Overclock.net › Forums › Industry News › Software News › [Stuff.co.nz] Anti-virus can't keep up with threat onslaught
New Posts  All Forums:Forum Nav:

[Stuff.co.nz] Anti-virus can't keep up with threat onslaught - Page 7

post #61 of 366
I just love reading the AV debates. So many people assume they're just so good at browsing only the most trusted sites with all these no-scripts, running weekly scans of SAS, MBAM, SBS&D, and others, making these claims about never being infected.

You all realize that 9/10 times when you're infected, you don't see any symptoms. It doesn't take much for a virus/trojan/backdoor to string your PC into a botnet or other front end for some mischievous deed.

All of you who run without AV protection and swear you've never been infected because you're so incredibly diligent with 'common sense' in your approach to the web, yet still desire to travel the torrent path with possible sketchy downloads, mystify my sense of logic.

The sad part is, for every single one of you who say you've never been infected and don't use AV because there is no need, you've either been infected more than once or are currently infected with something and don't even know it. thumb.gif
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
post #62 of 366
People here dont seem to realise that MSE is crap, and praised it so much....lol!

If you want really good protection (zer0 day) you need AV/IS with strong proactive modules like behavior blocker, HIPS, application control or similar modules products like Norton, Bitdefender, Comodo, Kaspersky Emsisoft etc, you cant count on signatures or heurestics alone this days anymore, thats why i would avoid MSE, Avira, Ikarus and similar basic protection antivirus products.
Quote:
Originally Posted by Psycho Homer View Post

Anti-virus software will block most off the small threats. But once you get into bigger threats such as rogue AV software which usually come bundled with various ransomware, rootkits such as ZAccess, Sinowall or Pihar they are completely useless.

Having HIPS/Behavior blocker based AV/IS lowering the chance for this kinds of malware to get on your system, even they are still very hard to block i agree, i have KIS 2012 into interactive mode with higher settings then default and its getting almost impossible to bypass, if you select in threats detection to scan for programs marked as "other" which are this kinds of malware as fake avs, and PUPS.
Edited by psyside - 4/5/12 at 8:01pm
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K @4.7ghz(1.39v) 24/7 +D14 Asus P8Z77-V Sapphire R9 290 Tri X @1160/1600 8GB HyperX @2133 
Hard DriveOptical DriveCoolingOS
WD Blue EZEX 1TB & Samsung 840 Pro 256GB (OS) Asus Nocuta NH D14 WIN 7 64 Ultimate 
MonitorKeyboardPowerCase
NEC 2490wuxi (rev 1) Logitech Wave Cooler Master Vanguard 850W Cooler Master HAF 932 
MouseMouse PadAudio
Logitech G5 Cooler Master Xonar STX+ HD595 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i5 2500K @4.7ghz(1.39v) 24/7 +D14 Asus P8Z77-V Sapphire R9 290 Tri X @1160/1600 8GB HyperX @2133 
Hard DriveOptical DriveCoolingOS
WD Blue EZEX 1TB & Samsung 840 Pro 256GB (OS) Asus Nocuta NH D14 WIN 7 64 Ultimate 
MonitorKeyboardPowerCase
NEC 2490wuxi (rev 1) Logitech Wave Cooler Master Vanguard 850W Cooler Master HAF 932 
MouseMouse PadAudio
Logitech G5 Cooler Master Xonar STX+ HD595 
  hide details  
Reply
post #63 of 366
Quote:
Originally Posted by GanjaSMK View Post

I just love reading the AV debates. So many people assume they're just so good at browsing only the most trusted sites with all these no-scripts, running weekly scans of SAS, MBAM, SBS&D, and others, making these claims about never being infected.
You all realize that 9/10 times when you're infected, you don't see any symptoms. It doesn't take much for a virus/trojan/backdoor to string your PC into a botnet or other front end for some mischievous deed.
All of you who run without AV protection and swear you've never been infected because you're so incredibly diligent with 'common sense' in your approach to the web, yet still desire to travel the torrent path with possible sketchy downloads, mystify my sense of logic.
The sad part is, for every single one of you who say you've never been infected and don't use AV because there is no need, you've either been infected more than once or are currently infected with something and don't even know it. thumb.gif

No. Some of us are arguing that AV is barely protection at all. As a result of that, we don't bother with it. Perhaps, not in the real time protection sense anyway.
post #64 of 366
Thread Starter 
Quote:
Originally Posted by psyside View Post

People here dont seem to realise that MSE is crap, and praised it so much....lol!
If you want really good protection (zer0 day) you need AV/IS with strong proactive modules like behavior blocker, HIPS, application control or similar modules products like Norton, Bitdefender, Comodo, Kaspersky Emsisoft etc, you cant count on signatures or heurestics alone this days anymore, thats why i would avoid MSE, Avira, Ikarus and similar basic protection antivirus products.

