If we really want to take virus protection seriously, we'd get involved with reporting undetected viruses to antivirus product vendors. Malware developers thrive because very few people investigate virus alerts.
A typical web-based virus attack scenario consists of multiple components. A user may willing install software, a trojan horse, and that software may download additional malicious components. Alternately, a user may inadvertently install software, a drive-by download, when visiting a web site. This software also downloads additional malicious components. It is almost always the case that one or more of these components is already detected as malicious. If enough people follow up on enough of these virus detection events and get samples to antivirus vendors, we can make malware development less attractive.
There's a mystique to finding malicious files, a belief that you need special skills. That's not true. There's a belief that its the job of the antivirus vendor to both find the malicious files and to develop protection. How's that supposed to happen?
Abandon those misconceptions. Here's an easy way to find suspicious files that you can give your antivirus vendor. You can detect that which they don't detect. Use Trend Micro's System Information Collector utility. See "
Collecting malware samples and logs using the System Information Collector (SIC)" for download and usage instructions. This particular page does not indicate that Windows Vista among the supported Operating Systems, although other references indicate that it is supported. With this utility you will create a log file of system information and create a ZIP archive of suspicious files. Review the log file if you like, that's optional. The important next step is to get the files that were archived to your antivirus vendor for review. The password for the ZIP file is "virus" (without the quotes).
That should be minimal follow-up for a successfully infected system. Run SIC; get suspicious files to vendor. You can do this; this can work. We can do this; we can make malware development a less attractive profession.
Seriously. This is real National Defense stuff you can be doing. Infrastructure Defense. In your spare time. Today.