Do I really need Antivirus/Malware protection for my Vista PC?

[CraftyChicken]

As the topic asks, do I really need that stuff? The reason I ask? I've been plugging away happily on my HP notebook for about a year now. Only thing I did when I got it was to format the HDD and reinstall with a clean OEM DVD from a different computer.

Today I was advised by a family friend, who works in the IT industry for a large fortune 500 company, that I NEED protection right now. It was a lively debate, he told me Vista wasn’t up to snuff, I told him my productivity has never been higher. He said I was crazy, I said maybe since I am a Mac user as well, and we all know how *they* are. He again said I was crazy, and I said "What, crazy for not having paranoid breakdowns over internet security."

Now, the reason I didn’t install security before was because my on Vista desktop I was raked with false-positives and system slowdowns from various anti-virus programs. So when upgrading to the notebook, I decided I was through with all that unless proved a real necessity. Am I I'm crazy for not putting at least free ant-virus and anti-malware, avast! and spybot, as he suggests? I went ahead and installed those programs and did full system scans with each, both turned up 0 hits. Thinking something was wrong, I tried some trials of complete suites and various other programs which yielded the same results. Now I’m thinking I did more damage installing and uninstalling all these security apps that does who knows what to the system, then actualling running my system a whole year without them.

In my XP days I used Kaspersky alongside Spybot and even with regular updates and scans I always seemed to have something get through. So, what’s the deal? I have no way to tell for sure if Vista is indeed more secure but I do get that feeling of secuirty, however perhaps it is false-security that I'm feeling.

Does anyone else run Vista with only its basic, default security, Windows Firewall. And can anyone point me to some hard evidence that shows Vista is vulnerable to serious malware.

 

[XOR != OR]

Yes, you need AV protection. You said so yourself; you had an AV package and a Anti-spyware package, and stuff still got through.

I recommend Nod32 ( as do many others here ). It's one of the best and lowest resource AV packages out now.

btw; this isn't about productivity. Think about all that you do from your system. How would you feel if any data that passed through your system got out ( credit cards, bank info, ect... )? Further, a zombied box can spew out thousands of emails a minute. While you may not care about that ( although us admins would kindly appreciate you people keeping your shit secured and off our mail servers ), that's a significant chunk of your processor and bandwidth gone. ( mainly bandwidth )

So yes, you need an AV package.

 

[walkman]

You might take a look at the recent thread that lists people's choices for vista: http://www.hardforum.com/showthread.php?t=1373305

 

[ambientZ]

I think as long as you're using an alternate browser (firefox, opera,etc) and not IE. Have your machine behind a home router and dont open unknown executables, you should be reasonably secure with vista as long as you keep up to date on your windows updates.

Now if you bittorrent/fileshare/etc all bets are off and you should get an AV setup.

 

[CraftyChicken]

So things have changed enough that nod32/kaspersky/whatever don't deal out numerous false positives as they did in 2007 on Vista?

The reason I posed this in the Operating Systems forum and not the Security Forum as I was really trying to see if any Vista users out there run without antivirus aswell and have had no problems.

Since my conversation last week I've had AVG free running, and 2 complete scans have yielded nothing, but the silly program has poppedmany times with false positives. Maybe it's the nature of the programs I'm running, but for whatever reason antivirus apps don't like my computer. I just worry these things cause more harm than they prevent, kind of like a self fulfilling cycle. Afterall, would they be in business if security were not an issue?

On the other had, I do remember telling my Mac buddied that they're nuts for not using antivirus on their boxes. Perhaps what's good for the goose...

 

[XOR != OR]

AVG sucks, which I think is part of the problem.

 

[Joe Average]

According to the latest AV-Comparitives test (from about 2 weeks ago), NOD32 has finally reclaimed the top spot on their comparison tests (PDF link here. At first the test results look a bit skewed, but the initial results are only the first week of reported results; for the entire completed test as of November 29th (when the PDF was updated), they gave NOD32 yet another Advanced+ rating, one of a shitload that NOD32 has earned over the years, and the only one for November which puts it back on top.

