Do I really need antivirus programs running?

Yeah, I went out on that site, plus http://www.av-test.org/en/home/. To be honest, afterwards I was even more confused about AV software then I had been before. I think, reading reviews of MSE back in the early days, they've gotten worse. Version 4 doesn't seem as good at detection as version 2.5, which was rated a lot higher. Too bad as I have always thought of it as one of Microsoft's better products, especially for the price. Reading on those sites, it seems like Webroot would be a good deal. I like that it's so small and fast. I don't care for the price, as I don't really think AV is worth more then $20 per license, per year, but I might see if there's a special sometime...
 
Yeah, I went out on that site, plus http://www.av-test.org/en/home/. To be honest, afterwards I was even more confused about AV software then I had been before. I think, reading reviews of MSE back in the early days, they've gotten worse. Version 4 doesn't seem as good at detection as version 2.5, which was rated a lot higher. Too bad as I have always thought of it as one of Microsoft's better products, especially for the price. Reading on those sites, it seems like Webroot would be a good deal. I like that it's so small and fast. I don't care for the price, as I don't really think AV is worth more then $20 per license, per year, but I might see if there's a special sometime...

No, Webroot would be terrible. It had less than an 80% detection rate and found 210 FPs.

G Data would seem to be a good deal.

But then again this is a malware test and MSE is lousy at finding malware, if you want malware protection pick up Malwarebytes for 20 bucks, or get the free version and scan every week or day or w/e
 
No, Webroot would be terrible. It had less than an 80% detection rate and found 210 FPs.

G Data would seem to be a good deal.

But then again this is a malware test and MSE is lousy at finding malware, if you want malware protection pick up Malwarebytes for 20 bucks, or get the free version and scan every week or day or w/e

Heh, make sure you read all my comments in this thread, not just one ;)

I advocate running Malwarebytes and SuperAntiSpyware both on a weekly basis. As for what I use, I'm going to continue to use MSE, but run my antimalware scans more frequently. Any good utilities for seeing if your PC is infected, outside of AV and AM tools? Just curious if the layers I'm running will be enough or if I should run something once a month to verify.
 
Microsoft Safety Scanner is an off-line scanner, Avira has a free one as well. Mark Russinovich has a Root Kit detector utility.
In my experience, the offline scan is going to catch everything- most root-kits included. The key is pro-active scanning with a competent A/V-A/M. Free versions of MalwareBytes and SuperAnti-Spyware are reactive- your system must be infected first. Stay pro-active to keep your system from being borked in the first place, and leave re-active to off-line scans.
Windows Vista or 7 along with the latest version of IE and a competent A/M will give you all the protection you need. Keeping up on Windows updates and updates for Reader, Flash, and Java are a must as well.
Anything more is just diminishing returns.
 
Heh, make sure you read all my comments in this thread, not just one ;)

I advocate running Malwarebytes and SuperAntiSpyware both on a weekly basis. As for what I use, I'm going to continue to use MSE, but run my antimalware scans more frequently. Any good utilities for seeing if your PC is infected, outside of AV and AM tools? Just curious if the layers I'm running will be enough or if I should run something once a month to verify.

Spybot is another good scanning and preventative tool.
 
Spybot is another good scanning and preventative tool.

I used to use that in the past, along with AdAware, but I haven't used either of those programs in years. If Spybot is still useful, I might have to try it again sometime.
 
I used to use that in the past, along with AdAware, but I haven't used either of those programs in years. If Spybot is still useful, I might have to try it again sometime.

Adware was better than it is now, and far more relevant, about 5+ years ago, but it was definitely good for it's day.
Yes, Spybot can still get the job done, but it complements AV programs more than just running it on its own.
 
Get:

MSE
ESET Scanner
Malware Bytes
Spybot S&D
Kranspersky TDSS killer

Should be able to protect you from anything. Of that list, MSE is the only one to run in the background.
 
It is not like only suspect sites have security issues. Some of the biggest organizations in the world have been hacked in the last 10 years. Who do you think has better security someone like sony or some random hard forum you goto?

I have had my AV trigger at places like tech bargains and tech savvy websites I have been visiting for years. Sometimes they get compromised, especially since hackers often get intimate with websites that other tech savvy people visit for various reasons.

