difference between viral and non-viral malware is like
ignoring the difference between a sprain and a broken bone. unless you
treat them both with amputation, recovery depends on knowing what
you've actually got.

 

it hardly takes a pedant to recognize that there's no such thing as an
infection that doesn't spread.

 

How does it get to your computer?

 

Maybe this can be solved easily. Your computer gets "sick" rather than
"infected" and leave the rest to the "doctors."

Of course I don't go to the doctor every time I get sick.



Are there any Doctors in the house?

 

and? it still spreads. it still reproduces, even if it uses an
intermediary.

 

non-viral malware can BE spread (like manure) but it doesn't spread
itself (like an infectious disease).

it gets on your computer by way of being purposefully placed somewhere
(by a human being) where you (or some automated part of your computer)
are likely to run it.

the key difference between viral and non-viral malware is that
dependance on intentional malicious action by a person. after a virus
is released into a population, it just keeps going and going
autonomously without interference, but non-viral malware doesn't go
anywhere without someone laying some sort of trap.

and the reason that's important is because autonomous action can (in
theory) be mitigated with autonomous defenses, but human action cannot.

 

The initial URL used Javascript to read, write, and compare cookies. The
result of the comparison was to redirect to another URL with more
Javascript else to "Bing". Some of the 'more Javascript' was obfuscated,
but obfuscation in and of itself is not a sign of maliciousness.

Every such "protection" program can be expected to miss some of the many
different forms that even one malware can assume through polymorphism of
one type or another.

I never asked about what kind of "Web Protection" was envisioned by the
OP, but one kind I can think of is basically a black list of domains
known to be currently (or recently) serving up malware (sort of like the
'hosts' file so often touted). Such 'protection' doesn't even look at
files at all. *Viruses* have to be looked at, you generally can't
protect yourself from them without having the ability to inspect within
program files for their signature(s). That ability is quite a bit more
complicated than most people realize.