Avira is still showing strong as well, but the results are for their commercial product and not their free version. Considering in the Hot Deals thread there's a post as of today for Newegg selling NOD32 v3 for $10 + shipping, I'd say that is still the AV software to get... been saying that for years, nice to see they've reclaimed the top spot once more.

As for malware protection, the front line of defense is a better browser than just vanilla IE, even in Vista. Firefox 3 using the NoScript addon is the pre-eminent solution for stopping initial infections/problems, period. Where you take it from there is up to you. If you must use IE7, get the IE7Pro addon which gives IE7 a boost it needs in terms of popup blocking and other tools that make it close to the browser it should have been in the first place.

 

[MrFace]

No, just be a smart user.

 

[Dan_D]

Yes.

 

[Joe Average]

I just love the dichotomy between those last two posts... priceless. Anyone can be a "smart user," but the intelligent ones are the ones that know better. Intelligent people do stupid things all the time... but smart ones know better too.

 

[Dan_D]

I just love the dichotomy between those last two posts... priceless. Anyone can be a "smart user," but the intelligent ones are the ones that know better. Intelligent people do stupid things all the time... but smart ones know better too.

While being a smart user is absolutely vital to reducing the amount of problems you'll have, going with that as your prevention plan alone is a very bad idea. Not having AV is like walking the tight rope without a net. You could do it 100 times and be ok but all it takes is once and you are fucked. These days AV programs are fairly light weight and with mutliple cores in our CPUs and better thread handling in the newer operating systems there really is no reason not to go ahead and run something like AVG Free. It is free and it protects your system. You won't even notice it is there most of the time. Why not use it?

 

[Joe Average]

I'm sorry, but as one of the most diehard supporters of NOD32 around this forum (if not the foremost), did I somehow just get the reputation that I don't believe in using AV software? Come on... lighten up a bit, you folks really need to take a break from this place sometimes.

And I've been using and continue to use NOD32 v2.7 since it's paid for and does the job perfectly, just for the record. And Firefox 3, of course.

My point was directed primarily at that other poster: we (meaning regulars around here for a long long time - and my current status is misleading as noted in the past) have seen countless threads with even more posts where someone - whoever it happens to be - takes the stance that being a "smart user" is enough to protect them from everything they could possibly encounter when being online with their personal computers.

And of course, we've seen countless situations where such beliefs and pigheaded stubbornness end up being the exact opposite of "smart' in the first place. So, there is no one solution to the issues that people using computers online in today's world can protect them. And protection, the best protection, is being proactive and not passive. "Smart users" know better, hence they do some research and actually find the products that do the job correctly and are worth the cost.

Your average Joe computer owner (not me, I assure you) would get PC Magazine and see it says "Norton AV is a great product" after getting past the 20+ pages of Symantec ads in the magazine and the unconscious bombardment of those ads they weren't consciously paying attention to (been studying psychology and such fields for decades now) does have an effect on them, hence they feel like they're "safe and protected" by the Norton AV that came on their PC, even though they can't figure out why that box keeps popping up telling 'em they need to pay more money to be "safe and protected."

Dem's just the facts, folks... I've always said Intelligent and Smart are not related. You can be a highly intelligent person and yet do incredibly stupid things. Intelligence is a measure of how well you can and do adapt to new situations and information - it's not a measure of how "smart" you are which cannot be measured in any adequate way. I know a lot of very highly intelligent people that do some awfully stupid things every single day - like smoking, doing drugs, etc. Sorry, dem's just the facts also. (off on a tangent there to make a point, stick with it)

Being a "smart user" would automagically imply using AV software and malware protection - best in the form of a proper browser that stops such things COLD without the need to run additional software that supposedly spots and stops problems. If the browser can stop such problems from ever occurring in the first place, there is no need to run software to fix the problem after the fact. So many don't get this and I can't figure out why. Prevention is the #1 solution in the first place, not "fix it after it happens."

