Why use an AV?

Roger, thats a great idea. Come on over.

Cheers

Bo

 

Hmmm, I don't know in other places but in mine, when you put a word in quotation marks, that means you have some hidden meaning with the word.

To put it simply, I write because in a typo style so that the definition would be a little off. Sorry for my twisted taste of humor and speaking/writing.

The main point that I was trying to say is that some people do somethings without they even realize about it. Don't even understand what they're trying to achieve. Don't even consider the pros and cons. Of course, if it only affects oneself and s/he learnt from the mistakes, then it's a good thing. But don't you get irritated about people badmouthing... say, Windows just beacuase (haha I love this word) they followed the wrong guide or other mistakes and yet they blame Microsoft? Well okay, Microsoft had their own guilt, but that's a separated topic.

And to apply it to real-time AVs, there might be some people out there who did the same.

Yep. Safeguy, Hungry Man, Blog Technet, and any other sources I can find and understand. Just much prefer to play safe.

 

Same here. No doubts reading documentations can make it easier and avoid known problems but at other times, it might make it look more complicated/confusing than it really is. I prefer to go hands-on 1st and if I don't know something, search the web. Chances are you'll find answers and more than what you hope for. Being used to this is also good because it teaches one to no longer be dependent on "Help" files.

 

Half-same here. I usually do some readings to know:

- What is it?
- What does it do/what is this for?
- How so?
- What are the most common problems had occurred and what are the possible solutions?
- What are the terms?

And so on that I need to understand until I decided to let my itchy hands playing around with it. In case something goes wrong, I have my image backup.

 

Some people find the "benefits" of using a real-time AV not worth the "costs". By "costs", I don't mean the price tag (free ones are available for home users anyway)

 

"Simplest" - maybe
"Best" - not necessarily

Business environments are usually mission critical. IMO, they should not employ automatic updates.

I do agree though on not leaving the decision to employees.

 

Ah, I see what you mean. It could be used that way, but I think you would have to structure the rest of the sentence in a way that reinforces that use. The way you had it, to me anyway, seemed like you were literally meaning what you wrote.

Oh, I see what you are saying. From that perspective it could be that someone goes without an AV and then does something like blame the browser or the OS (but never themselves ).

While I see what you mean, I still think it comes back to the given user having some sense about them. There are many things in life you read or hear that you should not do. And of course there are always those that do it. Ever seen a youtube video of people jumping off a roof trying to slam dunk a basketball, only to biff it. Or people trying to jump something with bicycles? People do some crazy stuff without thinking, thats for sure.

Sul.

 

So I took off my AV and after 15 minutes I bottled it and put it back on. It just seemed too weird for me.

 

Oh you're gonna getting used to it if you bite the bullet and just continue. =V

Just sharing, a few weeks or months ago I decided to run-no-AV, again. This last one is probably the thinnest one I've ever done, only:

- Chrome
- ScriptSafe
- Windows FW & my router
- SRP
- HitmanPro
- On Admin

That's it. No Sandboxie, no HIPS, no real-time AV, not even common sense. I surfed the web as I usually do for around 2 weeks or so. The result? No infection. At least HMP shows nothing. Not sure how is it if I continued to do that for about six months, however. I even started to questioning where are these zero-day malwares which everyone seems to be scared about? Still, I prefer to use an AV, even though it never detects anything in these last few years.

You know, what if anti-exes were the mainstream and the thread title was: Why use an anti-executable? Interesting to imagine how much this will affect our posts.

 

That reminds me of an article I read a couple years ago, or more, at F-Secure blog. It was about a recommendation that they made about alternatives to Adobe Reader. They emphasized they didn't mention not to use Adobe Reader, but rather that each individual should look at other alternatives and see the one that best fits his/her needs, and that using just one application would be bad, of course, because it would mean one target.

They mentioned something about the time of Internet Explorer 6, when it was massively used, and that 100% of attacks were directed at it, but when users started to use Firefox, 40% of attacks directed at IE6 went to target Firefox.

I no longer got the link, though. I suppose if one takes the time, one should find it at F-Secure blog archive. But, I wonder why someone didn't ask back then: Why use Firefox?

Regarding antiexecutables, we won't suffer from the same fate that AVs did, because most of the home users don't know about them, nor how to work with them. It's a security through obscurity some of us have at their disposal.

Some say something like Sandboxie, DefenseWall, etc are enough. The question is, enough under what scenario? These tools also enjoy security through obscurity. Should they be massively used by home users, then we'd see which of these tools and coders would stand and fight back. But, if hole after hole where to be found in any of these, which developer would have the resources to solve the bugs ASAP? Only those with great resources...