The other thing is how do you know you have not had a virus without any sort of scanner? Now days are not like the old days when a virus would cripple your machine just for the fun of it. Now days malware is designed to not allow you to notice slow downs and hide itself in any way possible. With AV software you are letting the experts keep up with the trends and be one more layer of security beyond UAC for you.
 
Havent been using any AV for years, but I'm also over the point of browsing wierd websites, if I got unlucky anyway I had also become skilled enough to get rid of it myself.

But since I stopped installing Java I havent had a single virus, and I can be without the websites that require it.[/QUOTE

I agree with buster I was running MSE and bam I got a fake antivirus not a word from MSE
it was then I understood they are not virus's but malware. Just using Malwarebytes Pro with website blocking turned on is the way to go.I repair computers and on customers I install MSE and Malwarebytes.On my own I found that no antivirus will protect you from being stupid on the internets. No Java for me (except Espresso) No useless programs on my PC.
 
Except it sucks up resources and is unnecessary :rolleyes:
Have a virus?WIpe your hdd and do a fresh install :D

This. x1000

I make enough backups and make sure the data i need is NOT on my C: drive. If i feel i have a virus, i download MSE, and use it then, if i got a virus, BAM, re-install. Fuck-it, who knows if that or any antivirus program can even detect all the threats. Not worth the future issues. I'll reinstall. not that big of a deal.

In fact, what i really have is a image of a perfect re-install of my current setup, just dated maybe a month and a half. Normally image every month after all virus checks, blah blah...

And, I havn't got a virus in 4+ years...
 
The true(near zero) value of blacklisting, aka AV software(really it should be called AM software, since, as mentioned elsewhere actual computer viruses, are all but extinct), is demonstrated by a simple thought experiment:

You're finishing up your new malware package, it's feature complete, you have a zero day or 3 ready to deliver your payload.
Q: What's the last thing you do before you release it into the wild?
A: Make sure none of the popular AV programs detect it.


Regular backups are far more important than AV software. I've been pwned twice in the last 20 years, once it was a zero day IE+win2k exploit. None of the popular AV software had a signature for it. I went through the work of isolating and reporting that one. Of course it was just a slight variation of an already existing virus, but that slight variation is usually enough to get through the blacklist.

The other time, it was one of the fake AVs, I don't remember the exact details, but I think I isolated it and at the time I was infected, only a handful of the AV engines had signatures for it.

Both times I restored from backup and went on my merry way.


AV software can only protect you from the wide spread, and usually not terribly dangerous, but rather more annoying threats, a backup protects against these even better. AV software does virtually nothing against targeted attacks using custom malware. As an example, Flame was out in the world for ~2 years before any AV software had signatures for it.

Another argument against AV software is that it adds more code to the system, which simply increases the attack surface. There have been plenty of pieces of malware, which exploited flaws in the AV software itself, to execute their payload. This problem is made worse by companies standardizing on one AV suite, or by one AV suite becoming dominate in the marketplace.
 
This. x1000

I make enough backups and make sure the data i need is NOT on my C: drive. If i feel i have a virus, i download MSE, and use it then, if i got a virus, BAM, re-install. Fuck-it, who knows if that or any antivirus program can even detect all the threats. Not worth the future issues. I'll reinstall. not that big of a deal.

In fact, what i really have is a image of a perfect re-install of my current setup, just dated maybe a month and a half. Normally image every month after all virus checks, blah blah...

And, I havn't got a virus in 4+ years...

If you're scanning with MSE there is no way that you would know. That program has some of the worst file detection rates of any AV on the market.
 
I don't run traditional AV software in the "It runs in the background constantly scanning". I use Hitman Pro set to boot scan mode.

On my work PC (all it does is VPN, no surfing) I have MSE + MBAM for the express purpose I didn't wanna f around with work stuff. Otherwise, it'd run naked also.

The only virus I got in almost 30 years that I couldn't clean, was one I stupidly gave myself. I looked at filename and thought it was an MP3, wasn't, was an EXE. Within a few moments it had basically created so many files on my system by replication that my system couldn't even boot.

Wiped and reinstalled then, past that, I get paid to battle the things listed here, I'm overly cautious about things.
 
