Why I am also finished with a AV

Discussion in 'other anti-virus software' started by trjam, Jul 3, 2008.

Thread Status:
Not open for further replies.
  1. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,102
    Location:
    North Carolina USA
    After giving this some thought, it really doesnt make sense if you have a reboot software, restore software, or shadow program. I started thinking about the argument of using a AV with a program like SD. But the reality is, yes it may alert you to something while in shadow mode, but the amount of malware that also escapes the majority of AVs is staggering. It doesnt make sense to load up something that still creates a leak in your protection. And with some, a large leak. It makes more sense knowing, that your chances of any being hit are small, and a reboot will clear and clean your PC. Hate to say it, but I am another one that things the day of the AV has come and gone.

    My method may not be the best, but I still think it is better then the alternative until something else comes along.
     
  2. Baz_kasp

    Baz_kasp Registered Member

    Joined:
    May 1, 2008
    Posts:
    593
    Location:
    London
    Depends on what you class as an "AV" ;)

    Some of those AV's have evolved to beyond what is expected of a bog standard antivirus application. And offer better protection against certain threats than any restore softare...for example password stealers which do not need a reboot to steal your information :p
     
  3. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Avs are good for newbies, pros don´t need avs. But if you think about the latest generation of malware which in fact is only a massive combination of very old tricks Avs are obsolete. Virus + Operating system melting together, there is no cure, I even would go that far to say nowadays systems are in several cases a Hybrid of Virus and OS. Call me paranoid but windows is the best example, no matter if Nt4.0 ,5.1 or 6.0.

    You don´t need to search for viruses the operating system is in first place a kind of bestialized rootkit virus.
    Dig deep in windows files and filesystem and you will find things that are so damn odd...
    .....your unconscious will tell you there is something totally wrong..... was there a pact with nsa or cia?
    ...you will find a dynamic rolling beast matrix that has only one Aim...
    total control.....and absolute information absorption.....
    (likely this is also valid for other OS (multi platform malware, backdoors by default) but that is not my expertise)
     
    Last edited: Jul 3, 2008
  4. Kerodo

    Kerodo Registered Member

    Joined:
    Oct 5, 2004
    Posts:
    8,014
    For me, an AV is mostly just an old habit that dies hard I guess... I seem to always wind up putting one on, even when I have convinced myself that I don't need one, i.e., I have a few good images of the HD, I don't often encounter malware anyway, I am an educated safe sensible user, etc...
     
  5. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    That begs the question - what defines a "pro"?
    Yes, you're paranoid. There is always a cure - start at the beginning again will cure to that state.
    Pure BS.

    Blue
     
  6. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Realisitically speaking, I really don't see that coming to pass.

    Some of the specific mechanics may change, things may look and function differently. However, as long as people are able to download executable content from the Internet, a key question will always be "What do I do to validate the fidelity of this material?" Given that disassemblers are not the tool of choice for the masses, some form of "AV" will always be around. Maybe it's a blacklist, perhaps a whitelist, perhaps a customized subscription on-demand analysis or certification service. Who knows, but the end result is the same - some level of validation (and it won't be absolute surety) that the downloaded material is not purposefully malicious.
    As with any security approach, you really shouldn't try to view it in terms of absolute "best" since there are fluid tradeoffs that are dynamically made in rendering the decision. This causes the definition of "best" to be fluid as well.

    Blue
     
  7. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    Blue extract strings of your Explorer.exe, extract strings of your Winlogon.exe just as an slight example. Go to EOF make a little check... I bet you will find something but something odd. Before you say BS you should first bring us proves. Nobody officially explained the dhlptx subhack phenomenon except tagmeme.com´s subjective view of worldwide kernel subversion. Why should Rutkowska aka $oana (crypto view) state that about 70% of all computers worldwide are infected with stealth malware?!
     
    Last edited: Jul 3, 2008
  8. SteveS335

    SteveS335 Registered Member

    Joined:
    Jan 16, 2007
    Posts:
    43
    Well,

    I agree with Baz. If your passwords were stolen before you rebooted what good is that restoration going to do?

    Steve
     
  9. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    I think the Antivirus company's know there at a dead end of keeping up with the bad guys and are starting to Implement hips/behavior blockers, link scanners or web guard to try and beef up there products Because in reallity they know they are failing. I think for the most part it still will probably be the most widely used security application In the Home or buisiness.For Example there was a poll in here some where, If only one security can be used which would you choose,If I am not mistaken the AV was leading the poll by a large margin.For me I feel secure with just ShadowDefender But I do like a AV real time or demand that can at least try to validate something .
     
    Last edited: Jul 3, 2008
  10. mnosteele

    mnosteele Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    196
    Location:
    Chesapeake, VA USA
    The flawed logic is that if nothing is used to prevent infections i.e. an antivirus program and you will just restore things if infected...... what happens if you are infected with a trojan that steals your passwords or personal information? If identity theft occurs it is a major task to remedy all the problems that ensue. "Pros" always think it won't happen to them but on the chance it does no matter how slight it can and will cause more of a headache than anyone wants to deal with.

    :)
     
  11. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
    This damn little by default os virus even notices when it is placed inside a virtual machine: http://i27.tinypic.com/25gb294.png Underground X, Mr.X. f=o=x inside the b=o=x.
     
  12. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    With out a doubt, Identity thief is the worst of all at least IMO.
     
  13. SystemJunkie

    SystemJunkie Resident Conspiracy Theorist

    Joined:
    Mar 3, 2006
    Posts:
    1,500
    Location:
    Germany
  14. bellgamin

    bellgamin Registered Member

    Joined:
    Aug 1, 2002
    Posts:
    8,119
    Location:
    Hawaii
    With respect to those topics headed by titles such as "I'm going naked" and "AVs are passé" -- IMO those threads are little more than pathethic attempts to get attention by trying to say something contrarian or sensational.

