Main Area and Open Discussion > General Software Discussion

Raymond.cc compares antivirus memory usage

<< < (4/5) > >>

Tinman57:
AV?  That stands for audiovisual  :huh:.  Anti-virus?  Nonexistent save for virii that have already been identified.  Some of the removal systems seem adequate - MalwarBytes comes to mind - but I've yet to find any anti-virus system that could be trusted.  I'll set up a firewall, but it is only as effective as my imagination.  To my mind, anti-virus software is totally useless - it's a safety blanket that doesn't work, that gives a false sense of security.

I read raymond.cc's review.  It was comprehensive.  I appreciate the amount of effort he put forth to create it.  But, in the long run, it's basically useless.  You never know how adequate your security system is until it fails and you know that it failed.

This is common throughout history.  Examples?  Hadrian's Wall, the Great Wall of China, the French Maginot Line, all were circumvented at some point.  Not defeated, circumvented.  And any anti-virus solution will, in like fashion, be circumvented, not by a head-on attack, but by an end run, a circumvention not anticipated by the protection authors.

It is a given.  It's a challenge to some.  And they will not let that gauntlet lie on the forest floor.
-barney (May 13, 2013, 10:21 PM)
--- End quote ---

  With that analogy, since when does a soldier go into battle without his armor and weapons?  My anti-virus software has saved my butt many times, I think I'll just keep on using it....

Stoic Joker:
I gotta go with barney on this. Hardening a system is more a matter of exposure mitigation ... Reduced user permissions, adherence to a patch policy, and removal of unused anything that could open a port. That is the armor. Weapons are user education so the guy on point isn't blind, deaf, and dumb (answers to Tommy/plays pinball ... Sorry..). These days securing a machine without AV is like going hunting without a waffle iron.

I keep MSE installed on my machine only to keep track of its resource usage and FP rate ... its yet to catch anything before I did.

brahman:
This is an interesting thread.

I have also been very concerned about performance of AVs. That's why I have used Clam Sentinel for years, which is an open source way of running the free AV ClamWin resident.

ClamWin is usually used mainly on servers but with Clam Sentinel, it is usable on individual PCs.

Its idle memory usage is better than the winner. When scanning it is about middle of the pack. Easy to disable if you just move files around on your computers and want to do it as fast as possible.

An AV that gives you a lot of control.

As a second opinion for downloads I use Emsisoft Emergency Kit's terminal scanner (formerly called A2Squared) triggered by Firesoft after a download has finished. I use the following batch file for that:


--- ---@echo off
echo.
::After 3 sec default to n (No)
choice /T 3 /D n /M "Do you want A2 to do a RAM memory scan too?  Press"
:: pressed N
if errorlevel 2 goto NOMEM
::Check for wrong keypress and assume no
if not errorlevel 1 goto NOMEM
:: pressed y (Yes)
c:\Apps\tc7\Msc\A2SquaredPort\a2cmd.exe /m /h /a /n /f=%1
goto NEXT
:NOMEM
c:\Apps\tc7\Msc\A2SquaredPort\a2cmd.exe /h /a /n /f=%1
:NEXT
@echo off
if not errorlevel 1 goto END
::Foreground yellow, type in red for better signal visibility
color EC
echo VIRUS ALERT: %1
echo.
pause
:END
echo End of batch program
exit

ajfudge:
To my mind, anti-virus software is totally useless - it's a safety blanket that doesn't work, that gives a false sense of security.

I read raymond.cc's review.  It was comprehensive.  I appreciate the amount of effort he put forth to create it.  But, in the long run, it's basically useless.  You never know how adequate your security system is until it fails and you know that it failed.
-barney (May 13, 2013, 10:21 PM)
--- End quote ---

Here's the problem: not every computer user is as smart as you.
The point of an AV software is to block what was already known, and to update its database to include what's recently been discovered.
Here's an analogy: You build a gate around your house. You don't like how it blocks your house but it's a necessity. It gives you the feeling that you're enclosed but it's there to protect you from trespassers. A day will come that a thief [your "circumventor"] will disgrace your home. But the gate at least provided a challenge, and it kept out any potential wrongdoers [the standard AV definition database].

Here's a similar thing: the issue with regards to Internet usage/privacy/trackers, well they're new. Some programs and services offer to block them, but there will always be something that will know what you do no matter what. It's not fail-safe, but it gives you a fighting chance (this also applies to walls and lines of ancient wars that you mentioned  :)).

Sidenote:
Others suggest to use a security sandbox (read: not Sandboxie). Sometimes they're very useful, but not ideal if you rarely, if not at all, go online.

Giampy:
I believe it's interesting to report the experience of a certain guy who is very busy about security. After years of experience, now he no longer uses an antivirus, but his purpose is reducing the "attack surface". This is his configuration for real-time prevention in Windows XP:

Firewall of Windows XP
ExploitShield Browser Edition ver 0.9.1 beta
SandboxIE 4.01.08 beta
EMET 4.0 beta
DropMy Rights
Norton DNS

Opera, Google SSL, WOT, Adblock, Ghostery, Dr.Web Link Checker.

Navigation

[0] Message Index

[#] Next page

[*] Previous page