Summed up: Get packages with 'real-time protection' as it's marketed as.
The paid-for ones tend to be better for this as well.

Kaspersky is the best paid-for AV whilst currently surprisingly currently, based on AV-Test.org tests, AVG Free is the best freeware AV.
post #65 of 366
Thread Starter 
Quote:
Originally Posted by ahnon View Post

No. Some of us are arguing that AV is barely protection at all. As a result of that, we don't bother with it. Perhaps, not in the real time protection sense anyway.

Some protection is better than none.
post #66 of 366
Quote:
Originally Posted by psyside View Post

People here dont seem to realise that MSE is crap, and praised it so much....lol!
If you want really good protection (zer0 day) you need AV/IS with strong proactive modules like behavior blocker, HIPS, application control or similar modules products like Norton, Bitdefender, Comodo, Kaspersky Emsisoft etc, you cant count on signatures or heurestics alone this days anymore, thats why i would avoid MSE, Avira, Ikarus and similar basic protection antivirus products.
Having HIPS/Behavior blocker based AV/IS lowering the chance for this kinds of malware to get on your system, even they are still very hard to block i agree, i have KIS 2012 into interactive mode with higher settings then default and its getting almost impossible to bypass, if you select in threats detection to scan for programs marked as "other" which are this kinds of malware as fake avs, and PUPS.

You also have to realize the market that this software is geared towards. Consumers who have minimal knowledge of computers and expect everything to work right out of the box with no configuration. They don't want or know how to even configure this software. And more importantly they don;t want to be bugged by every detection that highly configured software can make. Then on top of the notifications then the user actually has to pick an action. They are going to have no idea what to pick. Hell, even Norton has simplified itself so much for installation it only has a single button that says install.
CASTLE GRAYSKULL
(17 items)
 
  
CPUMotherboardGraphicsRAM
AMD RYZEN 7 1700 3.93 GHz GIGABYTE AORUS GA-AX370-Gaming K7 EVGA GeForce GTX 980 4GB K|NGP|N G.SKILL TridentZ Series F4-3200C14D-16GTZSK  
Hard DriveHard DriveCoolingOS
WD Black 4 TB WD4001FAEX Intel SSD DC P3600 1.6TB EKWB EK-XLC Predator 360 Windows 10 Pro x64 
MonitorMonitorKeyboardPower
23” Dell™ UltraSharp U2312HM x2 27" Yamakasi Catleap Q270 OC Corsair Gaming K95 RGB SeaSonic Platinum-1000 
CaseMouseMouse PadAudio
EVGA DG-86 Dream Machines DM1 Pro Glorious XXL Extended ASUS Xonar Essence STX 
  hide details  
Reply
CASTLE GRAYSKULL
(17 items)
 
  
CPUMotherboardGraphicsRAM
AMD RYZEN 7 1700 3.93 GHz GIGABYTE AORUS GA-AX370-Gaming K7 EVGA GeForce GTX 980 4GB K|NGP|N G.SKILL TridentZ Series F4-3200C14D-16GTZSK  
Hard DriveHard DriveCoolingOS
WD Black 4 TB WD4001FAEX Intel SSD DC P3600 1.6TB EKWB EK-XLC Predator 360 Windows 10 Pro x64 
MonitorMonitorKeyboardPower
23” Dell™ UltraSharp U2312HM x2 27" Yamakasi Catleap Q270 OC Corsair Gaming K95 RGB SeaSonic Platinum-1000 
CaseMouseMouse PadAudio
EVGA DG-86 Dream Machines DM1 Pro Glorious XXL Extended ASUS Xonar Essence STX 
  hide details  
Reply
post #67 of 366
Web is relatively safe. You shouldn't get anything on regular web site because they are well secured and the source is safe. As soon as you download programs, files or whatever you do on the web that require you to add content from the web to your computer, it is potentially putting you at risk of also downloading a virus.

