Proactive technologies are important but reactive technology will always be more "popular". Why? Because very little percent of people know what they are doing on the internet. Very little percent of people know what AV actually is, how it works, what a Firewall is, what is UAC or Smart Screen, an AdBlocker.
About HIPS, Antiexecutables, Sandboxing and Virtualization I will not even talk.
A vast majority of people need a usability with almost no interaction. Because they are not knowledgeable, and you cannot blame them as they didn't need such information in their memory. They need a product that will keep their system clean of the malware, they don't need a product that will warn about every new software they want to install. Many people are using premium phones just for Facebook, Instagram and texting for God's sake. They don't even know what megapixel is with their Carl Zeiss camera on their smartphone. They don't want to think. And why they should, when other can think for them, an AV that will tell them who is the good guy and who is the bad guy.
That's why I always try to educate people instead of installing some "for their view complicated software" to protect them.
And if you can take a survey, although cannot be conducted properly, to ask people who had been infected with malware, how did they got infected.
I would really like to see the percent of machines infected by malware without user interaction. And by that I mean (example malware downloaded from the internet) :
- An updated browser didn't warned the user of low reputation app being downloaded
- AV signatures didn't detect the malware
- The malware is selfexecuted (very unlikable) , a zero-day exploit or vulnerability?
- Your Smart Screen didn't warn you about the app
- You let UAC to elevate the privileges needed or asked by malware
Then I cannot blame you. It's not your fault. But in any other case it is your fault.
In real world people got infected by cracking a game, patching a software they don't want to pay, watching online movies and videos with outdated browser and without adblocker, clicking next next next, ok , I agree, and BOOM an annoying asktoolbar is there, not updating Windows because it will "slow down" their computer or MS servers will find out that they cracked Windows, sharing infected USB drives between computers with no protection at all, clicking on mail attachment saying "YOU Won 1 000 000$", etc etc...
Just look sometimes at our Malware Removal Section that is a tiny tiny fraction of people infected by malware. Things will be more clearer after that.
..day by day..updates coming and sitting on my drive Why? I just accepts antivirus brings usability if you are using default deny. But many of times, AV signatures detects legit files as malware.. I pissed off from these senarios of antivirus.