Anyway, I don't think I'll live enough to see the day that AEs, etc lose their benefit, at least as a home user.

 

AV's have been around for such a long time, are marketed so well, and are easier to use for the masses than anti-execs and HIPS.

 

So I guess the simple answer to the thread question of "Why use an AV?" is: because it's easy...

 

A simple format like this perhaps.?

My reason for not using an av................are.?

 

@GrafZeppelin, what you've said mirrors other comments that have been made that when you drop AV you're not suddenly going to get swamped by a tidal wave of viruses. I know people that have used an AV that has gone out of date and no other good security programs and not run into any problems.

 

And visa versa.

I know someone who went without an AV for an extended period of time, and one day his computer simply wouldn't boot up. He took it to a PC repair shop that told him it was so riddled with spyware that the hard drive was corroded and that's why it wouldn't start. This was years ago, and I'm sure operating systems are better and browsers are better, etc., but it's still a possibility because I know someone who had it happen to them.

 

Hi JR,
I wonder if, prior to the "train wreck" he had stated how his system ran so well because he ran without an AV?
Or maybe he said that such things were only for the masses?

Then he learned the error of his ways.

Regards,
Jerry

 

very true jerry

 

And it's a good reason to have something like keriver 1-Click that have own console to recover and load health system. I have to machines without AV
XP SP3 with PFW (with enabled Restricted Rights for some apps), ERP, WTF
Win 7 with OA Free (with enabled RunSafer Mode for some apps), SS, TTF
Both systems have MBAM and EEK on demand, Firefox with NoScript, AdBlock, VTzilla and BD TrafficLight.

 

Years ago (about 10-11 years ago) I was one of those people my OS was Millenium and I would download music, games and films from Kazaa. I used a shared computer and I know that one person was basically only using it to look at porn. I do think that we have better in built protection than back then.


At the moment I've stripped my AV (avast) down to a near bare minimum and I don't really notice it's impact on my system. Because of this, I find it difficult to consider getting rid of it.

 

You might notice it more if you removed it completely.. anything that scans or does anything with every file accessed (among other things) will have at least some impact on things, although some AVs more than others. I have found that there is a difference when the AV is completely removed, or never there to begin with on a new install of Win.

 

I did turn off my AV for about 15 minutes last night and I didn't notice any difference in speed. It's safe to say that I didn't give it long enough to find out. I've also got a decent amoun of RAM so I think that'd help too. WHen I just looked under process in Windows TAsk Manager it sad that my AV was using 2,296 k.

 

Going without an antivirus is very easy, not hard as some here think it is. My computers never have any kind of problems, no BSOD, no freezing, no nothing like the type of problems that people report all the time. My XP is old but never had to be reformat and seems to run better than when it was new. It might not be related but in my opinion I don't have any kind of issues or problems because I avoid using scanners. Theres got to be a connection somewhere.

Thats why when I purchased 2 W7 computers this past year, the first thing I did after the first boot was uninstall the Norton trial that HP computers come with. For one, they gave me a one year license for NOD32, that license has never been used.

Going without an antivirus is not for everyone and is not something that I recommend but when I decided to do it, it was very easy, I made the decision to drop using one on the spot, there was no pondering about it or being scared for the first day or for the first couple weeks that I went without one. I was ready and I knew it. In my case, using an antivirus gives me stress.

Bo

 

I'm running a laptop with Win 7, 4 GB ram, about 3 years old technology. I can definitely see a difference when there is no AV (not necesarily just turning it off). But, then again, others may not. It's fairly subtle, but it's there.

I don't mind running one myself, but I also enjoy the challenge of settings things up to run without one. So really, either way is ok for me. I actually think I can be safer without one, given that no AV is perfect, and that there are FP issues with most at one time or another, and there is also some system impact for me. Other solutions feel lighter and honestly seem more bullet-proof.

But, this could be argued all week with no resolution. The bottom line: to each his own..

 

Bo, what you said their sums it up perfectly; it didn't feel like a difficult choice for you rather it was a very easy choice. If a person is finding it much more difficult to decide it's probably because it's not for them. It's about how you use your own computer and making an appropriate choice. I use Steam and do like to try out new software programs fairly regularly and because of that an AV does serve a purpose of convenience rather than having to uplad files to the cloud and then realising the files is too big to be scanned.

 

There is also MBAM on-demand for this, rather than a resident AV....