I help my family (mom, brother, and sometimes sisters) with their computers. My sister likes to go to my mom's house and install things on my mom's computer for her to use. One thing in particular I didn't pay attention to for a while, but I am putting my foot down now.
There are games my sister has downloaded (I believe from p2p file sharing software like Shareaza). Since I am responsible for the security of my mom's computer I have begun recently (yes should have done this a long time ago) to put my foot down and say "no more."
Software obtained from torrenting, p2p, and pirate websites are well known to often (VERY often) contain viruses, and these files are no exception. I have scanned these crack files on www.virustotal.com which scans the files with about 40 something virus scans, and i have repeatedly come up with many positive results for malware on these files. I don't remember exactly what results, but it was plain that they were infected.
However, my sisters refuse to listen to me, constantly claiming I am just "paranoid." Yes even in the face of my claims of finding malware with virustotal. One of my sisters says she has scanned the file in the past with 2 different virus scans which found nothing, and so therefore there is no malware infection. Regardless of how I point out my findings, and explain to them the nature of virus scans not finding everything, they refuse to listen. This virus subject has come up a couple of times so far, but they have not yet brought the files to me to demonstrate.
I believe I'll have to wait until the games are reinstalled on my mom's system again before I can just send them to virustotal right in front of my mom in order to demonstrate... two virus scans do not a clean file make. 43 virus scans with no result do not a clean file make, but these files get quite a few positive results on the virustotal website. I fully realize there is a such thing as false positives, but when it comes to various game crack file downloaded from p2p (roughly speaking, about 15 game cracks total for about 15 games), all or most of them coming up with positive results... well you get the point. Warez is notorious for malware. I wouldn't let those files run on my computer. Would you?
As for my "credentials," I am self trained. I have admittedly done extensive reading on the subject, and have currently switched to studying BSD security for enterprise networks. I am very good at spotting the effects of malware on a system. I have managed openbsd and freebsd firewalls and webservers, command line linux webservers, all running apache with mysql, I've built and managed several websites. I am familiar with snort IDS, and other intrusion detection systems, I understand quite well how virus scans work. I know Windows operating systems for the most part, inside out. I am proficient in the Linux and BSD operating systems. I've worked a year or so in Microsoft tech support (often removing viruses,) and have done on and off tech support part time for various people over a period of roughly 8 years. Usually friends refer me to people who need help. No official credentials, but I am good at what I do.
They still refuse to listen to me. Anyone care to respond to them? It would be nice to hear the opinions from some credible professionals I can refer them to. Thanks. I'm just trying to do the right thing and keep the family's computers clean.
Edited by tech98001, 02 November 2010 - 07:54 AM.