Probably that you NERDS dont have a GF/BF or friends or family that sometimes use your computers, but I do, and I use a AV, here is my 2 cents.

Just because other people have access to my computers sometimes when I cook or drink with some friends who want to play some music, movie or when my mom is visiting me and she want to use one of my computers, it reminds me that not everyone have the same I.T level.

Sandboxing is not going to protect pcs for a longtime, it doesn't mean that there is no or few documented cases, that there is no threat. There is security experts that are steps forward in malware design, like vupen. Same thing for Linux, OsX, even BSD.

I have seen much I.T techs, admins and even real Engineers says : LOL no need to protect our mail server, it runs on linux...

The BSD cluster was compromised last week or so, nothing was to be worried for some cases but they recommended a OS wipe for other cases just because they didn't have the certainty that some packages were not compromised.

I have done some testing in the past, on how to compromise WSUS. Just a what if, what if Windows Update or WSUS was to be compromised for one day ? Is a AV could prevent the install of a compromised patch...perhaps.

As I work with professionals like the bar association, engineers, doctors, they have regulations on minimal security must be implemented on workstations. In the case they got hacked, they can say that they at least tried at best to secure the PC. Its out of the question to say that we didnt secure a PC, because the user is a careful surfer. It should be the same way for a home PC.

http://www.freebsd.org/news/2012-compromise.html
http://arstechnica.com/security/2012/08/crisis-espionage-malware-targets-virtual-machines/
 
since when is M$ products decent? i would NEVER use MSE even if it is free theres avg, antivir, kapersky etc
 
MSE has been better than AVG for me, AVG killed a bunch of computers at work on an update, and it hasn't stopped alot of viruses.
 
since when is M$ products decent? i would NEVER use MSE even if it is free theres avg, antivir, kapersky etc

lol, I don't like Microsoft, but I do have to say that MSE and Defender (Win8) are so much better than everything you just listed.
So much bad info.

The only other two I would even begin to recommend outside of MSE would be ESET or Sophos.

AVG, lulz noob. :D
 
Just heard from someone who installed AVG and their system got hit with the babylon virus within the week.
AVG is on par with Norton and McAfee.
 
Umm, no. Its been doing pretty shitty for months. Even 2.1 didn't do very well almost a year ago according to av-test.

Hmmm... I guess I was thinking back further then that. When it did so badly in recent tests I switched over to Avast. I've also hardened my system pretty well and continue to scan weekly with other scanners, so I feel relatively safe.
 
According to AV Comparitives then only thing MSE excels at is low false positives. Detection rates and real-world are beat by the products pspuria listed.

File Detection Test of Malicious Software (PDF)
Summary Report 2012 (PDF)

I am by no way discrediting MSE as I use it alot and have advised other people to install it, but it does seem as of late it is slipping down.

Thanks for the link. I've never been a huge fan of MSE other than it being extremely lightweight... and I'm currently running in on a few systems. After seeing that however, I'm going to look into a few alternatives. I have been infected with MSE installed in the past... but figured it was a freak occourance. Maybe I'll go back to Nod32

Just heard from someone who installed AVG and their system got hit with the babylon virus within the week.
AVG is on par with Norton and McAfee.

According to KevinO's post, AVG is actually on par with MSE (rated worse than McAfee)
 
MSE is, by far, the most lightweight and non-annoying AV product out there. If there were a better AV product that never nagged me, was as lightweight, and could do scheduled scans I'd switch to it.

But there isn't, so I put up with MSE. If I suspect something is amiss and MSE isn't catching it, I'll run full scans with MSE, SAS, and Malwarebytes in safe mode. If that turns up nothing and I still suspect I'll install another AV product to do a full scan. If that picks it up and cleans it, yay. Otherwise I'm just reinstalling.
 
I look at AV's this way, you can load it on your machine and it will give you some sort of "peace of mind". Honestly no AV is going to find "zero day threats" the way they were intended to find those threats. I use AV, personally I realize that it will not find everything and I have to understand that a lot of threats come from stupid links on facebook and searching for dumb, funny videos, or pictures.

AV's will find what was old and already out and when the manufacture gets the new signatures of the zero day threats, they will add them if they feel there application will not find those threats based on hashes and current signatures it already has to use to detect harmful things.

