Security software that changes the system...

Discussion in 'other security issues & news' started by optigrab, Jul 13, 2007.

Thread Status:
Not open for further replies.
  1. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    I'm hoping for a broad, informative and constructive discussion of some of the familiar security software titles that make fundamental changes to the PC file system, OS, MFT, etc.

    From info borrowed from a nearby thread, we can begin to compile a list:

    • Kaspsersky modifies NTFS identifiers.
    • FDISR modifies the MFT.
    • Rollback/Eazfix modifies the whole file system.
    Why do some of you not mind this sort of practice?
    Why do some of you avoid such programs?

    How commonplace is this practice? (Can we add to the above list?)

    Aside from Kaspersky (which has been thoroughly discussed elsewhere), does anyone feel such practices have caused them problems?
     
  2. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,042
    I own all three of the programs mentioned, and I've had no problems with KAV or FDISR. Rollback on the other hand has caused instablilties for me.

    My reasons for using.

    I lilke KAV as it is very fast, and causes me no issues.
    First Defense is my fall back and has saved my bacon on numerous times.
    I would like to use Rollback, but it just isn't stable on my system.

    Do I mind what they do to my system. In terms of KAV and FDISR. No. In terms of Rollback, no if it worked.
     
  3. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Version 7 of Rollback messed up after a couple of months in my machine (the snapshots became corrupted) It was working perfectly for a couple of months and then without any apparent reason the snapshots got corrupted and that made me loose confidence in it.

    I have not used version 8 (since I have to re buy it if I want it and it has shown that 30 day trial doesnt reveal eventual problems) so I can not say if it would work better nowadays. I would buy it instantly if I knew that I could rely on it coz I love their approach.
    I might add that I use the old version 7 in a Vmware session and so far it works fine, but of course I dont use that session as much as I did use RB earlier so that is not a big surprise.

    I have had FDISR for 4 years and it has never failed me or caused any problems. Thats why I accept such practice as you suggest. I dont mind such practice as long as the software does what it claims without creating problems.
     
  4. Seer

    Seer Registered Member

    Joined:
    Feb 12, 2007
    Posts:
    1,596
    Location:
    Singidunum
    I quite agree with this. The point is to always bear in mind what kind of changes the software you're using makes, it will help you to avoid many possible problems. There was a thread some months ago regarding Outpost suite using ADS feature of NTFS (a rootkit technology), which was not welcomed by many. However, I am not so quick with condemning any feature as bad, as long as it doesn't create problems. So, I don't mind system changes, if the software does what it should do.

    A slight OT. I have recently switched from VMware to Parallels (responsiveness is better), but I do remember that VMware (Workstation) has a feature called "snapshots", which basically does the same thing as RollbackRX. I have never used it, so I am just curious - do you find any benefit in using RollbackRX on a VMware, being that it already has a similar feature?
     
  5. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    I havent actually used the Vmware snapshots much and it was quite long time ago so I cant say much about it. I will try it and see if they are similar.
     
  6. optigrab

    optigrab Registered Member

    Joined:
    Nov 6, 2002
    Posts:
    624
    Location:
    Brooklyn/NYC USA
    Okay, I've seen many, many members around Wilders complain when a program doesn't "uninstall cleanly". There have been many threads expressing frustration with well-known AV's that leave stuff behind, threads about registry cleaning, threads about uninstallers like TotalUninstall. And in these cases, we're usually talking about some dead registry entries and a few DLL's. Why are folks more worried about such things than programs that make system changes that IMO are more profound? o_O

    Am I missing something? If I uninstall FDISR or Rollback, do they restore the MFT to it's original state?

    The reason I ask, indeed the reason I started this thread, is that I adopted a lot of my philosophy and sensibilities about security here at Wilders over the years. Not that I am incapable of drawing my own conclusions (for instance, I think that registry cleaning is more often than not a time waster). But one of the basic principals that I thought had been decided was: messy uninstall = bad.
     
    Last edited: Jul 14, 2007
  7. sukarof

    sukarof Registered Member

    Joined:
    Jun 22, 2004
    Posts:
    1,714
    Location:
    Stockholm Sweden
    Hmm..I dont actually know if they restore to the exact original state. All I can say that uninstalling any of them has not done anything bad that I am aware of. Things just work as if they have never been installed. I guess that means that they do a clean uninstall generally.
     
Loading...
Thread Status:
Not open for further replies.