A proper browser - aka not vanilla IE - is what's required. Maybe IE8 will do better once it's finalized, but I still have issues with it myself, even in Win7 at the moment. They're making so many good changes to Windows that I actually find useful and I like for a change, but IE is still shitty crappy oh-god-why-can't-they-just-do-it-right-this-time IE, unfortunately.

I hope someone that lit a fire under Redmond's ass recently does the same for the IE developers because they damned sure need it.

 

[Dan_D]

My comments were generalized and not directed at you. I appologize if you thought they were directed at you. My intention was more to elaborate on why I gave the opinion I did.

 

[Joe Average]

My comments were generalized and not directed at you. I appologize if you thought they were directed at you. My intention was more to elaborate on why I gave the opinion I did.

I got that, really, I did. See what I mean about taking a break?

 

[CraftyChicken]

Well, Nod32 did the job just fine. My specific problem is related towards some fairly obscure scientific programs that are causing all kinds of problems with the newest security suites. I'm sure it's my programs and not the security software, as they have a slow development cycle, some haven't been touched in years, and definetly don't keep up with the latest programming/security trends . The newest AVG and Kaspersky suites absolutly hated them.

However, the nod32 trial worked just fine, letting those programs run and do their thing without silly popups. I still believe Vista is secure enough with UAC to prevent a lot of the serious attacks, but better safe then sorry. Heck, even the front page of Hardocp has a link to a story of an IE7 vulnerability that only affects XP.

I'm still intersted if anyone knows of some site that does a fair comparision of Vista Security to XP. It sure seems like the O/S got a bad rap from the get-go.

 

[dbwillis]

you cant go wrong when nod32 is $9.99 from Newegg!!!!

 

[DeathFromBelow]

I feel perfectly safe running 64-bit Vista without an antivirus, but I still use one since I'm frequently connected to my school's network. God knows what's floating around on there.

 

[Zero82z]

Avira is still showing strong as well, but the results are for their commercial product and not their free version.

The free version still uses the same virus definitions as the paid one, so that has no impact on detection rates. For someone who can't be assed to actually pay for an A/V program, Avira is at the top of the list.

 

[Forceman]

you cant go wrong when nod32 is $9.99 from Newegg!!!!

Where is it $9.99 from Newegg? I just checked and it was $29.99. Did I miss a Hot Deal or something?

 

[Zero82z]

Where is it $9.99 from Newegg? I just checked and it was $29.99. Did I miss a Hot Deal or something?

http://www.hardforum.com/showthread.php?t=1374035

 

[Joe Average]

Where is it $9.99 from Newegg? I just checked and it was $29.99. Did I miss a Hot Deal or something?

It is $29.99 but using the coupon code in that post gives another $20 off. Not sure if that coupon expires or has a limited use cycle, only one way to find out.

 

[Ranma_Sao]

Yes. 2007 beat all previous years combined for new malware samples, and I don't have the numbers yet, but I wouldn't be surprised to see 2008 beat 2007 and all previous years combined. There is a ton of malware out there.

The posts about use Firefox and avoid IE also bother me. In Vista, if the user left UAC on, IE is definitely more secure then firefox. (If UAC is off, it's a crap shoot which one is more secure.)

Almost all samples of malware I've investigated in the last year, haven't really exploited anything but the user. Game PWS are also at an all time high this year. (http://blogs.technet.com/mmpc/archi...-protect-you-from-game-password-stealers.aspx my blog post) I have browsed many high profile sites, and watched OneCare start going crazy, as an advertisement server the high profile site uses got compromised.

I am a firm believer in Defense in Depth. Have a firewall at the edge, have a security guard on the computer (antimalware software), locked doors between bldgs, (limited privledges), backups, etc... Every user has to decide how secure they want their computer to be, and what level of risk they're willing to accept.

This posting is provided "AS IS" with no warranties, and confers no rights.
​

 

[TechieSooner]

Firefox 3 using the NoScript addon is the pre-eminent solution for stopping initial infections/problems, period.

For once, I've got to disagree with you.