AV in corporate gives you pretty reports to give to management and keep compliant with user data laws, rules and regulations. What companies miss on is the fact they do not enforce rules correctly on how technology in the workplace should be used or they simply do not bother training people on bad and good things.

I could go on forever about this but, yeah!
 
My own personal antivirus involves not dealing with the most commonly exploited platforms known for distributing viruses in the first place.

I uninstalled:

Adobe Reader/Acrobat
Java
Quicktime
IE (due to ActiveX)

Those are the most common platforms for malware these days. The typical process of getting malware just by going to a site is because the malicious site's javascript loads up some malicious PDF or java applet exploit that your system fell victim to because you have a vulnerable version of reader or java installed. If you use Firefox and can effeciently use NoScript, you can make any computer nearly malware proof at the web front end. It's not going to stop some dolt from running NotAVirus.exe, but for typical drive by attacks or other active content sites, it REALLY excels. Combine NoScript and uninstall all the programs I listed and you shouldn't be getting hit by any malware unless its browser specific or flash 0day.

I'd rather secure a computer via local account priviledges as well techniques previously stated, and use logs to compare to and other as needed tools (RootRepeal) than have a resource hog antivirus with a mind of its own that hooks every little api call made in windows. That's rootkit level shit. Uninstall Reader/Acrobat, use Foxit, uninstall Java, Quicktime and so on, stop using IE so you don't have to worry about ActiveX BS. Uninstall all that garbage, use better software or don't use it at all, it's all overrated.
 
Last edited:
the only reason i run AV is b/c MSE is free and unobtrusive. I didnt run AV on my own PCs until MSE came out for Win7 and ive only had 3 viruses ever, and all 3 were files/torrents i DLed from shady sites that i double-clicked to open knowing they were probably viruses.

if u know what to look for and avoid it's really not hard. use Chrome, ad block plus, and use the least-shady pron sites as possible. read comments on torrents before DLing (music files never end in .exe). so having used computers for 15 years the only 3 viruses ive ever had were files i clicked thinking they could be viruses. just be informed.

that being said, there's really no reason not to use MSE at this point. it takes 0 resources and even if it sucks as an actual AV program, it will probably identify most malware you download and try to run.
 
I look at AV's this way, you can load it on your machine and it will give you some sort of "peace of mind". Honestly no AV is going to find "zero day threats" the way they were intended to find those threats. I use AV, personally I realize that it will not find everything and I have to understand that a lot of threats come from stupid links on facebook and searching for dumb, funny videos, or pictures.

AV's will find what was old and already out and when the manufacture gets the new signatures of the zero day threats, they will add them if they feel there application will not find those threats based on hashes and current signatures it already has to use to detect harmful things.

AV in corporate gives you pretty reports to give to management and keep compliant with user data laws, rules and regulations. What companies miss on is the fact they do not enforce rules correctly on how technology in the workplace should be used or they simply do not bother training people on bad and good things.

I could go on forever about this but, yeah!

Or, you know, you could just not use Windows.
 
for some i have seen, MSE would be better than what some places use, either nothing or McCrappy.
 
Dude, the only rival, OSX, sucks, and has security problems.

I forgot, nearly everyone in the world is an iTool or MSlave who enjoys mindless computing.
Well I and my five other Linux brethren will continue our quest of glory. :p
 
I forgot, nearly everyone in the world is an iTool or MSlave who enjoys mindless computing.
Well I and my five other Linux brethren will continue our quest of glory. :p

5?!? Did Stallman make you make you all make alt accounts again? :p
But, if Linux ever gets enough people, "security" will be gone (theres nothing that makes it more secure than Windows...). :D
 
Linux will never get through the mainstream, it has too high of a learning curve.
But I enjoy "custom" and "enterprise" style OSes, everyone else can keep their Win 8 and OS X 10.8 noob OSes.
 
theres nothing that makes it more secure than Windows...
Actually, yes, there is.
Sorry to rain on your parade, but with so many different distros and variations of how GNU/Linux is configured, not to mention user customizations and alterations, it would be nearly impossible to make a "mass" vulnerability through the OS itself.

To clarify, I am talking about GNU/Linux, not Droid/Linux, they are very different.
 
Back
Top