    IMO, an AntiVirus program remains a useful lifeguard for those adventurous souls who often surf in the web's "shark-infested waters."

    As to folks who do little more than wade in the shallow end of the web's "indoor pools" -- such as at Yahoo or here at Wilders, etc. -- I grant the possibility that an AV-lifeguard might not be truly essential. Ho-hum :-*

    Now you know why I got evicted from "Home on the Range" (I said a discouraging word.)
     
  15. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    To paraphrase Sigmund Freud, sometimes random gibberish is just, well, random gibberish.
    While this is not at the EOF, it's still gibberish
    I have no idea. Here's a possibility though..., she's wrong or possibly you've misinterpreted her words. About the only reference that I can find along these lines (see here, note - that is a direct link to a PPT file) is where Ms Rutkowska is quoting a Gartner prediction reported here, and the quote is rather different than the usage you employ. Of course, perhaps I'm missing the direct statement that Ms Rutkowska made to that effect, in which case, could you direct me to it?

    Regards,

    Blue
     
  16. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    Gee, that's remarkably illuminating....., of what may I ask?

    Blue
     
  17. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,131
    for those that really think they can go with out an AV & or a good firewall, are crazy. It isn't that av's are passe they just haven't totally kept up totally . My gosh I see people being had everyday by keyloggers etc & have seen their checking accounts compromised because they thought they either didn't need it or just didn't know better. Your job is to know what's good for what kind of things you expose yourself to. For those that don't want to run AV's etc, do so but please don't complain when you are trully compromised, trust me there are & is some nasty stuff out there & if you have ever had your identity compromised you more than know that an ounce of provention is worth a pound of cure...
     
  18. BlueZannetti

    BlueZannetti Registered Member

    Joined:
    Oct 19, 2003
    Posts:
    6,590
    larryb52,

    I wouldn't go that far. It is relatively easy to go without an AV successfully. It simply involves an alternate approach, mindset, as well as some additional user based cautions. I wouldn't necessarily recommend it for casual users at the moment.

    Some users that go the non-AV route are overly naive of their own capabilities and fall into the rabbit hole, but many know precisely how to approach the situation and can succeed with no problem.

    Blue
     
  19. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,131
    to each their own but I've seen the results of poor judgement & the damage it does to one's credit report, IMO you can't be too safe... no nothing is perfect but with some intelligent thought even those that would prefer free can prevent exposure. If there's nothing of consequence on your drive you have little to worry about but if you have ever bought something or done banking online than I suggest highly to think again...
     
  20. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    20,590

    OMG, I must be crazy.:argh: I've been running without an AV or AS for at least 6 months with no issues. Now would I recommend my approach for everyone. Nope.

    What really is needed is to assess your vulnerabilities and then look at the best way to protect yourself. That is what I have done.

    Pete
     
  21. wat0114

    wat0114 Guest

    I see the AV as a kind of insurance policy with the usual buried clauses stating: "does not cover against damage due to earthquakes or wayward meteorites" but at least it covers damage due to the majority of potential calamities. I've gone without it for short periods but always went back it.
     
  22. cortez

    cortez Registered Member

    Joined:
    Nov 19, 2006
    Posts:
    450
    Location:
    Chicago
    Even with a "reboot solution" application an AV can prevent the need to reboot by isolating the malware (and preventing a meltdown) and let the browsing continue undisturbed.
     
  23. larryb52

    larryb52 Registered Member

    Joined:
    Feb 16, 2006
    Posts:
    1,131

    that's what I said if you read fully & I don't apprecaite you making light of security issues when I have seen them impact people lives, this is a security forum is it not?, in all respect I think you need to reread my post...or posts...
     
  24. 031

    031 Registered Member

    Joined:
    Sep 5, 2007
    Posts:
    187
    Location:
    Bangladesh
    No matter how complex the malware is, only a simple signature is enough (in most cases) for the av to eliminate the threat , and these days it doesn't take more than 2-4 hours . And boot to restore is no way good for online banking or shopping because if a keylogger can log and send your key strokes then what the hell would you do after restart ,re-boot whatsoever . A simple hips would be more efficient . My thoughts are, av days are not over but they just have to add some new modules of protection like behavior blocker or easy to use hips and they are doing it very nicely .
    Well at the end of the day if the malware is 4 hours old and your av is updated then nothing to worry about (unless you are already infected ).
    Boot to restore is suitable for two types of users :

    1. child . (beieve me , my 8 year old sister can mess up any computer within 20 minutes . Last time she deleted my whole pdf collection . now i use passwords .)

    2. Users who has the potential to infect themselves with new malwares within that 2-4 hours period . My personal experience is in most cases the malware doesn't find the user , brave and stupid surfers somehow find them .
    Sandbox or safespace is effective in this circumstance .

    I believe every poster in wilders is an advanced user , this is the reason you guys do not feel that 98% pc users don't want to understand anything related to their pc . If you tell them "Every time you boot , your pc will be ok " they will be very happy . Well when you add " Be careful with your documents , photos etc etc because they will be also gone after reboot and don't save them in c drive " they will start to panic and end up in uninstalling that software . You can show me hundreds of features of that boot to restore software but yet again i want to remind you that you are an advanced user , not like the rest 98% . Thus hips are also out of equation because whatever the popup is the answer is yes . I installed oa and comodo in some of my friends pc and they never ever bothered with the popups . The decision was always allow .

    So an av with an behavior blocker is the perfect setup for an average user because not only it provides enough protection but also most user can handle it . Well these are just my thoughts .
    take care :) :) :)
     
  25. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Looks like Bingo:D
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.