Jump to content

An antivirus question


Eli

Recommended Posts

Hi,

It is a long time question that I`m having, and up until now it remained puzzling:

We use an antivirus or anti malware software hoping to keep our pc safe, and secured, now the question:

The antivirus has unlimited privileges that no other installed software has, isn`t that in itself a huge security breach?? somewhat like letting the cat watch the milk? m` I being paranoid or, or having realistic logic grounds for doubt? and if yes, what are the alternatives?

OS : MS windows XP pro sp3 Processor : AMD Athlon 64x2 Dual core 3800, 2009Mhz.
Mother board : Gygabyte M61 PM-S2 Ram : 3GB
Disk space : 649.05 GB Default browser: Firefox
Protection : Sandboxie, MBam free version

Link to comment
Share on other sites

  • Moderators

to put it as nicely as I can, yes, you are being paranoid. :)

 

there is one piece of software higher than your AV - your OS has system-wide privileges.

all Microsoft digs aside, you trust the OS is doing the right thing.

you have to trust something.

 

there are no alternatives, apart from having no AV, and although some conspiracy theorists go down that path, it's simply head-in-the-sand ignorance.

Backup now & backup often.
It's your digital life - protect it with a backup.
Three things are certain; Birth, Death and loss of data. You control the last.

Link to comment
Share on other sites

Welllll, there's a difference between paranoia and healthy caution.   :ph34r: 

 

I have thought about that for a long time also.  Agree w/ mta, there is no good alternative. 

 

There are ways to double check, like independent online virus scanners, system monitoring software, a good, configurable firewall, virtualization, imaging software, etc.  Then there are Live CD's, which start fresh every time and will not retain malware. 

 

But yes, eventually "you have to trust something".

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

If Google or Facebook or Twitter created an AV, would you trust it?

Nope,but then I do not trust any body with priveleges on my pc, maybe sandboxing would be less of a security breach although not air tight.....

OS : MS windows XP pro sp3 Processor : AMD Athlon 64x2 Dual core 3800, 2009Mhz.
Mother board : Gygabyte M61 PM-S2 Ram : 3GB
Disk space : 649.05 GB Default browser: Firefox
Protection : Sandboxie, MBam free version

Link to comment
Share on other sites

  • Moderators

I've never trusted antivirus but for a completely different reason; they detect something, then it turns out to be a false positive. All I've ever gotten from them are false positives and a degrade in performance. Luckily I've never had any real infection, just those false positives, and I've scanned my system and files over the years with umpteen different anti-virus and anti-malware software.

 

I do find it rather interesting if a system gets so badly infected it typically isn't the traditional anti-virus or anti-malware software that everyone knows and has installed that's used to remove it, usually it's some specialized tool.

Link to comment
Share on other sites

  • Moderators

Antivirus tools do have unprecedented access to certain parts of the OS but I think only those that get special license from Microsoft do (such as the intel key in the registry).

 

ADVICE FOR USING CCleaner'S REGISTRY INTEGRITY SECTION

DON'T JUST CLEAN EVERYTHING THAT'S CHECKED OFF.

Do your Registry Cleaning in small bits (at the very least Check-mark by Check-mark)

ALWAYS BACKUP THE ENTRY, YOU NEVER KNOW WHAT YOU'LL BREAK IF YOU DON'T.

CCLEANER, RECUVA, DEFRAGGLER AND SPECCY DOCUMENTATION CAN BE FOUND AT  https://support.piriform.com/hc/en-us and  https://www.ccleaner.com/docs

Pro users file a PRIORITY SUPPORT request at https://support.piriform.com/hc/en-us/requests/new

link to WINAPP2.INI explanation

Link to comment
Share on other sites

 

 

..I do find it rather interesting if a system gets so badly infected it typically isn't the traditional anti-virus or anti-malware software that everyone knows and has installed that's used to remove it, usually it's some specialized tool.

Meaning...that all this infections come about right through the protection... and once infected some other tool does the catching and cleaning job...that I know also from my personal experience..exactly what brought me to that question I asked...gain and lose are not clear here....

OS : MS windows XP pro sp3 Processor : AMD Athlon 64x2 Dual core 3800, 2009Mhz.
Mother board : Gygabyte M61 PM-S2 Ram : 3GB
Disk space : 649.05 GB Default browser: Firefox
Protection : Sandboxie, MBam free version

Link to comment
Share on other sites

  • Moderators

If Google or Facebook or Twitter created an AV, would you trust it?

on face value, hell no.

like any piece of software that goes on your PC, it should be; researched, reviewed, how often it's updated, company profile,  etc.

but passing those checks, and if it met my criteria and expectations, they I would give it a crack.

Backup now & backup often.
It's your digital life - protect it with a backup.
Three things are certain; Birth, Death and loss of data. You control the last.

Link to comment
Share on other sites

If Google or Facebook or Twitter created an AV, would you trust it?

 

Nope  ... Facebook ... MMUUAAAaahaaahaahaaa. 

 

But in order to be aware of viruses or similar issues in real time you have to use something in real time.. 

One of the benefits of hanging around forums where the members are not completely whacko pretty knowledgeable is that you can learn from others experiences.

 

What I've done to keep XP safe is adopt a layered approach.

Here on xp the setup is this, listed in order of least disaster to worst. 

- Avast Antivirus + MBAM + Spyware Blaster to catch malware at the point of attack (hopefully). There are alternatives available. 

- Sandboxie, used to run programs in an environment isolated from the real OS.  No good alternative that I know of. 

- Powershadow, a light virtualization software, it allows to just reboot if the problem gets past the antivirus and other realtime protections. There are alternatives like Returnil, Shadow Defender, others which I don't remember right now but other members will.

- Acronis image backup in case all else fails.  Alternatives are Image for Windows or Macrium, maybe others.

- Last but not least, the factory reset disks.that came with the computer.  Or the restore image from the OEM, or something similar. 

 

There is one type of infection I don't much understand, a compromise of the Trusted Platform Module (TPM).  It isn't an issue here on this old machine, so I am not fully read up on it.  But it is a baddie. 

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

  • Moderators

here, here @login123

 

use or don't use an AV.

use or don't use layered security.

[insert here whatever else gives you a warm fuzzy feeling when using your PC]

 

but make damn sure you have some form of recovery process when the brown stuff hits the fan.

Backup now & backup often.
It's your digital life - protect it with a backup.
Three things are certain; Birth, Death and loss of data. You control the last.

Link to comment
Share on other sites

but make damn sure you have some form of recovery process when the brown stuff hits the fan.

 

Yes, quite so.  (Might be you posted that while I was editing.)

 

Anyway, I've learned over several years that Avast and Outpost firewall (maybe others) do indeed send information their masters, but nothing has ever come back to haunt me . . . he says, as there is a loud knock at the door :P.   So at any rate I need the protection and will put up with the "feedback" functions in order to get it.  Others might disagree. 

 

The question posed by Eli is a good one.  I think the answer is to just select protective softwares based on opinions you trust, then watch them to make sure they work. 

The CCleaner SLIM version is always released a bit after any new version; when it is it will be HERE :-)

Pssssst: ... It isn't really a cloud. Its a bunch of big, giant servers.

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.