IE7's got UAC and is sandboxed. Firefox 3 still has its issues.
NoScript also puts you in a little hurt from a convenience standpoint, blocking all scripts out the door is a major PITA... There are many legit websites that use them.

But mainly, the whole UAC factor.
I don't know how one could consider a third party browser with out it more secure.

 

[Joe Average]

What makes you think malicious code from scripting would have any better chance of executing with UAC enabled in Vista than without just because you're using Firefox? That makes no sense to me as UAC is system-wide and not just enabled for the default applications that come with Vista itself, i.e. IE (yeah yeah).

If I pick a malicious site at random and visit it with IE7 in Vista with UAC enabled or Firefox 3 with NoScript (updated, of course) and UAC enabled neither one of them stands any better chance of allowing an infection or malicious activity; they're effectively equal as an end result in my experience and testing, which is nothing happens. And believe me, I've come across some really questionable sites during such testing that are downright nasty².

 

[TechieSooner]

If I pick a malicious site at random and visit it with IE7 in Vista with UAC enabled or Firefox 3 with NoScript (updated, of course) and UAC enabled neither one of them stands any better chance of allowing an infection or malicious activity; they're effectively equal as an end result in my experience and testing, which is nothing happens. And believe me, I've come across some really questionable sites during such testing that are downright nasty².

There, highlighted per say, is the whole flaw of that argument.
Zero-day stuff.

It's the same reason why you don't just say, "An updated AV that blocks most avenues malware travels through will stop just as well as UAC". I realize it'd be harder to do than just scripts in a browser but it's still an example.

Zero-day. 'nuff said.

 

[Joe Average]

There, highlighted per say, is the whole flaw of that argument.
Zero-day stuff.

It's the same reason why you don't just say, "An updated AV that blocks most avenues malware travels through will stop just as well as UAC". I realize it'd be harder to do than just scripts in a browser but it's still an example.

Zero-day. 'nuff said.

Yes but note that I said UAC was operational, even when using Firefox. I'm not telling people not to use IE7, never said that, never even hinted or implied it.

UAC is awesome for what it is, but it ain't perfect. Given time, someone will find a flaw in it if for no other reason than because they're a no-life loser with too much talent on their hands and a bad social life which turns out to be where most of the malicious stuff comes from.

 

[TechieSooner]

Yes but note that I said UAC was operational, even when using Firefox. I'm not telling people not to use IE7, never said that, never even hinted or implied it.

Fair enough, but I'd still say Sandboxed IE is safer at stopping it from hitting anywhere on your PC than a non-sandboxed FF3.

UAC is awesome for what it is, but it ain't perfect. Given time, someone will find a flaw in it if for no other reason than because they're a no-life loser with too much talent on their hands and a bad social life which turns out to be where most of the malicious stuff comes from.

You're more optimistic about that than I am. Nobody has been able to do it yet. It'd be a programming flaw that they would have to exploit, as UAC in itself, unless already compromised, is virtually bulletproof.
We'll see. I'd expect by the time Windows 8 comes around someone might get into Vista's UAC

 

[Ranma_Sao]

What makes you think malicious code from scripting would have any better chance of executing with UAC enabled in Vista than without just because you're using Firefox? That makes no sense to me as UAC is system-wide and not just enabled for the default applications that come with Vista itself, i.e. IE (yeah yeah).

If I pick a malicious site at random and visit it with IE7 in Vista with UAC enabled or Firefox 3 with NoScript (updated, of course) and UAC enabled neither one of them stands any better chance of allowing an infection or malicious activity; they're effectively equal as an end result in my experience and testing, which is nothing happens. And believe me, I've come across some really questionable sites during such testing that are downright nasty².

Because IE takes it one step further with UAC on. It runs with really low rights, firefox is running with standard rights.

Are they both secure, probably, is one more secure then the other? Definitely.


This posting is provided "AS IS" with no warranties, and confers no rights.

 

[walkman]

FWIW, MaximumPC just published a head to head comparison of the top anti-virus software packages - free and paid.