I won't say what I download, but I did get some threats, and my anti-virus blocked execute known as being a virus (so it is a old virus, probably use by a script-kiddie). If you are using torrent by example, you do need an A-V just to block as much as you can the crap you can get.
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
My System
(15 items)
 
  
CPUMotherboardGraphicsRAM
i7-4790k MSI Z97 Gaming 5 Sapphire R9 290X Tri-X 2x8gb ADATA 2133MHz CL10 
Hard DriveCoolingOSKeyboard
Mushkin 1 TB SSD & Samsung F3 spinpoint 1 TB MCP655A + 2 x MCP320 + EK supreme copper Win10 Corsair K70 Lux 
PowerCaseMouse
Corsair 750W Bitphenix Monstrous water cooling case Logitech G9X 
  hide details  
Reply
post #68 of 366
Quote:
Originally Posted by MrAlex View Post

avast! seems to do the best out of the whole lot, and I do think it tries to keep up. Every day there is at LEAST one database update. 

All I use. Avast + W.O.T. + common sense.
 
FPS Death Machine
(15 items)
 
 
CPUMotherboardGraphicsRAM
Q6600 @ 3.905 GHz Gigabyte GA-EP45-UD3R EVGA SuperClocked GTX 660 4GB Kingston Hyper X DDR 2 
Hard DriveHard DriveOptical DriveCooling
Western Digital VelociRaptor Western Digital Caviar Black 1 Pioneer AIO Prolimatech Megahalems 
OSMonitorKeyboardPower
7 Ultimate x64 ASUS VH232H Microsoft Rosewill CAPSTONE-650  
CaseMouseMouse Pad
Antec 300 [MOD IN PROGRESS] CM Xornet Elvis 
  hide details  
Reply
 
FPS Death Machine
(15 items)
 
 
CPUMotherboardGraphicsRAM
Q6600 @ 3.905 GHz Gigabyte GA-EP45-UD3R EVGA SuperClocked GTX 660 4GB Kingston Hyper X DDR 2 
Hard DriveHard DriveOptical DriveCooling
Western Digital VelociRaptor Western Digital Caviar Black 1 Pioneer AIO Prolimatech Megahalems 
OSMonitorKeyboardPower
7 Ultimate x64 ASUS VH232H Microsoft Rosewill CAPSTONE-650  
CaseMouseMouse Pad
Antec 300 [MOD IN PROGRESS] CM Xornet Elvis 
  hide details  
Reply
post #69 of 366
I used to be one of the 'never get infected and don't need AV' guys. Then one day my webcam turned on! So after an AV check I find out it was a virus that takes webcam pics then uploads them, among other nasty stuff.

So now I run Zone Alarm, Malwarebytes Anti-Malware, SUPERAntiSpyware and Hitman Pro (Cloud AV).

Every few months viruses appear out of nowhere, but much less often than when I didn't have a decent Firewall.
post #70 of 366
Quote:
Originally Posted by ahnon View Post


No. Some of us are arguing that AV is barely protection at all. As a result of that, we don't bother with it. Perhaps, not in the real time protection sense anyway.

Look, take MSE for example. It scans things (in real time and on schedule) at the bit level. So it may very well pass over something dormant, but the moment something is triggered, it will detect it. Here's an example -

1. You scan with MSE and find nothing.
2. You scan with MBAM and it flags something.
3. You don't remove it with MBAM for the time being.
4. You restart both scanners, but start your scan with MBAM first and then start your scan with MSE.
5. MBAM flags previous file just like before.
6. Because MBAM flagged the file, MSE is alerted because the file has been accessed through MBAM.

I've had this happen twice. I've also had MSE stop several links in Chrome, pages in IE, and otherwise too in real time.

So having no protection isn't really the logical thing to do. I mean - think logically here - would you leave yourself unstrapped/unrestrained on a rocket ship to space?
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
INTEL ASUS XFX  SAMSUNG 
Hard DriveOptical DriveCoolingOS
WD/ST LG KUHLER WINDOWS 
MonitorKeyboardPowerCase
LG/SAMSUNG IBM MODEL M CORSAIR THERMALTAKE 
MouseMouse PadAudio
MS INTELLIMOUSE EXPLORER 3.0 REGULAR LARGE PAD ONBOARD but it USED TO BE A XONAR DG  
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Software News
Overclock.net › Forums › Industry News › Software News › [Stuff.co.nz] Anti-virus can't keep up with threat onslaught