Monday, April 27, 2009

The Anti-Virus guru is not born yet

You know that.

Everyone deep inside knows that he's not satisfied with his Anti-Virus. Yes you defend it in front of your friends. But you know that it's not the guru.


Nod32: Consumes too much memory.
Kaspersky: It treats everything as a virus including me.
Norton: Most viruses know how to kill it.
Avast: They want to sell you the professional software by any means.


I will not suggest anything. But I will ask you one question.
Have you seen an Anti-Virus that does only his job?

There is always an "AND". An Anti-Virus AND a SPAM filter AND a Pop-Up Blocker AND a Firewall. Why don't I have an Anti-Virus that detects viruses only?


When that guru is born. Nobody will buy it. Nobody will spend hours on Google trying to crack it.

Because it will be for free. And yes, everybody will talk about it.

At least I know that guru will be a Purple Cow Anti-Virus.

10 comments:

  1. To be honest I found nod32 to be my anti virus of choice, it's quite sophisticated when it comes to treating viruses(for example doesn't label key generators as viruses while they clearly aren't), it never interferes with my work and updates itself quietly in the background with just a few kilobytes.

    I'm not sure why you say it consumes a lot of memory, I'm using nod32 4(just the anti virus not the whole security suite) and it's using 50mb of my ram, which is nothing in today standards, and I've never noticed any degrade in my system performance since I installed it.

    Even its menus are simple yet stylish.

    Just my opinion :)

    ReplyDelete
  2. @Yaseen
    Thanks for your comment.

    I did use NOD32 too, its a great choice, but I notice some problem with the XP version, its service consumes up to 100 MB. The one I had had other services besides the actual anti-virus.

    I didn't use NOD32 4, its seems a good one since it allow only the anti-virus to be installed not the whole suite.

    My point being, a Virus is a program that sabotage your machine. If I created a virus, the Anti-Virus shall ban it whether it is known or still unknown. It is a big challenge.

    But really thanks for your comment titi, you brought new thoughts to my attention.

    ReplyDelete
  3. Well, the problem is that there's no definition for virus, viruses aren't always harmful destructive codes, sometimes viruses are friendly, they just transfer few files from your computer to a server over the internet, use your computer to do some POST and GET requests, your web browser does that all the time and it's not a virus, why should scvhost.exe get a different treatment?

    There's no way to know if the code executing in memory is evil or not unless you've seen it doing bad before :)

    ReplyDelete
  4. @Yaseen,
    You got a point over there. there is no way to predict that.

    scvhost.exe is a windows service so it should be trusted. But you are right, how can I differentiate that?


    "There's no way to know if the code executing in memory is evil or not unless you've seen it doing bad before :)"

    Got to say its true.


    There should be a way, you're cutting all the possible solutions titi :@

    ReplyDelete
  5. scvhost.exe is a virus, svchost.exe is the trusted service :)

    Basically you could set a list of operations that only trusted executables are allowed to do, although that sounds similar to current firewall\UAC behavior which is very annoying.

    ReplyDelete
  6. @Yaseen,

    Missed the c. I thought you meant the service.

    Yes. Especially in vista whenever you do something you got that prompt its annoying.

    If you installed something then you trust it.
    If you didn't install it (i.e. it sneaked in somehow) Then it is an intruder, windows should treat it differently.


    The question of how remains

    ReplyDelete
  7. Define installed it yourself :)

    You have to tell windows I installed this myself? back to UAC again, you moved the mouse and double clicked the setup? or highlighted the setup and pressed enter? can't the virus do that? what about the many executables installed with the program itself?

    ReplyDelete
  8. @Yaseen
    you are very good at that man,

    Installed it myself, yes how can I tell the machine that I am really a person I did that.

    That will take us to a new era I guess.

    again back to how..

    ReplyDelete
  9. The fun thing about anti-viruses is that they treat each other as viruses. :D

    ReplyDelete
  10. @Cody
    lol they really do Anti-Viruses still fight each other.. and they race to detect viruses..

    they even get paid if they want a crack-tool to be detected as a virus.

    ReplyDelete

Share your thoughts