AV Software Isn't Dead, But It's Not Healthy

dasButcher writes "Is a conventional signature-based antivirus technology dead? Trend Micro CEO Eva Chen says no, but more is needed. Her answer: reputational analysis. Not a bad idea, but many have tried and failed to make this type of approach work. We've seen it all before: RBLs, integrity grading, etc. What will make this different? If we're not careful, Trend Micro might give us all a bad Web reputation. "

This is why reliance on AV software is dangerous

[Alioth]

Funnily enough, I just wrote about this:

http://slashdot.org/~Alioth/journal/167405 - includes a link to a major study of a piece of malware which went undetected by the AV companies for months.

Or just go to http://www.secureworks.com/research/threats/gozi/ if you don't want to read my crap.

I've personally witnessed two malware infections where the malware arrived up to a week before the AV companies had updated their definitions.

Re:The fewer the merrier

[Intron]

Deleting DLLs is not the right way to "minimize the system". What you want to do is turn off unneeded services, not blow holes in your OS. Linux would fail just as badly if to turn off services you started deleting the contents of /usr/lib instead of disabling daemons in /etc/init.d.