 

[nitrobass24]

I know im going to get flamed for this, but I dont run AV or Malware software and i dont plan to(on my PC's).

I dont download stuff that I dont know what it is. If i want to test something out I do it in a VM.
I keep all my documents and data on my Server(which has Symantec). I have restore images of all my computers so if something were to happen id just do a restore which takes 15 minutes max cause all my boot partitions are only 32GB max.

 

[DeaconFrost]

It is a sad sad day for the state of the internet when people honestly believe that they are safe from malware because of their own computing knowledge.

 

[Gott]

It is a sad sad day for the state of the internet when people honestly believe that they are safe from malware because of their own computing knowledge.

I think it's the, "It can't happen to me" syndrome.

 

[TechieSooner]

I know im going to get flamed for this

So, if you know you're going to get something started, why post it? Doesn't that classify you as a troll?

I think it's the, "It can't happen to me" syndrome.

Tell that to anyone that had their home broken into as well, lol...
Only AFTER they lost all their stuff do they get an alarm system.

 

[DeaconFrost]

I know im going to get flamed for this...

Man, these arguments get easier and easier to debunk each day. So, let's just say you happen to get infected with some malware meant to steal passwords, information, etc? How would your re-imaging fix this? How would only running AV software on your server prevent this?

Honestly, is it that difficult to understand, all the various ways that a computer can be affected...that we still have people thinking this? It is NO WONDER why identity theft is so prevelant in our society.

 

[DeathFromBelow]

So, if you know you're going to get something started, why post it? Doesn't that classify you as a troll?

I think its reasonable to not run an anti virus if you reinstall Windows frequently and browse in a VM. He stores his important data on a server that does have an anti virus. It may not be the most practical or safe system, but its not bad.

Who's trolling here?

 

[DeaconFrost]

I think its reasonable to not run an anti virus if you reinstall Windows frequently and browse in a VM. He stores his important data on a server that does have an anti virus.

It isn't reasonable at all, if you look at how many different ways a system can be infected. If you want to get into what's reasonable, take your head out of the sand, read up on infection methods, and then go get some AV software.

 

[DeathFromBelow]

It isn't reasonable at all, if you look at how many different ways a system can be infected. If you want to get into what's reasonable, take your head out of the sand, read up on infection methods, and then go get some AV software.

I'm well aware of the risks. My point was that if your wiping the machine every couple of months and have your important data stored in a protected place then it really doesn't matter, especially if you're running a relatively safe OS like 64-bit Vista and running your web browser/new programs in a vm sandbox.

Even if you do get an infection it doesn't matter, you're going to wipe the drive anyway.

 

[TechieSooner]

I think its reasonable to not run an anti virus if you reinstall Windows frequently and browse in a VM. He stores his important data on a server that does have an anti virus. It may not be the most practical or safe system, but its not bad.

My point was that if your wiping the machine every couple of months and have your important data stored in a protected place then it really doesn't matter

All malware isn't out to destroy your data. Those days are in my opinion long gone.

The "nasty" malware nowadays is collecting your paypal logons, bank account information, and other things like this. It transmits it out the door without your knowledge, and is silent. Some of it even removes itself after a period of time...

So yes, it's unreasonable.

 

[DeaconFrost]

Yep, keep telling yourself that when you get an info-stealer that was dropped on your PC from a graphic file on a legit website, and someone ends up on a shopping spree on your account. And yes...it can happen, and has, to people who are close to me, and who "know what they are doing".

 

[DeathFromBelow]

All malware isn't out to destroy your data. Those days are in my opinion long gone.

The "nasty" malware nowadays is collecting your paypal logons, bank account information, and other things like this. It transmits it out the door without your knowledge, and is silent. Some of it even removes itself after a period of time...

So yes, it's unreasonable.

If you don't use the unprotected machine for sensitive info then it doesn't matter.

Yep, keep telling yourself that when you get an info-stealer that was dropped on your PC from a graphic file on a legit website, and someone ends up on a shopping spree on your account. And yes...it can happen, and has, to people who are close to me, and who "know what they are doing".

I use an AV.