im finish with avira..... after heavy infection

Discussion in 'other anti-virus software' started by simisg, Jun 16, 2009.

Thread Status:
Not open for further replies.
  1. ypestis

    ypestis Guest

    What I do know is that for me ,backup programs do not work,
    kiss you arse goodbye Maricrum reflect.
    What I do kown is that A DVD-R copy of my files and the Windows Xp Disk work very well.
    Backup boys say 15 mins,my way is at least three hours just reformatting,and
    a couple of hours tweaking on BlackViper,Plus downloading programs.
    But my way works every time.
    Not something I want to do every day,but once a year (average) i can live with it.
     
  2. Osaban

    Osaban Registered Member

    Joined:
    Apr 11, 2005
    Posts:
    4,851
    This might easily get off topic, but if it is intended as the ultimate remedy against ...heavy infection, I think it is pertinent.

    I gather you are not happy with backup programs, and if they don't work, you are right, reinstalling Windows is the only alternative. It took me 2 hours installing Vista 64 bit and another hour to update it. Then I spent 2 days reinstalling all my programs and fine tuning the system to my satisfaction. OK, I might be a bit of a slow operator, one could possibly do it in 5 hours.

    As soon as I finished my installation I back it up to a USB drive: time 9 minutes. Once the backup finished, I restored the system straight away to test it: time 10 minutes. Now whether you choose my long 3 days or your short 5 hours, you must admit that 10 minutes beats them all.
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Interesting.
     
  4. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    It seems that you don't know how your favorite program works by saying this... ;)

    Stefan is absolutely right!
     
  5. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    Doesn't have nothing against Comodo.

    With Comodo, if you try to execute an infected file, first it detect if the file is benign/malign/unknown, based on its signatures and other methods.
    Only if Comodo doesn't detect nothing malign on file will use its HIPS feature and show you a preventive alert to let you choose what you want to do with it.

    So:
    First is Detection
    Second is Prevention

    Am I wrong?
     
  6. Antarctica

    Antarctica Registered Member

    Joined:
    Feb 25, 2003
    Posts:
    1,824
    Location:
    Canada
    ssj100, the problem with HIPS is that they are only for geeks. How is my wife or my mother would answer all the pop-ups?
     
  7. 3xist

    3xist Guest

    Here are one of my replies from back in January with a similar question:

    Development Activities for CIS

     
    Last edited by a moderator: Jun 18, 2009
  8. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    For geeks and extremely patient persons... :D

    This is why I prefer a well done Behavior Blocker than an annoying and useless HIPS...
     
  9. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    And for those who are untiringly and eager.
     
  10. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    I agree that this declaration is very confusion, but not for me since if you use an AV and HIPS, the Detection is always the first.

    But this is just my opinion based on what happens on the systems with this configuration, and the way I think it should works.
     
  11. rdsu

    rdsu Registered Member

    Joined:
    Jun 28, 2003
    Posts:
    4,535
    I'm talking about the type of HIPS used, for example, by Comodo.
     
  12. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    Agreed. I have said that many times in this forum. The ultimate AV is an image that is not infected.
     
  13. Bunkhouse Buck

    Bunkhouse Buck Registered Member

    Joined:
    May 29, 2007
    Posts:
    1,058
    Location:
    Las Vegas
    The guy is a kibitzer. Has nothing to add- just takes shots at Avira users.
     
  14. elapsed

    elapsed Registered Member

    Joined:
    Apr 5, 2004
    Posts:
    7,076
    Thanks for reviving an old debate finished by PMs, wanting in on the action eh? Le sigh... typical you.
     
  15. Macstorm

    Macstorm Registered Member

    Joined:
    Mar 7, 2005
    Posts:
    2,631
    Location:
    Sneffels volcano
    Seatbelts and airbags were created for reducing your chances of being injured or killed in an accident. They in themselves weren't made to save your life.

    The same goes for AV programs & Firewalls. They both together form the first line of defense against any type of malware, but they are not infallible.
     
  16. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    Originally Posted by 3xist:

    I think we define "prevention" in a different way. Do you mean "prevent an infection to take place at all" or "prevent that a malware can fully activate, stay resident in the system"?

    In the house / burglar analogy, I would say: door = av programm, blocks the malware from entering the system. alarm system = someone managed to get in, alarm the owner, prevent the burglar from stealing (everything). Insurance company = clean up (pay) for the mess (backup, restore).

    I don't understand why you claim it is better to let the malware run in order catch it (via behaviour monitoring/HIPS) rather than not to allow it to start at all.
     
  17. Einsturzende

    Einsturzende Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    390
    Location:
    neubauten
    It can be FP..., especially heur:packed detections ;)
     
    Last edited: Jun 19, 2009
  18. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I'm sure he'll correct me if I'm misquoting him but I drew the inference that he was advocating a default deny approach whereby anything unknown would be blocked from running at all without being implicitly allowed to do so,rather than run then cross your fingers and hope for the best that anything malicious is spotted.
     
  19. Stefan Kurtzhals

    Stefan Kurtzhals AV Expert

    Joined:
    Sep 30, 2003
    Posts:
    702
    That's whitelisting. Which has the problem - how do you know if a program is 100% safe and clean? It's much easier and faster to find out if a program is possibly malicious instead of being 100% sure that a program is safe.

    And blocking every unknown application? I don't see how that can work with normal users who try out new software all the time.
     
  20. demoneye

    demoneye Registered Member

    Joined:
    Dec 30, 2007
    Posts:
    1,356
    Location:
    ISRHell
    i 100% agree with ssj100 approach, avs ONLY as stand alone protection is long time over , we need a good HIPS ( in his case D+) to cover new o-days threats .


    cheers:p
     
  21. andyman35

    andyman35 Registered Member

    Joined:
    Nov 2, 2007
    Posts:
    2,336
    I'm not particularly advocating either approach over the other,my own preference for a first line of defence is the Sandboxie approach where it doesn't matter if the file is malicious or not.
    The key to the usability of a whitelisting approach is a sufficiently extensive database of known good executables to keep things running smoothly.A big task but surely it's easier to add good stuff which after all is in the open and accessible than retrospectively blacklisting malware which is only discovered once it's already causing harm?
     
    Last edited: Jun 19, 2009
  22. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    Whitelisting (HIPS) vs. blacklisting (AV, behavioral blocking) - the two concepts and a long debate.

    Personally, I prefer antivirus with a giant database of signatures, exceptional heuristic and a good behavioral blocker. HIPS are too annoying for me.

    Let my computer serve me! :D
     
  23. Zimzi

    Zimzi Registered Member

    Joined:
    Jul 10, 2005
    Posts:
    289
    On the other hand I do understand your point too. Almost every day very easily found malware that can not be detected by at least half of the AVs on Virus Total, for example (including Avira or NOD32).
     
  24. ypestis

    ypestis Guest

    You sir are the reason God made A-2 AntiMalware!
     
  25. Saraceno

    Saraceno Registered Member

    Joined:
    Mar 24, 2008
    Posts:
    2,404
    If a-squared's anti-malware continues to develop and improve, I'll be one happy customer.
     
Loading...
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.